Skip to content
This repository has been archived by the owner on Jan 2, 2023. It is now read-only.

Setup using Docker

Jump to bottom
Emilien Devos edited this page Nov 2, 2016 · 11 revisions

Setup

Requirements

  • An Operating System (currently only tested on Ubuntu, Debian and OpenBSD)
  • Python 2.7
  • Twisted (python-twisted)
  • Cryptography (python-cryptography)
  • Docker
  • Docker python (docker-py)
  • GeoIP python (python-geoip)

Running

  1. Edit honssh.cfg to your liking
  2. Disable HONEYPOT STATIC: enabled = false
  3. Enable HONEYPOT DOCKER: enabled = true
  4. Enable both pre-auth and post-auth
  5. Set image = to a Docker image that has sshd installed and running like rastasheep/ubuntu-sshd:14.04 [Dont forget to pull the image using docker pull <image>]
  6. Set honey_port to the port that the Openssh of the docker image is listening to.
  7. Start honssh using:
./honsshctrl.sh START

honsshctrl.sh is a shell script (provided by Black September) that runs HonSSH in the background using twistd. Use 'honsshctrl.sh HELP' for more options.

You can also run it manually with more configuration options. For example, to run in the foreground use:

twistd -y honssh.tac -p honssh.pid -n

Troubleshooting

Error : No module named honssh after installed the requirements using pip

Try adding the PYTHONPATH to the Linux vars:

export PYTHONPATH="$PYTHONPATH:/folder/to/honssh"

The connection hangs and reply with no output

  1. Copy the SSH banner using telnet (example: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3):
  • telnet 127.0.0.1 22
  • exit
  1. Put it into the config file honssh.cfg at the var ssh_banner =.

Error : no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

Upgrade the requirements using pip:

pip install twisted cryptography --upgrade

tnich you should secure this page better - your friendly neighborhood hackerman :)

Clone this wiki locally