I should install fail2ban. I already have everything else covered. I’ve only heard of fail2ban, not very familiar with it. Is it necessary if password login is disabled? Can you brute force ssh keys? I really appreciate your advice.
I only have my (non default) ssh port exposed. I just use an ssh tunnel to access all my services. I don’t know if this is a good idea or not, but it works for me.
Cool, thanks so much!