i want to remotely ssh to my home server, and I was wondering if I could just forward port 22 with disabling password login and use pubkey authentication will be safe enough?
i want to remotely ssh to my home server, and I was wondering if I could just forward port 22 with disabling password login and use pubkey authentication will be safe enough?
Fair enough. If you can run firewall rules then great. But opening up something like ssh to the internet is a risky risk. Cert auth is not a bad way to go in that scenario.
I agree entirely. The box I have this on is my piddle-around server. A long time ago I used to administer a medium-sized cluster of Linux boxes and they were all cert auth, and I wouldn’t have had it any other way. Mostly, I think it’s fun to see what usernames and passwords the scripts and bots and hackers try on my neutered SSH.