For example, I prefer to use a VPN instead of port forwarding. And I use SSH for anything I used to use an FTP for.

  • ASK_ME_ABOUT_LOOM
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    SSH key auth for terminal login, plus an nginx proxy and client cert auth on anything accessible by the outside world. I’ll expose any internal service I want because nobody is getting through the client cert auth.