this post was submitted on 28 Nov 2023
3 points (100.0% liked)
Self-Hosted Main
517 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I would not do this, people port scan all the time and thats an easy one to look for. Try using an at home vpn like openvpn or in the very least change the ssh port to something odd like 6854 or whatever.
I have a port 22 ssh process that denies everything, and a separate ssh process on a different port that accepts logins as normal. So someone could obviously find the hidden one, but it won't be the apparently-functional one that they can hit day and night and never get any results from.
Fair enough. If you can run firewall rules then great. But opening up something like ssh to the internet is a risky risk. Cert auth is not a bad way to go in that scenario.
I agree entirely. The box I have this on is my piddle-around server. A long time ago I used to administer a medium-sized cluster of Linux boxes and they were all cert auth, and I wouldn't have had it any other way. Mostly, I think it's fun to see what usernames and passwords the scripts and bots and hackers try on my neutered SSH.