0

First, some background: I have a web server (Linux) which I run from my house. I have a relatively small website, and have just set up SSH. While modifying the firewall, I had the choice to pick either A) Allow access from anywhere or, B) Restrict to 192.168.0.0/16. I went with option B.

I spend a lot of time outside of home, however, and this restriction is getting annoying. I know that it likely adds some extra security, so I don;t know what to do.

My question is: How (in)secure is allowing anybody to try to connect to SSH? Does the risk outweigh the benefits of being able to work away from home?

Radvylf Programs
  • 598
  • 4
  • 12
  • Please research a little before asking such question. There are tons of documents and web results that can answer your question. – tech_enthusiast Dec 14 '18 at 00:17

1 Answers1

0

The second you open up a SSH port to the public web it will have multiple brute force / default credentials attempts against it. Just automated tools trying to get access - its up to you to weigh the risks, but if you go ahead insure good security hygiene. Turn off passwords based auth - limited retries etc.

McMatty
  • 3,192
  • 1
  • 7
  • 16