So let’s talk about security by obscurity. It’s a bad idea to use it as a single layer of defense. If the attacker passes it, there is nothing else to protect you. But it’s actually would be good to use it as an “additional” layer of defense. Because it has a low implementation cost and it usually works well.

There are several ways of logging into a server over SSH. Methods include password login, key-based login and two-factor authentication.
Two-factor authentication is a much better type of protection. In the event that your computer gets compromised, the attacker would still need an access code to login.
In this tutorial, you will learn how to set up two-factor authentication on Debian 9 using Google Authenticator and SSH.

A couple years back we wrote a guide on how to create good OpenPGP/GnuPG keys and now it is time to write a guide on SSH keys for much of the same reasons: SSH key algorithms have evolved in past years and the keys generated by the default OpenSSH settings a few years ago are no longer considered state-of-the-art. This guide is intended both for those completely new to SSH and to those who have already been using it for years and who want to make sure they are following the latest best practices.

Configure which identity-file to use host-wide without further arguments

The story of the Unix C compiler, and the virtually invisible back-door security hole inserted into it by Ken Thompson - a story he told in his Turing award lecture..