On 6/19/2018 10:30 PM, basti wrote:
On 19.06.2018 22:24, john doe wrote:
On 6/19/2018 10:04 PM, basti wrote:
Hello,
I try use use port knocking and would be happy to do this in ssh config
file.
To open the port I can use ProxyCommand with an wrapper script like
ProxyCommand bash -c 'wrapper.sh %h port1 port2 ... portX; nc %h %p'
so far so good.
But if I understand port knocking in the right way I must close the port
after disconnect?
I havened found a way for this like post-connect in ssh config.
Has anyone a suggestion how it can be implemented?
Any reasons why you can't let your firewall handle the port nocking
functionality?
I open the port with iptables, and than? can you please explain?
I can only give you this:
https://wiki.archlinux.org/index.php/Port_knocking#Port_knocking_with_iptables_only
https://askubuntu.com/questions/867261/ssh-client-port-knocking-execute-command-before-connecting
From what I understand you don't need to close the ports after connection.
--
John Doe