ARTICLE
Close Port 22 Forever and Secure Remote Devices With SSH No Ports
SSH No Ports For The Win
SSH No Ports is a new product we recently launched that makes managing remote devices a snap. With this new tool you can access your devices regardless of where they are—behind routers, NAT, firewalls, VPNs, private/1918 addresses, or even on the move. And you can reach them without reconfiguring your gateways, setting up port forwarding on your router, or using a VPN. And the part we love most? You don’t need to know the device’s IP address in order to find it. You can also SSH into your device without any open listening ports, which makes it possible to close port 22 forever and remove the network attack surface.
SSH No Ports has found a special place in the hearts of Sysadmins, DevOps folks, Home Lab enthusiasts, Raspberry Pi tinkerers, and security-minded developers. Here are a couple of recent use cases we think are super cool:
- Pen testers used it to gain secure remote access to devices they needed to evaluate. Before SSH No Ports, this would have meant an in-person visit to their client’s facility. Instead, this work was done remotely, saving time and cost.
- Our CTO and Co-founder, Colin, used it with his LoRaWAN gateway that only uses a cellular connection to reach the Internet. He was able to quickly and easily give remote access to the gateway to a colleague living and working halfway around the world.
- People with their own home labs who want access from outside their house, but are extremely reluctant to leave port 22 open can use SSH No Ports. With SSH No Ports they can access their lab through RDP, VNC, and even the web with absolutely no listening ports open.
A use case on the horizon that we’re excited about is from a device manufacturer we’re working with. Their plan is to install SSH No Ports in their consumer electronics, so they can provide remote support once the devices are in their customers’ homes.
See below for a quick demo of how SSH No Ports works, and then put it to the real test by trying it out yourself! Right now, the price is $40 for one year of access, and you can use one account to manage up to 25 devices.
How It Works
Atsign’s technology–the atProtocol and the client SDKs, as well as the socket rendezvous–forms the backbone of SSH No Ports. Atsign technology allows two devices to communicate securely, peer-to-peer, behind any firewall by communicating purely outbound. The socket rendezvous is just a socket connector that connects two of its ports together–and nothing more! The client cuts a new SSH keypair for each session, and securely shares the private key to the device via the atProtocol. The device makes an SSH connection to the socket rendezvous, and at no point are any listening ports open on either end during this process, not even port 22.
For more information, visit noports.com
Transforming Fleet Management with Real-Time Telemetry: An Atsign Use Case
Learn how a real-time telemetry solution with Atsign technology can help a large fleet management company achieve significant improvements in reliability, reduce costs, and optimize maintenance schedules.
Data Transmission Methods with Atsign’s NoPorts and atSDK
Learn how Atsign is addressing vulnerabilities in data transmissions, making it safer to send data securely over the Internet.
100 Times Faster Internet
Separating the control plane from the data plane made the Internet 100x faster in 1996; what would an Internet-wide control plane do today?
Why Open Source
Atsign technology has been open source from day one. See exactly why open source embodies the values we hold as a company.
Zero Trust Sockets
Simplify network security by starting at the socket level. Colin Constable explains how a Zero Trust Sockets approach is better.