It's fine, but it's a good idea to disable password authentication and only permit public key auth. Using a non-standard port helps reduce the spam in the logs a bit.
As long as you're running fail2ban there's no harm in it. Without exception you should disable root login, and ideally you should disable password login and just use keys.
When I ran fail2ban, I modified the action to ban a much larger subnet instead of just one IP. I also banned it for 24 hours. Now I run OPNsense with geo blocking and just ignore the logs. It's just noise.
Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
No memes or potato images.
We love detailed homelab builds, especially network diagrams!
Report any posts that you feel should be brought to our attention.
Is it a good idea to have SSH open to the internet?
It's fine, but it's a good idea to disable password authentication and only permit public key auth. Using a non-standard port helps reduce the spam in the logs a bit.
As long as you're running fail2ban there's no harm in it. Without exception you should disable root login, and ideally you should disable password login and just use keys.
Fail2ban does all of nothing to protect you. At best it keeps the noise in the logs down a bit.
Competent attackers tend to use a botnet, blocking and rate limiting does jack shit against 10,000 IPs.
When I ran fail2ban, I modified the action to ban a much larger subnet instead of just one IP. I also banned it for 24 hours. Now I run OPNsense with geo blocking and just ignore the logs. It's just noise.
Yes there’s nothing wrong with it. SSH autt is robust.