Comment by sshine
3 months ago
I also harden my sshd_config.
I mainly disabled all legacy cryptography and types of tunnelling/forwarding that I don't rely on:
https://gist.github.com/sshine/e42ecb7f9d7432e6df331eefdd490...
I also only expose SSH on public interfaces on one machine; all other machines have SSH over VPN.
No comments yet
Contribute on Hacker News ↗