<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
I experimented with fwknop earlier this year and finally gave it up for
OpenVPN.<br>
<br>
With the help of Michael Rash I wrote a fwknop client in Java that uses
GPG keys. I could not get the Crypt::CBC library to work for the
passphrase operation.<br>
<br>
Anyone can have my code if they are interested in continuing it. <br>
<br>
You can use it for any port, not just ssh. <br>
<br>
--James<br>
<br>
<br>
<br>
<br>
Claude Felizardo wrote:
<blockquote
cite="mid:971fb34d0806241347o35070d9exe67f1bf10f528108@mail.gmail.com"
type="cite">
<pre wrap="">On Fri, Jun 13, 2008 at 5:17 PM, John Lowry <a class="moz-txt-link-rfc2396E" href="mailto:johnlowry@gmail.com"><johnlowry@gmail.com></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I have used fwkop <a class="moz-txt-link-rfc2396E" href="http://www.cipherdyne.org/fwknop/"><http://www.cipherdyne.org/fwknop/></a> with great success
before. You block SSH connection by default and let fwknop open up the port
after a successful authentication.
</pre>
</blockquote>
<pre wrap=""><!---->
John,
Would you be willing to give a presentation on this? Do you use it
for anything but ssh?
I think I heard about this right after I gave my presentation last
year and then forgot about it. My concern was that it required a
special client and if what if I didn't have my laptop with me. I'm
paranoid enough that I wouldn't try this unless I trusted the admin,
ie, not at a cyber cafe. Maybe on a friend's computer but I haven't
had a need to do anything like that in ages. Maybe that's what USB
sticks are for.
As for my recent trip I was able reproduce my old configuration before
leaving and was able to push copies of most of my pics to my
fileserver before flying home.
claude
</pre>
</blockquote>
<br>
</body>
</html>