Port knocking with UFW
Port knocking is a security technique used to secure servers. Connection is attempted to a sequence of ports to open or close an application/service port.
UFW (Uncomplicated Firewall) is available on all recent Ubuntu versions.
apt install knockd
knockd configuration file:
[options] UseSyslog [SSH] sequence = 7000,8000,9000 seq_timeout = 5 start_command = ufw allow from %IP% to any port 22 tcpflags = syn cmd_timeout = 10 stop_command = ufw delete allow from %IP% to any port 22
The sequence for opening port 22 is 7000–8000–9000. The SSH port will be open for 10 seconds before it is closed again. SSH access is enabled only for the IP which is knocking.
The ports in the knocking sequence should be allowed in the firewall first.