Right you are! telnet is 23, ssh is 22. Thanks. On Sun, Dec 18, 2005 at 02:04:36PM -0500, Sina Bahram wrote: > One minor point > > I think you mean port 22, not 23 > > Take care, > Sina > > -----Original Message----- > From: speakup-bounces at braille.uwo.ca [mailto:speakup-bounces at braille.uwo.ca] > On Behalf Of Charles Hallenbeck > Sent: Sunday, December 18, 2005 1:38 PM > To: sdawes at telus.net; Speakup is a screen review system for Linux. > Subject: Re: /etc/suauth > > Steve, > > There is a Debian package called "knockd", not sure about other distros. > It comes with a port sniffing daemon and a client program. You configure the > daemon by specifying a trio of ports to monitor, and a couple of timing > parameters. Once you do that you can close port 23 on your firewall, but > keep the sshd daemon and the knockd daemon running. > > When some user wants to connect with ssh, she first issues the knock command > giving the host name and the three ports, which is detected on the remote > host, causing the firewall to open port 23 for a specified period. In my > case it is 10 seconds. During that time the calling system issues the usual > ssh or sftp command, makes connection, and the connection remains alive as > long as needed. However, once the 10 second period expires, the firewall > once again closes port 23 to any further connection requests unless again > preceded by the correct port sequence. > It is analogous to a "secret knock" on a door, as in spy movies or > prohibition films. Very cool. > > I connect to my system this way by issuing something like this, but with > the correct port numbers: > > knock hhs48.com 1234 2345 3456 ; ssh username at hhs48.com > > and it looks on the console identical to the case where port knocking is not > in the picture. > > What distro do you use? Can you search for "knockd" for your system? > > Ch;uck > > -- > The Moon is Waning Gibbous (91% of Full) But you can still get downloads > from http://www.mhcable.com/~chuckh > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup -- The Moon is Waning Gibbous (91% of Full) But you can still get downloads from http://www.mhcable.com/~chuckh
