![](https://programming.dev/pictrs/image/2e9c1b34-6e99-45de-9009-1b85b851406b.png)
![](https://lemmy.world/pictrs/image/8286e071-7449-4413-a084-1eb5242e2cf4.png)
Wireguard doesn’t send anything back if the key is not correct.
Because of this, Tailscale port swapping is inconsequential vs wireguard here.
Tailscale transfers trust of your VPN subnet to a third party, which is a real security concern.
I agree SSH service will be attacked if they are plainly exposed, out of date and allow login challenges.
Also agree that under or misconfiguration is a massive cause for security issues.
Still hang around both. But I’ve noticed I’ve had more to engage with on Lemmy lately, which is great.