I've set up different port than default to access remote server via SSH and also disabled password login (pubkey enabled), in /etc/hosts.deny enabled ALL: PARANOID. Anything more to increase security or is this enough?
@nikolal@m10q I have a nice set-up where SSH is only available on the WireGuard interface, via an Authenticated Tor Hidden Service, or using port-knocking.
Usually use the WireGuard one, the otehr two are failsafes.
