(#docduya) I know there are lots of bastion solutions for this, but I don’t know of any that simply send netfilter/pf commands and just plain open the port for the source IP address either temporarily or permanently depending on configuration. The fancy bastions are cool and all, but not as universal as simply opening a port temporarily for an IP.
Wait a minute, fwknopd is cool and all, it’s still proprietary.
Why hasn’t anyone implemented port knocking with something as simple and ubiquitous as SSH public key authentication (or even password if desired) for port knocking? It could even fire-off RPC signals to other servers from a single bastion..
(#pkwxs4a) @email@example.com Work/Life balance is an incredibly tricky thing I feel. Lately I have had plenty of money, but to even take the time to enjoy it has been difficult to do.
Starting to realize that full-time feels like a bit of an anti-pattern for me as a person with no kids and extremely minimal living expenses. After some time passes I may need to consider seeking more of a part-time role of some kind.
Honestly I miss just sitting around coding for fun. Funemployment wasn’t lazy, it was just fun ;p
I digress; I’ll definitely let you know my take on bitraft!
Seems like all I’ve had time to do lately is work and sleep ._.
About to take a closer look at bitraft though, as I have been meaning to set something like this up for my many bitcask powered projects for a long time now :^)