Comments on: How to Use Port Knocking To Secure SSH Service in Linux

By: Mau

Mau — Thu, 19 Oct 2023 21:44:32 +0000

Hello, I’ve followed all the instructions but it seems like I cannot connect from my client server even if the sequence were accepted.

Do I need to install iptables even if I already have ufw set up? When I ran iptables -L, it returned a lot of results while checking the systemctl status don’t. It just says service not found. But ufw is active.

By: STUART

STUART — Fri, 25 Jun 2021 02:21:15 +0000

While this is security through obscurity, this is still a good enough approach if other security practices are still followed (no root, specific ip, complex password, preferably keys, etc.)

I would love it if the closing sequence is time-triggered rather than depending on users to knock to close. E.g. closes after 30 mins of opening.

By: Domonkos Lezsák

Domonkos Lezsák — Thu, 24 Jun 2021 07:49:23 +0000

In reply to Dave McKay.

I’d rather say “don’t *rely*” on this. Even if you configure port knocking don’t forget to also disable passwords and use secure RSA keys, etc. If you have strong security you are free to add port knocking as another “security measure” in case you have messed up something.

By: Dave McKay

Dave McKay — Wed, 23 Jun 2021 11:05:19 +0000

Don’t do this in real life. This is security by obscurity which is another way of saying no security. It is regarded as a novelty, not a viable security technique.

https://en.wikipedia.org/wiki/Security_through_obscurity