To mitigate the effort to maintain my personal server, I am considering to only expose ssh port to the outside and use its socks proxy to reach other services. is Portknocking enough to reduce surface of attack to the minimum?
I used to SSH into my server and proxy out from there. Then I learned how shit of a solution that is for daily use and set up a vpn like a normal person.