Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
tools:fwknop [2022/08/28 15:28] – [Server] darrontools:fwknop [2023/01/20 20:16] (current) – [Server] darron
Line 4: Line 4:
  
 Port knocking is used to alter packet filter rules on a host Port knocking is used to alter packet filter rules on a host
-dependant upon a secret packet delivered to that host.+dependant upon a packet encrypted with a secret key delivered to that host.
  
 It can be used to open a normally closed port to an SSH server It can be used to open a normally closed port to an SSH server
Line 19: Line 19:
 ==FWKNOP== ==FWKNOP==
  
-__Run__+==Install== 
 + 
 +<code> 
 +apt install fwknop-server 
 +</code> 
 + 
 +==Run==
 <code> <code>
 /usr/sbin/fwknopd /usr/sbin/fwknopd
 </code> </code>
  
-__access.conf__+==access.conf==
  
 <code> <code>
Line 33: Line 39:
 </code> </code>
  
-__fwknop.conf__+==fwknop.conf==
  
 <code> <code>
Line 41: Line 47:
 ===Client=== ===Client===
  
-__.fwknoprc__+==Install== 
 + 
 +<code> 
 +apt install fwknop-client  
 +</code> 
 + 
 +==.fwknoprc==
  
 <code> <code>
 [default] [default]
  
-[xen]+[hostname]
 SPA_SERVER      x.x.x.x SPA_SERVER      x.x.x.x
 ACCESS          tcp/22 ACCESS          tcp/22
Line 52: Line 64:
 KEY             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX KEY             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 </code> </code>
 +
 +==.ssh/config==
 +
 +<code>
 +Match host hostname exec "fwknop -n hostname && sleep 0.5"
 +</code>
 +
 ===Resources=== ===Resources===
  
 [[https://www.cipherdyne.org/fwknop/|Home page]] [[https://www.cipherdyne.org/fwknop/|Home page]]