SSH is probably the most secure way of connecting remotely to your servers and virtual machines. However, no matter how strong the protocol is, the user and their credentials is usually the weak spot. That's why a lot of companies (the bigger, the more likely) require Multi-Factor Authentication by policy where ever possible. Here's how to set up and configure MFA with keypair and server-side password, or server-side password and Google Authenticator for SSH in FreeBSD.
Post tagged: security
Shockingly enough, whenever users ask for help with their Linux setup (RHEL, CentOS, Scientific etc), one of the most common suggestions you hear is: "Set SELinux to permissive or disable it." Honestly, if somebody can't trouble-shoot SELinux issues, they haven't got much experience. Should they be advised to disable it?