this post was submitted on 12 Nov 2023
5 points (100.0% liked)

ITTavern.com

232 readers
1 users here now

Here you can find:

Articles and Services

founded 2 years ago
MODERATORS
wop
5
Port Knocking with knockd and Linux - Server Hardening (ittavern.com)
submitted 2 years ago by wop to c/ittavern
2 comments fedilink hide all child comments
 

I've created a new article about Port Knocking in preparation of my rework of the SSH Hardening guide.

I'd like to hear your opinion about port knocking.

top 2 comments
sorted by: hot top controversial new old
[โ€“] 0xD 2 points 2 years ago (1 children)

It's certainly a good way to hide a service from family/friends/flatmates but cannot be relied on for security on its own. Especially for SSH I see no real security benefit for it over just public key authentication, and the stated added complexity just makes it impractical in most cases.

I really cannot see a scenario (risk management-wise) where it is more than just a thing you set up for fun.

[โ€“] wop 2 points 2 years ago

public key authentication ... is king.

I agree that port knocking won't replace any other hardening method, but I thought I'd look into it since it gets recommended so often. Not a big fan either.