[…] it can be a security risk, allowing malware to move “laterally” between all your devices.
Unless you do something incredibly stupid, such as allowing keyless login or sharing keys (or having unencrypted keys or keys without a passphrase, seriously), I find it hard to see how that would actually happen in practice.
I always have SSH everywhere on everything and I could never understand why anyone ever would want to make it more complicated than that.
Small former Gemeinschaftsanntenne in my town and surrounding villages,
Ah, I see, that really does sound like a few places I know in Graubünden that wouldn’t be all too unfair to call “godforsaken backwater” (when it comes to the internet), despite all their charm. 😉
My current provider doesn’t even support it…
In what kind of godforsaken backwater do ISPs that don’t support IPv6 still exist!?
I still run SpamAssissin on my own mail server, but only because I haven’t yet seen any objective measurement showing some other solution to be better.
Sure, it’s just that from my point-of-view I’d be toast anyway if anyone managed to gain that level of access.