@maple@computerfairi.es And this applies outside of Mastodon, too; "run your SSHd on a non-standard port" is security theater in general. I wish people would stop recommending it...
(I've also lost count of how often people have claimed to me that "it prevents the automated scanners", them apparently not realizing that it's 2019 and said scanners will happily scan and fingerprint 1-65535...)
@maple@computerfairi.es Oh, and in addition, for those reading along: the #1 most effective thing to do for SSH security, is to set up keypair authentication and (after verifying that it works!) disabling password authentication. That one step alone will make it vanishingly unlikely that anyone will ever compromise your SSHd, even if you change absolutely nothing else.
