Hi Matt,
I was looking for a SSH honeypot... so I thought about adapting dropbear.
Seems to me it would be easy to disable any successfull logins by adapting
the
file svr_auth.c with
/* Send a success message to the user, and set the "authdone" flag */
void send_msg_userauth_success() {
#if DROPBEAR_SVR_HONEYPOT
send_msg_userauth_failure(0, 1);
#else
... original code
#endif
}
Is it really that easy to prevent any logins like that or am I forgetting
something.
I prefer dropbear besides all the other ssh honeypot implementations,
because I already use dropbear and I know the code....
Hans
