I built a HTTP-based shell system on top of a configuration management tool. It uses public key cryptography via JWTs, and generates noise to obfuscate keystroke timing. Since it's all over HTTP, you don't really get any port knocking, and you can expose access using proxies and middleware.

https://etcha.dev/docs/guides/shell-access