Single Packet Authorization (SPA) Port Knocking.

Port knocking is used to alter packet filter rules on a host dependant upon a packet encrypted with a secret key delivered to that host.

It can be used to open a normally closed port to an SSH server from a single host for a limited time duration.

iptables -t filter -A INPUT -i eth0 -p tcp --syn --destination-port 22 -j REJECT --reject-with icmp-port-unreachable

apt install fwknop-server

/usr/sbin/fwknopd

SOURCE: ANY
OPEN_PORTS: tcp/22
KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
FW_ACCESS_TIMEOUT: 60

PCAP_INTF eth0;

apt install fwknop-client 

[default]

[hostname]
SPA_SERVER      x.x.x.x
ACCESS          tcp/22
ALLOW_IP        resolve
KEY             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Match host hostname exec "fwknop -n hostname && sleep 0.5"

Home page