feature-request: trap-door
guyverdh at mchsi.com
guyverdh at mchsi.com
Wed Aug 10 00:30:05 EST 2005
Why would you place this functionality at the application layer, why not use
port knocking at the firewall layer?
It's a lot simpler to implement (even if you have to set it up manually via
the services and inetd.conf files), than to change the code for sshd.
A couple of lines in an inetd.conf and services file can make an easy to use
port knocking to open an SSHD daemon on a port the knocker specifies. Then
after 30 seconds, the listener closes.
If there's interest, I can submit an example.
More information about the openssh-unix-dev
mailing list