[SahAssar]

If your server is on the internet with a public ssh server then it is probably providing some sort of internet service. That internet service is almost always easier to DoS than your openSSH server. If you are not providing a internet service then why is your SSH open to the internet?

[kloop]

> If you are not providing a internet service then why is your SSH open to the internet?

So that I can ssh into it from various places and do stuff on my home server from elsewhere

[SahAssar]

So you are accessing that server's services from some network, why are you not only allowing SSH over that network?

Or, if your service is open to the internet then why does not what I said above hold true?

[kloop]

I guess I am technically, but only for myself

[SahAssar]

What is the networking difference between a service for yourself that you want to access from "various places" and a public service with auth checks for your key?

[jszymborski]

Maybe the service is provided over SSH via e.g. port-forwarding (or is simply "SSH access to a server").

[SahAssar]

Sure, but are L7 attacks easier than L4 against those servers? Adding more layers/software has a cost in configuration, maintenance, attack-surface, etc.