I’ve created a new article about Port Knocking in preparation of my rework of the SSH Hardening guide.
I’d like to hear your opinion about port knocking.
You must log in or # to comment.
It’s certainly a good way to hide a service from family/friends/flatmates but cannot be relied on for security on its own. Especially for SSH I see no real security benefit for it over just public key authentication, and the stated added complexity just makes it impractical in most cases.
I really cannot see a scenario (risk management-wise) where it is more than just a thing you set up for fun.
public key authentication … is king.
I agree that port knocking won’t replace any other hardening method, but I thought I’d look into it since it gets recommended so often. Not a big fan either.