Comment by ruthmarx

Comment by ruthmarx 12 hours ago

0 replies

View on Hacker News

It's convenient and fail2ban/crowdsec is generally a sufficient safeguard. Bruteforcing isn't realistic so you just have to keep an eye on vulns.

Key auth is obviously better, but password auth is not as bad as many people like to pretend.