I generally lock down SSH and other non-public services so that they can only be accessed by specific IP addresses. But some businesses we work with do not have static IPs and occasionally they need to provide access for contractors and outside developers. I have been told that Port Knocking could be used to solve this problem, but I know nothing about the process. On to the questions:
First, could it be used in such a manner?
Has anyone out there actually done this? What were your experiences?
Which daemon should I use to run it with Linux?
How long should the Knock sequence be?
Are there any alternatives to the port knocking approach?