The only thing you really need to do with SSH is to use keys with it, not passwo... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		fabian2k 89 days ago \| parent \| context \| favorite \| on: Beginner Guide to VPS Hetzner and Coolify The only thing you really need to do with SSH is to use keys with it, not passwords. That should be secure enough for almost all cases. Another layer on top is useful to remove the noise from the logs. And if you have anything aside from SSH on the server that doesn't need to be public, restricting it via a VPN or something like that is useful anyway. Most other software that listens on your server has likely much more attack surface than SSH.

hebelehubele 89 days ago | [–]

Also, change the port sshd listens to from 22 to something else. Cuts down on the noise considerably.

dan15 83 days ago | | [–]

This doesn't really matter if you disable password authentication.

justoreply 86 days ago | [–]

my sshd just listen on ipv6, no longer noise on the logs

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact