I know what you mean about the SSH keys. I use them exclusively but I’ve never went in and turned off password authentication because, if I’m on a new machine, I need to use a password to scp my public key file.
But this is all on a home LAN.
I did make the stupid mistake of port forwarding the SSH server once. Password authentication was turned off, but the scripts obviously didn’t know that because when I checked the log files there were hundreds of denied authentication requests.
I use a VPN now. If you want, please write an article about setting up a VPN on Ubuntu.
Looking forward to your future posts!
h0neyp0t
Great !