To mitigate the effort to maintain my personal server, I am considering to only expose ssh port to the outside and use its socks proxy to reach other services. is Portknocking enough to reduce surface of attack to the minimum?

  • Morgikan@lemm.ee
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    1 year ago

    A VPN would give you access to a network, but not necessarily the devices on that network. It adds another layer of security as the user not only has to have SSH credentials/keys, but they also have to have the same for the VPN. SSH and VPNs would really be used in conjunction with each other.

    It’s onion security.