|
|
|
|
|
|
by anon263626
3357 days ago
|
|
|
Yup. Open ports to the world is a terrible idea for anything real. This is why SSH jumpboxes (say a roundrobin pair of OpenBSD VMs with ssh rbash &| strongswan. Add secure portknocking to the pf firewall for bonus points.) Plus, there's already plenty of ways to AAA OpenSSH using puppet/chef, PAM, RFC 4255, google authenticator (via pam plugin). It's really easy to set up if you've done it before. |
|
|