it's just a bit sad that there was never a proper port knocking protocol established, which had features and was provably secure in theory and implementation, than no one would have issues de/activating ssh per on need-basis