Repository: fffaraz/fakessh
Branch: master
Commit: 22238462b9e4
Files: 12
Total size: 8.8 KB
Directory structure:
gitextract_15v6q3lv/
├── .dockerignore
├── .github/
│ ├── FUNDING.yml
│ └── workflows/
│ ├── docker-image.yml
│ └── go.yml
├── .gitignore
├── Dockerfile
├── LICENSE
├── README.md
├── docker-compose.yml
├── fakessh.go
├── go.mod
└── go.sum
================================================
FILE CONTENTS
================================================
================================================
FILE: .dockerignore
================================================
.git/
.github/
volumes/
.gitignore
docker-compose.yml
LICENSE
README.md
================================================
FILE: .github/FUNDING.yml
================================================
# These are supported funding model platforms
github: fffaraz # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
patreon: # Replace with a single Patreon username
open_collective: # Replace with a single Open Collective username
ko_fi: # Replace with a single Ko-fi username
tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
liberapay: # Replace with a single Liberapay username
issuehunt: # Replace with a single IssueHunt username
otechie: # Replace with a single Otechie username
lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
================================================
FILE: .github/workflows/docker-image.yml
================================================
name: Docker Image CI
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
if: github.event_name == 'push'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=sha
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64,linux/arm/v7
push: ${{ github.event_name == 'push' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
================================================
FILE: .github/workflows/go.yml
================================================
# This workflow will build a golang project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
name: Go
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: '1.25'
- name: Build
run: go build -v ./...
- name: Test
run: go test -v ./...
================================================
FILE: .gitignore
================================================
volumes/
fakessh
*.exe
================================================
FILE: Dockerfile
================================================
FROM golang:alpine AS builder
WORKDIR /app
COPY . .
RUN CGO_ENABLED=0 go build -ldflags="-w -s" .
FROM scratch
COPY --from=builder /app/fakessh /fakessh
EXPOSE 22
ENTRYPOINT ["/fakessh"]
================================================
FILE: LICENSE
================================================
BSD 3-Clause License
Copyright (c) 2022, Faraz Fallahi <fffaraz@gmail.com>
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
================================================
FILE: README.md
================================================
# FakeSSH
A dockerized SSH honeypot server written in Go that logs login attempts.
Password authentication always fails, so no terminal access is granted to the attacker.
## Quick Start
```
go install github.com/fffaraz/fakessh@latest
sudo setcap 'cap_net_bind_service=+ep' ~/go/bin/fakessh
fakessh [optional-log-directory]
```
OR
```
docker run -it --rm -p 22:22 ghcr.io/fffaraz/fakessh
```
OR
```
docker run -d --restart=always -p 22:22 --name fakessh ghcr.io/fffaraz/fakessh
docker logs -f fakessh
```
### See also
* [jaksi/sshesame](https://github.com/jaksi/sshesame) - A fake SSH server that lets everyone in and logs their activity
* [shazow/ssh-chat](https://github.com/shazow/ssh-chat) - Custom SSH server written in Go; instead of a shell, you get a chat prompt
* [gliderlabs/ssh](https://github.com/gliderlabs/ssh) - Easy SSH servers in Golang
* [gliderlabs/sshfront](https://github.com/gliderlabs/sshfront) - Programmable SSH frontend
* [desaster/kippo](https://github.com/desaster/kippo) - SSH honeypot
* [micheloosterhof/cowrie](https://github.com/micheloosterhof/cowrie) - SSH/Telnet honeypot
* [fzerorubigd/go0r](https://github.com/fzerorubigd/go0r) - A simple SSH honeypot in Go
* [droberson/ssh-honeypot](https://github.com/droberson/ssh-honeypot) - Fake sshd that logs IP addresses, usernames, and passwords
* [x0rz/ssh-honeypot](https://github.com/x0rz/ssh-honeypot) - Fake sshd that logs IP addresses, usernames, and passwords
* [tnich/honssh](https://github.com/tnich/honssh) - Logs all SSH communications between a client and server
* [Learn from your attackers - SSH HoneyPot](https://www.robertputt.co.uk/learn-from-your-attackers-ssh-honeypot.html)
* [cowrie](https://github.com/cowrie/cowrie) - SSH/Telnet honeypot
================================================
FILE: docker-compose.yml
================================================
version: '3'
services:
fakessh:
build: .
