Getting Started
openme getting started, SPA quickstart, firewall knock setup, openme install, openme server setup
What is this OpenMe?
OpenMe is a Single Packet Authentication (SPA) server and client system. It lets you open ports on your server’s firewall temporarily by sending a specially crafted “knock” encrypted packet containing a valid cryptographic signature. You keep your ports closed and invisible to the outside world until you need them. This allows you to hide your services like SSH from port scans and brute-force attacks, while still being able to access them securely from your client devices.
Openme is multi-platform, with a GNU/Linux server and clients for GNU/Linux, macOS, Windows, iOS and Android.
Who is it for?
OpenMe is for anyone who wants to add an extra layer of security to their server by hiding open ports until they’re needed. It’s ideal for:
- Anyone running a home server who want to protect their personal servers or IoT devices
- System administrators who want to protect administration access to their servers but still access them remotely when needed.
- Developers who need to protect emote access to their development machines
You can learn how it compares to traditional VPNs, WireGuard, Tailscale or the traditional SPA fwknop in the FAQ →.
What will you have after this guide?
This guide gets you from zero to a working openme setup in about five minutes. You’ll end up with:
- A server daemon running on Linux, listening for knock packets
- A client config on your local machine (Linux, macOS or Windows)
- A successful knock that temporarily opens SSH
Prerequisites:
- Linux server with
iptablesornftablesandsudo/ root access - A client machine (any platform)
Steps
- Install & run the server — install the binary,
openme init,openme serve - Add a client —
openme add aliceon the server - Configure & knock — paste the config, run
openme knock
Once you have a working setup, explore the full reference docs: