Secure SSH on EC2: What are the real threats?(sysdig.com) |
Secure SSH on EC2: What are the real threats?(sysdig.com) |
So in other words, the default EC2 configuration is plenty secure, or at least as secure as anything else? And you need a whole article to explain that?
I'm so sick of compliance and security turning into this, "It's easier to say no and not think about anything than it is to actually evaluate the situation and provide a real opinion." nonsense...
Also they explicitly say they recommend, "never exposing SSH to accept connections from anywhere" despite making it clear, literally the paragraph prior, that using key pair authentication is not uniquely risky in any way.
So they do exactly what every security "expert" does, and recommend the most onerous, least functional solution because it covers their asses, rather than actually think for five seconds about the specific circumstances.