This is an old revision of the document!


Table of Contents

FWKNOP

Single Packet Authorization (SPA) Port Knocking.

Port knocking is used to alter packet filter rules on a host dependant upon a secret packet delivered to that host.

It can be used to open a normally closed port to an SSH server from a single host for a limited time duration.

Server

IPtables
iptables -t filter -A INPUT -i eth0 -p tcp --syn --destination-port 22 -j REJECT --reject-with icmp-port-unreachable
FWKNOP

Run

/usr/sbin/fwknopd

access.conf

SOURCE: ANY
OPEN_PORTS: tcp/22
KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
FW_ACCESS_TIMEOUT: 60

fwknop.conf

PCAP_INTF eth0;

Client

.fwknoprc

[default]

[hostname]
SPA_SERVER      x.x.x.x
ACCESS          tcp/22
ALLOW_IP        resolve
KEY             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

.ssh/config

Match host hostname  exec "fwknop -n hostname && sleep 0.5"

Resources

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies