I’ve created a new article about Port Knocking in preparation of my rework of the SSH Hardening guide.

I’d like to hear your opinion about port knocking.

  • 0xD
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    It’s certainly a good way to hide a service from family/friends/flatmates but cannot be relied on for security on its own. Especially for SSH I see no real security benefit for it over just public key authentication, and the stated added complexity just makes it impractical in most cases.

    I really cannot see a scenario (risk management-wise) where it is more than just a thing you set up for fun.

    • wopOPM
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      public key authentication … is king.

      I agree that port knocking won’t replace any other hardening method, but I thought I’d look into it since it gets recommended so often. Not a big fan either.