Knockd daemon fails to start

security ubuntu ubuntu-14.04

I was trying to setup knockd, a port knocking daemon available to Ubuntu distros.

Before setting up my port knocking sequences, I decided to give a shot to the default knocking sequence, since it should open SSH to my IP address.

But when I first started the service sudo service knockd start, it failed with no error message and the service log located at /var/log/knockd.log is empty.

 * Starting Port-knock daemon knockd  [fail]

No changes have been made to the configuration, with the exception of /etc/default/knock where we have to change START_KNOCKD from 0 to 1.

I'm most puzzled with this since the log file is literally empty.

Any help is appreciated, thank you.


Solution 1:

You can configure it to log to syslog by changing /etc/knockd.conf.

Comment out logfile = /var/log/knockd.log under [options]and add following:

UseSyslog

Then start it from shell and check output:

knockd --debug --verbose

More details here: http://manpages.ubuntu.com/manpages/dapper/man1/knockd.1.html

Solution 2:

knockd might not be finding your non-standard interface.

Specify it in /etc/default/knockd like so:

KNOCKD_OPTS="-i eth0"

Solution 3:

find the interface which case, your ip:

ifconfig

and add him to: /etc/knockd.conf example:

Interface = venet0:0

Related

Logging not working on Centos 7
Load testing at 350,000 requests per minute [closed]
Will preventing POST requests stop the spread of a remote access trojan?
Protecting a location by IP while applying basic auth everywhere else
Openvpn server can ping via IP but not via hostname
IPTables: How to log and set a specific log file
Is HAProxy still necessary when Varnish can act as a load balancer?
Chrony doesn't appear to be syncing with the servers I've specified
SYNC a folder on Ubuntu server with amazon S3 bucket automatically
Load balancing LDAP from a Domain Controller via F5
Where should migrations be run on elasticbeanstalk deployment process?
Why are some RPM's "not relocatable"?