Simpler knockd to open SSH on remote server?

[littlebigman]

Hello

I'm looking for a way to open up the SSH port on a remote server behind a NAT firewall so I can connect from the Net (from a Windows host) while reducing the risk of running SSHd at all times.

I've never used it, but it seems like Knockd is close to what I'm looking for (trying to connect to several specific ports within a certain timeframe will launch SSHd), but that would require opening up several ports on the router just for Knockd. I find the alternative of using one-time sequences too complicated.

Does someone know of a simpler system, where the daemon would be listening to a _single port_ and launch SSHd if it got -_specific data patterns_ in TCP packets?

Thank you.

[meton_magis]

a NAT firewall would require you to forward all requests on a port from outside your network be forwarded to a certain ipaddress and port inside your network. Doint that depends on what firewall you use.

as far as your other problem, knockd for ssh sounds to be an attempt at replacing good security practices with an odd program that no one expects. I'm not saying that is nessicerily a bad thing, but it is pretty much imposible to crack openSSH's security if you put it into paranoid mode (disable password authentication, use a keypair instead, disable root login, use pam to deny any requests except for a specific user, put it on a port other than 22, things like that.)