In situations where I have more than one box, one (usually a little embedded SoC) gets openbsd on it, and is used as a bastion host, for exactly the reasons outlined here.
The problems I hit with using Linux for this were different ten years ago, but, based on this thread, things got worse on that side of the fence.
The problems I hit with using Linux for this were different ten years ago, but, based on this thread, things got worse on that side of the fence.