←back to thread

Knocker, a knock based access control system for your homelab

(github.com)
67 points xlmnxp | 1 comments | 22 Oct 25 08:37 UTC | HN request time: 0.001s | source
Show context
mano78 ◴[22 Oct 25 09:39 UTC] No.45666742[source]
I implemented something similar as a caddy module, then I realized that if I was connected to a public wifi network I was actually authorizing the whole bunch of people that were connected to it with me. How do you avoid this, or is it just not important?
replies(5): >>45666786 #>>45666828 #>>45667520 #>>45667566 #>>45676716 #
1. fariszr ◴[23 Oct 25 00:08 UTC] No.45676716[source]
It's a compromise.It's not as secure as using a VPN, but it's way more convenient, since only one device has to have a knocker client on it without needing any sort of VPN.

The likelihood of someone is on the same network as you noticing your servic, try to hack it, before the TTL expires again is IMO quite low.

This is without taking into account that the services themselves have their own security and login processes, getting a port open doesn't mean the service is hacked.