To my knowledge there is no way to index Tor v3 hostnames unless the owner of the address explicitly shares them. Therefore, even if an attacker knew that I was behind Tor, they would have no way to find out the hostname of my service and connect to it, so it is not security through obscurity. They would have to get into my password manager and steal my public key. Am I wrong about this?
Whatever the case of the hostname being public or not, do you think it is important to add another layer of security such as Wireguard in this case, or is hardening the SSH config enough?
To my knowledge there is no way to index Tor v3 hostnames unless the owner of the address explicitly shares them. Therefore, even if an attacker knew that I was behind Tor, they would have no way to find out the hostname of my service and connect to it, so it is not security through obscurity. They would have to get into my password manager and steal my public key. Am I wrong about this?
Whatever the case of the hostname being public or not, do you think it is important to add another layer of security such as Wireguard in this case, or is hardening the SSH config enough?