Ask HN: Is Connecting via SSH Risky?

xhanah 2 days ago|

ditto to everything here. If you really want to you can also change the port to something random to avoid bot spam. but you shouldn't have SSH accessible directly from the internet anyway.

If you are using only keys, make sure they are managed, tracked, securely stored and backed up. The last thing you want is to have a machine die that has the only private key for your environment.

phren0logy 2 days ago||

Compared to what?

atrevbot 2 days ago||

They seem to be okay w/ only HTTP ports being open on the server (80, 443). They "found that open ports can lead to cyber claims".

wolvoleo 2 days ago|||

"Cyber claims" sounds like someone who doesn't have a clue what they are talking about.

But yeah putting it behind some kind of VPN is advisable if anything because of all the driveby nuisance attacks on ipv4.

bediger4000 2 days ago|||

That's like saying that open bottles lead to alcoholism.

DamonHD 2 days ago||

Indeed.

robertcope 2 days ago|

How else would you do it?

muppetman 2 days ago|

Wireguard and Telnet ;)