1. 3
  1. 3

    I’m using GrapheneOS’ infrastructure repo for inspiration for hardening my SSH server config: https://github.com/GrapheneOS/infrastructure/blob/main/sshd_config which seems to take things a bit further and removing legacy stuff, i.e. RSA.

    Also, I’m using AddressFamily inet6 to only listen on IPv6 which reduces the number of log entries from curious scanners.