↑Top
Blog
Various
About me

I Made a Sha256 based port knocking program

I use knock by Judd Vinet to open the port to ssh, adding an extra layer of security so attackers can’t try exploits on your ssh all day. It’s fairly easy to use. But it uses a fixed knock sequence, which means that the sequence might be replayable by attackers.

So I (probably hardly the first to) imagined Sha256 could be used to generate a port sequence, noticed one of the issues at knock also mentions it. So i decided to try do it.. Too much time and effort later, knockoff is here. (name in jest of course) Since Cs vagarities seem mostly pointless, so used lua a lot.

Specifically it generates a port sequence based on Sha256(append(nonce, secret, date)), so you can share that secret instead of a particular port sequence. Defaultly each port sequence lasts a bit more than a minute, two port sequences apply shortly between so slight time differences aren’t troublesome.

Instead of just the time periods, it can also increment an integer every attempt that succeeds or fails late enough, so a particular sequence can never be replayed. Defaultly it does not, since it’s untested, and harder to script. There is also the possibility of generating one or more extra ports afterward and start the servers on those ports for that session.

The sha256 port-sequences is the main purpose of the project, lua allows for fairly easy extension. It can do simple sequences of ports, and can trigger different outcomes based on what ports are knocked.

Link to project: git.sr.ht/~jasper/knockoff

Update:(2020-06-20) unfortunately looks to be less ready for use than i hoped.

Blog Posts

2021-07-17 Type Stack Calculation project intro
2020-08-26 Camcorder planet viewing
2020-05-15 I Made a Sha256 based port knocking program
2017-12-26 Probably kindah like a Snowflake simulation
2017-10-29 More Pixel fun turtles
2016-09-22 Pixel fun - messing with turtles
2016-05-17 Finally put together page_html
2015-11-12 libre decentralized software
2015-02-03 Tinfoilchat inspired ideas
2015-01-07 Public goods and business models
2014-12-22 Captcha Quicky
2014-12-12 Assurance contract mention
2014-11-21 Publishing DAO, and its holy grail
2014-11-02 Grudge escrow contract
2014-09-11 The core Blockchain idea
2014-06-03 Hanging blocks
2014-05-29 Voting power needed for DAO/DO decisions
2014-05-17 What is Ethereum to people?
2014-05-08 Just show up anytime jobs
2014-05-08 Proof of Reserve and voting
2014-05-08 DHTs: more than just storage