[TriLUG] Denyhosts and Custom Regex

Jim Tuttle jjtuttle at trilug.org
Fri Nov 7 12:10:29 EST 2008


Hi Alan,

The use case is that often I find myself behind wireless access points
in public places that limit outgoing traffic to port 80.  That's the
reason for running SSHD on port 80.  If I had access to other ports I'd
just run SSHD on one of those less obvious ports.

Thanks, though.  I had considered knockd for other applications.

James

Alan Porter wrote:
>> The why isn't related to the how that I questioned the list about,
>> but I'm game.  I want to lock it down to reduce the chance that I
>> get nailed by campus IT.
> 
> You might want to consider using "knockd" on that SSHD/80 port.  You
> can set up your clients to use the knock client automatically in your
> ~/.ssh/config files.
> 
> It's surprisingly easy to set up.  It listens on a handful of ports
> that you choose (UDP or TCP), and then it sets up some iptables rules
> to open and close the SSHD port.  It's pretty sweet.
> 
> That way, your campus IT will find nothing at all.
> 
> Alan
> 
> 


-- 
--
---Jim Tuttle
------------------------------------------------------
http://www.braggtown.com
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x69B69B08




More information about the TriLUG mailing list