[mathrawka]

I once had a legitimate use case for port knocking. The network monitoring software at Yahoo! Japan was very strict and you were not allowed to connect to a system outside of their network via SSH. (Don't get me started on the local spyware installed on everyone's Windows boxes... that was easy to inject a DLL into and crash though). Me being extremely evil, wanted to connect to my home computer over SSH.

They had a loophole that the network monitoring system would trigger an alert that gets manually verified. If the port was open, they could verify that it was an actual SSH server. If the port was closed, they would write it off as a false alarm.

[spindritf]

sslh[1] usually allows you to reach it even through fairly restrictive firewalls. At least unless they have their certs installed and inspect ssl traffic.

[1] http://www.rutschle.net/tech/sslh.shtml

[icebraining]

They don't need to have certs installed, since sslh doesn't actually tunnel SSH-over-SSL, it just redirects the connection to the right daemon. Simply pointing ssh to that port would have given up the trick.

[nmcfarl]

Most useful comment in this whole conversation. Incredibly handy for home servers - for which I'd just resigned myself to the fate of running ssh on port 80.