To mitigate the effort to maintain my personal server, I am considering to only expose ssh port to the outside and use its socks proxy to reach other services. is Portknocking enough to reduce surface of attack to the minimum?
To mitigate the effort to maintain my personal server, I am considering to only expose ssh port to the outside and use its socks proxy to reach other services. is Portknocking enough to reduce surface of attack to the minimum?
When you have secure passwords kr key auth. Brute force is not a problem. What vulnerability are you talking about? Complete auth bypass? Then the username would be no problem either since you can just brute force usernames.