I've set up remote VPS systems with GELI disk encryption, including swap encryption, during FreeBSD 12.2 installation.
I've locked down SSH quite securely too so I presume now when remoting in, security is reasonably assured.
I want to address the possibility that within the VPS terminal's web...
When configuring Setkey to add Security Policy Database for AWS tunnels I understand that I should let the kernel know what traffic I want to get encrypted.
And so I added my internal network to go to the remote VPC (AWS) network and the other way around.