image: fffaraz/fakessh:latest
restart: always
network_mode: host
container_name: fakessh
command: /log
volumes:
- ./volumes/fakessh:/log
================================================
FILE: fakessh.go
================================================
package main
import (
"crypto/rand"
"crypto/rsa"
"errors"
"fmt"
"log"
"net"
"os"
"time"
"golang.org/x/crypto/ssh"
)
var errBadPassword = errors.New("permission denied")
func main() {
if len(os.Args) > 1 {
logPath := fmt.Sprintf("%s/fakessh-%s.log", os.Args[1], time.Now().Format("2006-01-02-15-04-05-000"))
logFile, err := os.OpenFile(logPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644)
if err != nil {
log.Println("Failed to open log file:", logPath, err)
return
}
defer logFile.Close()
log.SetOutput(logFile)
}
log.SetFlags(log.LstdFlags | log.Lmicroseconds)
serverConfig := &ssh.ServerConfig{
MaxAuthTries: 6,
PasswordCallback: passwordCallback,
ServerVersion: randomServerVersion(),
}
privateKey, _ := rsa.GenerateKey(rand.Reader, 2048)
signer, _ := ssh.NewSignerFromSigner(privateKey)
serverConfig.AddHostKey(signer)
listener, err := net.Listen("tcp", ":22")
if err != nil {
log.Println("Failed to listen:", err)
return
}
defer listener.Close()
for {
conn, err := listener.Accept()
if err != nil {
log.Println("Failed to accept:", err)
break
}
go handleConn(conn, serverConfig)
}
}
func randomServerVersion() string {
serverVersions := []string{
"SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3",
"SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3",
"SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10",
"SSH-2.0-OpenSSH_7.4",
"SSH-2.0-OpenSSH_8.0",
"SSH-2.0-OpenSSH_8.4p1 Debian-2~bpo10+1",
"SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1",
"SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6",
}
return serverVersions[time.Now().UnixNano()%int64(len(serverVersions))]
}
func passwordCallback(conn ssh.ConnMetadata, password []byte) (*ssh.Permissions, error) {
log.Println(conn.RemoteAddr(), string(conn.ClientVersion()), conn.User(), string(password))
time.Sleep(100 * time.Millisecond)
return nil, errBadPassword
}
func handleConn(conn net.Conn, serverConfig *ssh.ServerConfig) {
defer conn.Close()
conn.SetDeadline(time.Now().Add(30 * time.Second))
log.Println(conn.RemoteAddr())
ssh.NewServerConn(conn, serverConfig)
}
================================================
FILE: go.mod
================================================
module github.com/fffaraz/fakessh
go 1.25.0
require golang.org/x/crypto v0.49.0
require golang.org/x/sys v0.42.0 // indirect
================================================
FILE: go.sum
================================================
golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4=
golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA=
golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo=
golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU=
golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A=
gitextract_15v6q3lv/ ├── .dockerignore ├── .github/ │ ├── FUNDING.yml │ └── workflows/ │ ├── docker-image.yml │ └── go.yml ├── .gitignore ├── Dockerfile ├── LICENSE ├── README.md ├── docker-compose.yml ├── fakessh.go ├── go.mod └── go.sum
SYMBOL INDEX (4 symbols across 1 files)
FILE: fakessh.go
function main (line 18) | func main() {
function randomServerVersion (line 59) | func randomServerVersion() string {
function passwordCallback (line 73) | func passwordCallback(conn ssh.ConnMetadata, password []byte) (*ssh.Perm...
function handleConn (line 79) | func handleConn(conn net.Conn, serverConfig *ssh.ServerConfig) {
Condensed preview — 12 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (10K chars).
[
{
"path": ".dockerignore",
"chars": 72,
"preview": ".git/\n.github/\nvolumes/\n.gitignore\ndocker-compose.yml\nLICENSE\nREADME.md\n"
},
{
"path": ".github/FUNDING.yml",
"chars": 811,
"preview": "# These are supported funding model platforms\n\ngithub: fffaraz # Replace with up to 4 GitHub Sponsors-enabled usernames "
},
{
"path": ".github/workflows/docker-image.yml",
"chars": 1198,
"preview": "name: Docker Image CI\n\non:\n push:\n branches: [ \"master\" ]\n pull_request:\n branches: [ \"master\" ]\n\njobs:\n\n build"
},
{
"path": ".github/workflows/go.yml",
"chars": 527,
"preview": "# This workflow will build a golang project\n# For more information see: https://docs.github.com/en/actions/automating-bu"
},
{
"path": ".gitignore",
"chars": 23,
"preview": "volumes/\nfakessh\n*.exe\n"
},
{
"path": "Dockerfile",
"chars": 188,
"preview": "FROM golang:alpine AS builder\nWORKDIR /app\nCOPY . .\nRUN CGO_ENABLED=0 go build -ldflags=\"-w -s\" .\n\nFROM scratch\nCOPY --f"
},
{
"path": "LICENSE",
"chars": 1520,
"preview": "BSD 3-Clause License\n\nCopyright (c) 2022, Faraz Fallahi <fffaraz@gmail.com>\n\nRedistribution and use in source and binary"
},
{
"path": "README.md",
"chars": 1750,
"preview": "# FakeSSH\n\nA dockerized SSH honeypot server written in Go that logs login attempts.\nPassword authentication always fails"
},
{
"path": "docker-compose.yml",
"chars": 215,
"preview": "version: '3'\n\nservices:\n fakessh:\n build: .\n image: fffaraz/fakessh:latest\n restart: always\n network_mode: "
},
{
"path": "fakessh.go",
"chars": 2093,
"preview": "package main\n\nimport (\n\t\"crypto/rand\"\n\t\"crypto/rsa\"\n\t\"errors\"\n\t\"fmt\"\n\t\"log\"\n\t\"net\"\n\t\"os\"\n\t\"time\"\n\n\t\"golang.org/x/crypto/"
},
{
"path": "go.mod",
"chars": 128,
"preview": "module github.com/fffaraz/fakessh\n\ngo 1.25.0\n\nrequire golang.org/x/crypto v0.49.0\n\nrequire golang.org/x/sys v0.42.0 // i"
},
{
"path": "go.sum",
"chars": 467,
"preview": "golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4=\ngolang.org/x/crypto v0.49.0/go.mod h1:ErX4dU"
}
]
About this extraction
This page contains the full source code of the fffaraz/fakessh GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 12 files (8.8 KB), approximately 3.0k tokens, and a symbol index with 4 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.