Still no. Here’s the reasoning: A well known SSHd is the most secure codebase you’ll find out there. With key-based login only, it’s not possible to brute force entry. Thus, changing port or running fail2ban doesn’t add anything to the security of your system, it just gets rid of bot login log entries and some - very minimal - resource usage.

If there’s a public SSHd exploit out, attackers will portscan and and find your SSHd anyway. If there’s a 0-day out it’s the same.

(your points 4 and 5 are outside the scope of the SSH discussion)

Feel free to argue with facts. Hardening systems is my job.

This is not “the correct answer”. There’s absolutely nothing wrong with “exposing” SSH.

A few replies here give the correct advice. Others are just way off.

To those of you who wrote anything else than “disable passwords, use key based login only and you’re good” - please spend more time learning the subject before offering up advice to others.

(fail2ban is nice to run in addition, I do so myself, but it’s more for to stop wasting resources than having to do with security since no one is bruteforcing keys)

Regardless whether you want to pretend that not caring about Mastodon is a valid defense when implementing software using the ActivityPub protocol, that still doesn’t change anything regarding how Dansup handled the disclosure of the effects it had.

Matrix is a decentralized platform with the same level of security/encryption as Signal. Being decentralized you can run your own server, and chat with others on other servers.

It supports groups, voice, streams etc - similar to Discord/Slack/Teams etc.

Open source. Multiple different server and client implementations. Mobile platforms, “all” operating systems, and with bridges so you can have your IRC, Telegram, Slack, FB Messenger etc channels go to your Matrix account/server.

Telegram is not a secure messenger.

Yes to multiple platforms, groups etc.

Isn’t that a client side issue though? Element is just one Matrix client. I haven’t used it myself but heard from others that Fluffychat (another Matrix client) is more like Discord.

FWIW it’s very common now to see at least open source projects run their own Matrix channels instead of Discord/IRC/xxx.

(I see in other comments that there’s some confusion regarding Element and Matrix. Element is a client, Matrix is the protocol. Yes, Element-the-company does their best to add to this confusion)

People who downvote are encouraged to take Statistics 101.

<3

Margin of error above 3%. Non-story.

That sounds problematic. Where do they detail this?

Wikipedia:

Google Safe Browsing “conducts client-side checks. If a website looks suspicious, it sends a subset of likely phishing and social engineering terms found on the page to Google to obtain additional information available from Google’s servers on whether the website should be considered malicious”.

But why are random people visiting your instance?

If you were just selfhosting services for you and your family, would really browsers be flagging your site?

Yes. A room with a bunch of stalls and sinks.

European type stalls that is, floor to ceiling, real doors.

… if you configure to use their lookup server.

I don’t consider those comments regarding Matrix as problematic. Don’t use someone else’s server if you don’t trust them - including a third party lookup server.

/selfhosting Matrix

I’m sure New York Times made sure to poll few enough people to get what they wanted with their … checks article …

The margin of error in each state is between four and five percentage points.

So, Statistics 101, which surely no journalist has ever taken, says we can’t say anything about anyone leading anyone else here.

Ok then.

Just clarifying for the ones who don’t know: Element is a Matrix client.

The Oxygen catastrophe. Without it I wouldn’t exist.