i want to remotely ssh to my home server, and I was wondering if I could just forward port 22 with disabling password login and use pubkey authentication will be safe enough?

  • pentesticals@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    Yes but most bots are scanning for common ports. It’s far too slow to scan 65k ports on every host. Even things like shodan only scan a handful of common ports. But you can test this yourself, expose SSH on a port number in 20-40ks, I’ve seen several weeks without a single probe.

    If you’ve ever done mass scanning you know that’s minutes is not going to to be a full scan and if you are trying to do 65k ports in a few minutes, your results will not be accurate.