For what its worth hardened wouldn't have saved you from the recent openssh RCE. It may or may not save you from the next one.
Staying on top of GLSAs and making sure that you don't misconfigure your system is probably more important.
this post was submitted on 02 Aug 2024
10 points (91.7% liked)
Gentoo Linux
501 readers
1 users here now
The Gentoo Linux community for discussions, tips and tricks, and general kernel compiling
founded 1 year ago
MODERATORS
I doubt it's an elevated risk, if you install updates and patches regularly. Make sure the VPN allows port forwarding only to whichever specific port you're running SSH on (ideally you want a random, non-default port that's not associated with a specific service).