A bigger problem I think would be someone discovering a pre-auth 0day in the code. So the important thing would be to not allow the entire internet unrestricted access to whatever's running the SSH server.
A bigger problem I think would be someone discovering a pre-auth 0day in the code. So the important thing would be to not allow the entire internet unrestricted access to whatever's running the SSH server.