|
|
|
|
|
|
by trelane
807 days ago
|
|
|
I've seen this discussed a fair bit, and always the recommendation is to use wire guard and expose ssh only to the "local network" e.g. https://bugs.gentoo.org/928134#c38 First, I don't see how this works where there's a single server (e.g. colocation). Second, doesn't that just make Wireguard the new hack target? How does this actually mitigate the risk? |
|
|