This repository has been archived by the owner on Jan 2, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 71
Setup using Docker
Emilien Devos edited this page Nov 2, 2016
·
11 revisions
- An Operating System (currently only tested on Ubuntu, Debian and OpenBSD)
- Python 2.7
- Twisted (python-twisted)
- Cryptography (python-cryptography)
- Docker
- Docker python (docker-py)
- GeoIP python (python-geoip)
- service_identity python
- Edit honssh.cfg to your liking
- Disable
HONEYPOT STATIC:enabled = false - Enable
HONEYPOT DOCKER:enabled = true - Enable both
pre-authandpost-auth - Set
image =to a Docker image that has sshd installed and running like rastasheep/ubuntu-sshd:14.04 (Dont forget to pull the image usingdocker pull <image>) Tips: If you are using the example docker image, don't forget to changelaunch_cmdto another command because sshd is already running inside the container. - Set
honey_portto the port that the Openssh of the docker image is listening to. - Start honssh using:
./honsshctrl.sh START
honsshctrl.sh is a shell script (provided by Black September) that runs HonSSH in the background using twistd. Use 'honsshctrl.sh HELP' for more options.
You can also run it manually with more configuration options. For example, to run in the foreground use:
twistd -y honssh.tac -p honssh.pid -n
Twisted developers made a typo from the 16.0.0 version, you have to replace the word backed to backend at the line 121 of the file /usr/local/lib/python2.7/dist-packages/twisted/conch/scripts/ckeygen.py.
Try adding the PYTHONPATH to the Linux vars:
export PYTHONPATH="$PYTHONPATH:/folder/to/honssh"
- Copy the SSH banner using telnet (example:
SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3):
telnet 127.0.0.1 22exit
- Put it into the config file
honssh.cfgat the varssh_banner =.
Upgrade the requirements using pip:
pip install twisted cryptography --upgrade
tnich you should secure this page better - your friendly neighborhood hackerman :)