i want to remotely ssh to my home server, and I was wondering if I could just forward port 22 with disabling password login and use pubkey authentication will be safe enough?
If you disable password authentication, and use public key authentication, yes.
disabling password login and use pubkey authentication will be safe enough?
Just make sure you actually disable password login. Simply enabling key doesn’t disable password. So as long as the password is disabled then you’re fine.
Move it to a four digit port on your router and port for to 22 internally.
Rather than port forward 22, I would recommend using the ipv6 address and securing the host.
With PubKey and Fail2Ban its probably ok but wouldnt chance it personally. Can you use a different port too?
Most likely it’s fine. Though it’s not terribly difficult to set up some flavor of VPN so you’re not exposing 22 at all outside your network. Personally I use Wireguard.
First of all don’t expose a machine on your LAN unless it is very well locked down especially with respect to ability to access rest of LAN. To simply access home LAN set up home VPN that has the access instead of opening up a port as powerful as ssh. If you open ssh then put it at some other port than the well known 22 and make it accessible by authorized key only. I would further limit where this ssh can be accessed from using firewall rules.