Server SSH and Jupyter Notebook Security


I recently built my own DL Box and have been trying to setup OpenSSH (Ubuntu 18.04).

I have a few questions regarding this setup, specially security-wise.

SSH into Server

  1. Do I need to change my server router’s configuration to open a port for receiving the SSH calls? What is a safe way to do this to avoid intrusion?

  2. What is the best way to setup the OpenSSH server? After some research I chose to follow this tutorial to set it up in a secure way. Is there something important missing?

  3. What is the best way to establish rules for dropping unwanted requests? I found fail2ban and iptables to be the two most convincing options, is any better than the other in a decisive way?

  4. Is there any other important configuration?

While on this subject I wonder what is the best way to run Jupyter Notebook on the server.

Jupyter Notebook

  1. Until now I worked in Paperspace by SSHing, tunnelling the jupyter notebook to my localhost and accessing it with a password (like @reshama 's tutorial but with a password instead of a token).

Is it safer to use a password as validation or the automatic token? Is there any other important aspect to take into account while running the notebook?

Please feel free to answer the questions modularly, no need to know all the answers :grinning:

Thanks in advance!