Originally I'd change the SSH port, obviously only allow pubkey based auth.
Now however, I do everything over wireguard. Every device has Wireguard Access and depending on that different rules what they can access.
Originally I'd change the SSH port, obviously only allow pubkey based auth.
Now however, I do everything over wireguard. Every device has Wireguard Access and depending on that different rules what they can access.
I'm running it inside a podman container with 16 G of RAM, with a velocity proxy etc. Should be ideal