diff options
| -rw-r--r-- | GIDs | 2 | ||||
| -rw-r--r-- | UIDs | 2 | ||||
| -rw-r--r-- | security/sshesame/Makefile | 27 | ||||
| -rw-r--r-- | security/sshesame/distinfo | 5 | ||||
| -rw-r--r-- | security/sshesame/files/sshesame.in | 55 | ||||
| -rw-r--r-- | security/sshesame/pkg-descr | 3 |
6 files changed, 92 insertions, 2 deletions
@@ -308,7 +308,7 @@ elog:*:364: gotify:*:365: opengist:*:366: velbustcpd:*:367: -# free: 368 +sshesame:*:368: # free: 369 _wsdd:*:370: # free: 371 @@ -314,7 +314,7 @@ elog:*:364:364::0:0:Elog server:/nonexistent:/usr/sbin/nologin gotify:*:365:365::0:0:Gotify User:/var/db/gotify:/usr/sbin/nologin opengist:*:366:366::0:0:OpenGist User:/var/db/opengist:/usr/sbin/nologin velbustcpd:*:367:367::0:0:Velbustcp Deamon:/nonexistent:/usr/sbin/nologin -# free: 368 +sshesame:*:368:368::0:0:Sshesame Daemon:/nonexistent:/usr/sbin/nologin # free: 369 _wsdd:*:370:370::0:0:Web Service Discovery Daemon:/nonexistent:/usr/sbin/nologin # free: 371 diff --git a/security/sshesame/Makefile b/security/sshesame/Makefile new file mode 100644 index 000000000000..ddba948fae64 --- /dev/null +++ b/security/sshesame/Makefile @@ -0,0 +1,27 @@ +PORTNAME= sshesame +DISTVERSIONPREFIX= v +DISTVERSION= 0.0.39 +CATEGORIES= security + +MAINTAINER= skozlov@FreeBSD.org +COMMENT= Easy to set up and use SSH honeypot +WWW= https://github.com/jaksi/sshesame + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +USES= go:1.22,modules +USE_RC_SUBR= ${PORTNAME} + +USERS= sshesame +GROUPS= sshesame + +GO_MODULE= github.com/jaksi/sshesame + +PLIST_FILES= "@sample etc/${PORTNAME}.yaml.sample" \ + bin/${PORTNAME} + +post-install: + ${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.yaml ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.yaml.sample + +.include <bsd.port.mk> diff --git a/security/sshesame/distinfo b/security/sshesame/distinfo new file mode 100644 index 000000000000..2e9ae7e8a15d --- /dev/null +++ b/security/sshesame/distinfo @@ -0,0 +1,5 @@ +TIMESTAMP = 1745923901 +SHA256 (go/security_sshesame/sshesame-v0.0.39/v0.0.39.mod) = c4f5d9cfa804935307c14fa9a884d83b1732b13bb80529871db5a5394254d33d +SIZE (go/security_sshesame/sshesame-v0.0.39/v0.0.39.mod) = 630 +SHA256 (go/security_sshesame/sshesame-v0.0.39/v0.0.39.zip) = 4dfe91efa8b6d55886d29d9ec18c20ddcef4a828f463c562c1c73d1841e15f04 +SIZE (go/security_sshesame/sshesame-v0.0.39/v0.0.39.zip) = 63861 diff --git a/security/sshesame/files/sshesame.in b/security/sshesame/files/sshesame.in new file mode 100644 index 000000000000..593de16821b2 --- /dev/null +++ b/security/sshesame/files/sshesame.in @@ -0,0 +1,55 @@ +#!/bin/sh + +# PROVIDE: sshesame +# REQUIRE: LOGIN +# KEYWORD: shutdown +# +# Add the following line to /etc/rc.conf to enable sshesame: +# +# sshesame_enable (bool): Set to "NO" by default. +# Set to "YES" to enable sshesame. +# sshesame_user (str): Default to "sshesame". +# sshesame_group (str): Default to "sshesame". +# User and group to run sshesame with. +# sshesame_config (str): Default to "%%PREFIX%%/etc/sshesame.yaml". +# sshesame config file. +# sshesame_datadir (str): Default to "/var/db/sshesame". +# Directory to store automatically generated host keys in +# sshesame_logdir (str): Default to "/var/log/sshesame". +# Directory to store sshesame logs + +. /etc/rc.subr + +name=sshesame +rcvar=sshesame_enable +desc="SSH honeypot" + +load_rc_config sshesame + +: ${sshesame_enable:=NO} +: ${sshesame_user:=sshesame} +: ${sshesame_group:=sshesame} +: ${sshesame_config=%%PREFIX%%/etc/sshesame.yaml} +: ${sshesame_datadir=/var/db/sshesame} +: ${sshesame_logdir=/var/log/sshesame} + +pidfile=/var/run/${name}/${name}.pid +start_precmd=sshesame_precmd +procname="%%PREFIX%%/bin/sshesame" +required_files="${sshesame_config}" +command=/usr/sbin/daemon +command_args="-cf -p ${pidfile} -o ${sshesame_logdir}/sshesame.out ${procname} -config ${sshesame_config} -data_dir ${sshesame_datadir}" + +sshesame_precmd() +{ + # Create PID file directory + install -d -o ${sshesame_user} -g ${sshesame_group} -m 0755 "$(dirname ${pidfile})" + + install -d -o ${sshesame_user} -g ${sshesame_group} -m 0755 "${sshesame_datadir}" + install -d -o ${sshesame_user} -g ${sshesame_group} -m 0755 "${sshesame_logdir}" + + # Remove default flags, they're added in `command_args` manually + rc_flags="" +} + +run_rc_command "$1" diff --git a/security/sshesame/pkg-descr b/security/sshesame/pkg-descr new file mode 100644 index 000000000000..5ea249190458 --- /dev/null +++ b/security/sshesame/pkg-descr @@ -0,0 +1,3 @@ +sshesame accepts and logs SSH connections and activity (channels, requests), +without doing anything on the host (e.g. executing commands, making network +requests). |