this post was submitted on 28 Nov 2023
3 points (100.0% liked)

Self-Hosted Main

517 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 2 years ago
MODERATORS
 

i want to remotely ssh to my home server, and I was wondering if I could just forward port 22 with disabling password login and use pubkey authentication will be safe enough?

you are viewing a single comment's thread
view the rest of the comments
[–] blusls@alien.top 1 points 1 year ago

Depending on how you will be connecting depends on how you should configure this. I would strongly suggest just setting up a Wireguard server and connect to it via VPN. At the same time, exposing the port and using a pubkey with Fail2Ban would be the next best option, while always keeping your server patched with port forwarding a different port to the stand SSH port internally.

These are the simplest ways to do this and still be secure. Again, I strongly suggest setting up a private VPN of your choosing.

WireGuard Installs - https://www.wireguard.com/install/

WireGuard Docker - https://github.com/wg-easy/wg-easy