/etc/suauth

[Sina Bahram]

One minor point

I think you mean port 22, not 23

Take care,
Sina 

-----Original Message-----
From: speakup-bounces at braille.uwo.ca [mailto:speakup-bounces at braille.uwo.ca]
On Behalf Of Charles Hallenbeck
Sent: Sunday, December 18, 2005 1:38 PM
To: sdawes at telus.net; Speakup is a screen review system for Linux.
Subject: Re: /etc/suauth

Steve,

There is a Debian package called "knockd", not sure about other distros. 
It comes with a port sniffing daemon and a client program. You configure the
daemon by specifying a trio of ports to monitor, and a couple of timing
parameters. Once you do that you can close port 23 on your firewall, but
keep the sshd daemon and the knockd daemon running.

When some user wants to connect with ssh, she first issues the knock command
giving the host name and the three ports, which is detected on the remote
host, causing the firewall to open port 23 for a specified period. In my
case it is 10 seconds. During that time the calling system issues the usual
ssh or sftp command, makes connection, and the connection remains alive as
long as needed. However, once the 10 second period expires, the firewall
once again closes port 23 to any further connection requests unless again
preceded by the correct port sequence. 
It is analogous to a "secret knock"  on a door, as in spy movies or
prohibition films. Very cool. 

I connect to my system this way by issuing something  like this, but with
the correct port numbers:

knock hhs48.com 1234 2345 3456 ; ssh username at hhs48.com

and it looks on the console identical to the case where port knocking is not
in the picture.

What distro do you use? Can you search for "knockd" for your system?

Ch;uck

--
The Moon is Waning Gibbous (91% of Full) But you can still get downloads
from http://www.mhcable.com/~chuckh

_______________________________________________
Speakup mailing list
Speakup at braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup