Comment on Alternative to ClamAV?
just_another_person@lemmy.world 1 year agoKey only authentication is your easiest and safest bet. If you want something a little more elegant, look at setting up port knocking if this is a 24/7 service exposed to the public internet. Add a brute-force monitor like fail2ban or crowdsec as an added layer of protection if you want.
Alami@lemmy.world 1 year ago
Yes I do have fail2ban
just_another_person@lemmy.world 1 year ago
Yubikey as a more portable private key you don’t need to store on a single machine, or make unsafe by shipping it around.
developers.yubico.com/SSH/