Ok, so with the results from having a no-password exposed VNC server online for several weeks with no issue (not even to mention the IP posted online), I've now decided that I'll just block IPv4 entirely on services like SSH. This way you'll need the ssh key, the yubikey, and to access it through IPv6. Currently I think my auth failues were about 50,000 per week, so we'll see what this does. Also, the no-authentication PC is still up if you want to access it. The IP is in the previous post. Edit: turning off IPv4 for ssh has reduced my authentication failures by 99.66% from something like 30,000-50,000 in a week to 100 in a week.