> but also don't leave SSH open to the public, especially not on :22
100%. These days, at least if you're working out of a cloud provider, there's no excuse for exposing SSH to the world on any port. AWS/GCP/Azure all have different tools to allow you to run bastion-type services without internet-facing SSH.
100%. These days, at least if you're working out of a cloud provider, there's no excuse for exposing SSH to the world on any port. AWS/GCP/Azure all have different tools to allow you to run bastion-type services without internet-facing SSH.