A few years ago a vulnerable compression library almost got pushed out that major Linux distros linked their OpenSSH implementations to. That was caught by blind luck. I'm confident there's a lot more shit out there that we don't know about.

> This is just FUD.

No, it's just opsec.

> Sure, scanners will keep pinging it, but nobody is ever going to burn an ssh 0day on your home server.

I wouldn't be so sure about it, considering the things I have seen.

I'd better be safe than sorry. You can expose your SSH if you prefer to do so. Just don't connect your server to my network.