[TriLUG] Denyhosts and Custom Regex

Alan Porter porter at trilug.org
Fri Nov 7 11:40:08 EST 2008


> The why isn't related to the how that I questioned the list about,
> but I'm game.  I want to lock it down to reduce the chance that I
> get nailed by campus IT.

You might want to consider using "knockd" on that SSHD/80 port.  You
can set up your clients to use the knock client automatically in your
~/.ssh/config files.

It's surprisingly easy to set up.  It listens on a handful of ports
that you choose (UDP or TCP), and then it sets up some iptables rules
to open and close the SSHD port.  It's pretty sweet.

That way, your campus IT will find nothing at all.

Alan





More information about the TriLUG mailing list