My intended goal was to evade the GFW for a two week work trip, whereafter I was deleting the droplet anyway. I didn't know what protocols would be effective against the GFW and have neither the time nor capacity to set these up manually. Moreover, as the sibling mentioned, you can pick which you install.
I agree that minimising the attack surface is the right course of action but on balance the increased risk of several protocols didn't outweigh the convenience given my purpose and temporary nature.
I fell back to global roaming data if I needed to do anything involving logging in, which I avoided doing unless strictly necessary anyway (e.g.: no banking, etc.).
All this is moot, however, as I was citing it for the point at hand rather than suggesting it over a manually set-up install of Wiregard.
I agree that minimising the attack surface is the right course of action but on balance the increased risk of several protocols didn't outweigh the convenience given my purpose and temporary nature.
I fell back to global roaming data if I needed to do anything involving logging in, which I avoided doing unless strictly necessary anyway (e.g.: no banking, etc.).
All this is moot, however, as I was citing it for the point at hand rather than suggesting it over a manually set-up install of Wiregard.