In a world where even SSH seems like it’s not enough, enter SBD. Yeah, it’s the same initials as something that we all said as kids, but it really refers to System Back Door.

SBD is an ultra-secure service that relies on the SBD protocol, one-time pad’s and the HMAC authentication routine to verify what you’re sending to it.

Effectively, it allows you to encrypt a single command that is sent to the server based on completely random and identical files on both systems, making it easy to send a wake-up call to an SSH server or other service with an almost-unbreakable one-time encrypted command.

After using the service on demand, you can then disable it with another SBD-secured command, or have the service disable itself automatically via scripting.

Linux.com has a great article about this, including make instructions for those who find they will need this additional security measure. The SourceForge project page, while, ahem, somewhat terse, is helpful too.

Enjoy,

RossB

Advertisements