I have a basic firewall, but did not use App Armor, SELinux, or kernel blacklists. I definitely shut down port 22 just for now. It’s just a laptop daily driver. Should I do more?
Also, I’m now addicted to Arch. I’m using Hyprland with it. This means I’ve got two bleeding edge wares and that gets rough sometimes when things break. I want Arch on my desktop gaming rig though. I tired other distros but I just love Arch. Has anyone tried using Ansible to manage multiple installations? I really can’t maintain two so I was wondering if Ansible would make it easier, especially for updating.
Run SSH over Tailscale. Extremely easy to set up, and it takes away the hassle of creating + distributing keys, port forwarding, etc. All authentication and access restriction is done through easy to understand ACLs.
I use it, for example to manage a friend’s Snikket server in another country, with his server on his Tailnet shared with mine, and an SSH ACL to allow SSH access for my Tailscale user only.