And there are roughly 1267650600228229401496703205376 port 22's in the IPv6 space - I've substracted a few for reserved and unassigned spaces, but at this scale a few orders of magnitude hardly matter.
Here, for comparison:
281474976710656 - total ports in IPv4 space
18446744073709551616 - 4 port combinations
1267650600228229401496703205376 - my estimation for 22 in IPv6
And if you don't block the knocking when receiving traffic on another port, brute forcing gets quite a bit easier. I mean, it's still unreasonable. But my point is, when we accept 0,001% chance as possible, I don't think we can say that 0,000001% is impossible - just a lot less possible ;)
18446744073709551616 is 65 bits. Let’s simplify, you're trying to guess a number in 2^64 You can’t guess in parallel. Reasonable constraints on the server side (i.e. limit tries on the combination/per hour before suspending ssh for a while) may have been implemented.
I’d say cracking that is… Unfeasible.
That also assumes you know the existence of a server on which there is ssh under an unknown combination of port knocking of length 4.
The actual chances for guessing the 4 port combination are closer to 0.000000000000000000001%, about as likely as winning the lottery three times in a row. If you're trying to brute-force me with those odds, I'll take my chances.
Here, for comparison:
And if you don't block the knocking when receiving traffic on another port, brute forcing gets quite a bit easier. I mean, it's still unreasonable. But my point is, when we accept 0,001% chance as possible, I don't think we can say that 0,000001% is impossible - just a lot less possible ;)