Thanks, I’m looking into it

Yes I do have fail2ban. Do you mean I could have just (example) a yubikey and no ssh password? As safe as they can be, why remove the other factor?

What’s an ssh key? Nvm I’ll research

Well fail2ban went from very active to very quiet. It is definitely worth not leaving 22 (when opening ssh is a must for different reasons)

I am not a expert in Linux, and I mostly rely on very strong passwords. I also discovered recently basic stuff like changing the default SSH port. Anyone knows of implementation of 2FA on Linux?

Aaah glad they’re still kicking! This sends me way back…, a time when burning CDs was the thing

There is this mostly French community (second language English) called yunohost (read y u no host) that provides a selfhosting solution accessible for beginners. They even offer one free domain to familiarise yourself hands on (+letsencrypt certificate). I have been using this for two years and it works well, I ran into issues but learned a lot in the process, community and devs are nice and helpful. Based on debian. https://yunohost.org/#/index_en They package most of the popular applications you’d expect for selfhosting (nextcloud, owncloud, WordPress, drupal and easily a hundred other apps)