SSHD and SSH Call-out via Port Knocking

guyverdh_at_mchsi.com
Date: 09/06/05

  • Next message: Miro Dietiker, MD Systems: "AW: Logging Traffic by user @ OpenSSH 3.8.1"
    Date: 6 Sep 2005 03:11:42 -0000
    To: secureshell@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is) I finally took the time to flesh out an idea that I'd had for some time. The idea was pretty simple, a semi-secure way of having the SSH server allow remote connectivity, without having an SSHD listener always on.

    It took a couple of hours to write, test, re-write, re-test, etc both versions.

    Both versions use a series of scripts to write numerals into a temporary file via knocks on specific ports. This file is then read when one of two ports are knocked after having 12 digits written to the file.

    One port, reads the temporary file, builds the IP address, then creates an iptables entry that allows the specified IP address to connect via SSH for approximately 30 seconds. It then closes the SSHD daemon, and drops the iptables entry.

    The second port, reads the temporary file, builds the IP address, then causes SSH to connect to the specified IP address with a backchannel defined. This allows the remote client to ssh into the server via this backchannel.

    Would there be any interest in seeing the sample shell scripts that I have written for Redhat Enterprise and SuSE Enterprise Linux?

    Is this even something anyone would like to do?


  • Next message: Miro Dietiker, MD Systems: "AW: Logging Traffic by user @ OpenSSH 3.8.1"