Originally I'd change the SSH port, obviously only allow pubkey based auth.
Now however, I do everything over wireguard. Every device has Wireguard Access and depending on that different rules what they can access.
Originally I'd change the SSH port, obviously only allow pubkey based auth.
Now however, I do everything over wireguard. Every device has Wireguard Access and depending on that different rules what they can access.