i want to remotely ssh to my home server, and I was wondering if I could just forward port 22 with disabling password login and use pubkey authentication will be safe enough?

  • Internal-Initial-835@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    In a word no. That’s not a port you want others sniffing around. Some isps actively block that port for security. IMHO a vpn is the best way. That way you get full access to your network as if you’re using a wired direct connection. You “can” use port 22 and you can make it pretty secure but I just wouldn’t feel safe directly exposing it when there are other ways. Imagine the access somebody could get if you do something slightly wrong or you miss a patch for a new vulnerability. Yep it’s unlikely but why risk it. Put it behind something on a none standard port rather than a port that every sniffer will poke at :)