To mitigate the effort to maintain my personal server, I am considering to only expose ssh port to the outside and use its socks proxy to reach other services. is Portknocking enough to reduce surface of attack to the minimum?

  • ShortN0te@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    I absolutely agree with your. It can makes sence the disable it for access control, loging, auditing, etc. .

    But when you look online or just in the comment section here lots of ppl actually recommend it as a security meassure against attackers. “Need to brute force the username as well”