Re: Idea to secure ssh [was: howto block ssh brute-force]

To: debian-security@lists.debian.org
Subject: Re: Idea to secure ssh [was: howto block ssh brute-force]
From: Joerg Rieger <a.mailinglists@lumrix.net>
Date: Mon, 13 Mar 2006 09:30:46 +0100
Message-id: <[🔎] 20060313083046.GA1982@riser.jnet.local>
In-reply-to: <[🔎] 200603130319.31145.neal.p.murphy@alum.wpi.edu>
References: <[🔎] 385d1e010603112350g5c11a3b1ha21ed67f5e6e7e63@mail.gmail.com> <[🔎] 54987.130.231.240.27.1142231099.squirrel@secure.qvd.fi> <[🔎] 200603130319.31145.neal.p.murphy@alum.wpi.edu>

On Mon, Mar 13, 2006 at 03:19:30AM -0500, Neal Murphy wrote:

[...]

> My idea is akin to a monastery that has no visible way in or out. If someone 
> wants in, he has to know where to knock, using the Super Secret Squirrel 
> coded knock. Then he has to wait a bit before he tries to pass his 
> credentials and hand through the wall. If he still passes muster (ID is OK 
> and his fingerprints match), he is then allowed to pass through the wall. If 
> he doesn't know the coded knock to begin with, he'll pass right by the 
> monastery, never seeing it.

[...]

This is basically port knocking:
http://en.wikipedia.org/wiki/Port_knocking



--

Reply to:

References:
- howto block ssh brute-force
  - From: "Felipe Figueiredo" <philsf@ufrj.br>
- Re: howto block ssh brute-force
  - From: "fgeek" <fgeek@fgeek.info>
- Idea to secure ssh [was: howto block ssh brute-force]
  - From: Neal Murphy <neal.p.murphy@alum.wpi.edu>

Prev by Date: Idea to secure ssh [was: howto block ssh brute-force]
Next by Date: Re: Idea to secure ssh [was: howto block ssh brute-force]
Previous by thread: Idea to secure ssh [was: howto block ssh brute-force]
Next by thread: Re: Idea to secure ssh [was: howto block ssh brute-force]
Index(es):
- Date
- Thread