|
|
|
|
|
|
by giobox
721 days ago
|
|
|
I mostly agree, but even this leaves you exposed to new bugs found in SSH in the future etc if on an unpatched/forgotten server. I still think its best (and really, really easy now with tools like tailscale) to simply never expose the software to the wide world in the first place and only access over Wireguard. Fundamentally, it makes no sense to expose low level server access mechanisms to anyone other than yourself/team - there is no need for this to sit listening on a public port, almost ever. |
|
|