Hiding your sshd with ufw and knockd on Ubuntu

I don’t like it if malicious programs or people try to hack my server.

I do, however, like to have access to my server, via ssh of course. Not just from home, but from wherever I happen to be.

Fortunately, it’s possible to have the best of both worlds on my Ubuntu server, using a simple piece of software called knockd .

When using knockd , your sshd  can be firewalled by default. You can open up a temporary hole in the firewall by sequentially connecting to a few ports, as defined by you in knockd ‘s config file. Then you can  ssh to your server.

To set this up with ufw , I started by closing port 22 to the world:

This is my /etc/knockd.conf :

This configures knockd  to listen for connections on the 4 specified ports, within 5 seconds after each other. Once the sequence is completed, a hole is opened for 10 seconds using the given ufw commands. This process can be easily followed in  /var/log/syslog , which helped me to get this to work.

On my laptop, I made a small script, using the client side of knockd :

After these easy steps, I can connect to my server anytime, anywhere. Now all I need to do, is remember the port sequence!

This entry was posted in linux and tagged , , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.