Question 1

How to install and run totp-ssh-fluxer on Ubuntu?

Accepted Answer

Install Go, clone the repository, build with 'go build', and run as root. On first run, it generates a TOTP key in /etc/ssh-flux-key for client setup. Monitor iptables with 'watch iptables -vL -t nat' to verify it works.

Question 2

Is totp-ssh-fluxer actually secure against SSH attacks?

Accepted Answer

No, it's a joke project meant to highlight security-through-obscurity flaws. While it obfuscates the port, real security requires measures like key-based authentication and fail2ban, not just hiding services.

Question 3

What happens if the TOTP code calculates a port above 65535?

Accepted Answer

The code retries by taking the last digit repeatedly until it's below 65536, as per the README, ensuring a valid port number but adding slight unpredictability.

Question 4

Can I use totp-ssh-fluxer for other services like HTTP?

Accepted Answer

Potentially, but it's designed for SSH with iptables PREROUTING rules. Modifying it for other services would require code changes and careful testing, given its experimental nature.

Question 5

totp-ssh-fluxer vs port knocking: which is better for hiding SSH?

Accepted Answer

Both are obscurity tactics; port knocking uses sequence-based access while totp-ssh-fluxer changes ports dynamically. Neither replaces real security, but totp-ssh-fluxer is more automated and humorous, whereas port knocking is more established but still niche.

Question 6

How to recover access if I lose the TOTP key file?

Accepted Answer

You'd need to regenerate the key by rerunning the tool or manually accessing the server via console, as SSH access depends on the TOTP code. This highlights a single point of failure for availability.

Question 7

Does it support IPv6 or only IPv4?

Accepted Answer

The README doesn't specify, but since it uses iptables, it likely only supports IPv4 by default. Adding IPv6 would require modifications to use ip6tables and handle dual-stack configurations.

totp-ssh-fluxer

What is totp-ssh-fluxer?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions