~hamburghammer/sshlog

A small tool to log IPs, usernames and passwords from incoming ssh-auth requests.
Replace deprecated ioutil.ReadFile with new func from os
Replace own ip extraction function with func from net package
Update crypto lib

clone

read-only
https://git.sr.ht/~hamburghammer/sshlog
read/write
git@git.sr.ht:~hamburghammer/sshlog

You can also use your local clone with git send-email.

#sshlog

A small tool to log IPs, usernames and passwords from incoming ssh-auth requests.

It opens a minimal SSH-Server and listens on IPv4 and IPv6 for auth requests. The goal of this little tool is to log the requests coming from bots living inside the wild internet.

#Install

Make sure you have Golang installed and configured.

git clone https://git.sr.ht/~hamburghammer/sshlog
cd sshlog
go build

Now you should be able to execute the newly generated executable with ./sshlog.

#Usage

Start with:

sshlog -p 2222

Output:

2021/06/02 23:08:31 Starting ssh logger on port 2222...
2021/06/02 23:08:52 SRC=127.0.0.1 USERNAME=test PASSWORD=foo
2021/06/02 23:08:53 SRC=127.0.0.1 USERNAME=test PASSWORD=foof
2021/06/02 23:08:54 SRC=127.0.0.1 USERNAME=test PASSWORD=fooof

Output with --json:

2021/09/02 12:43:42 Starting ssh logger on port 2222...
{"date": "2021-09-02T12:44:15+02:00", "src": "127.0.0.1", "username": "test", "password": "foo"}
{"date": "2021-09-02T12:44:18+02:00", "src": "127.0.0.1", "username": "test", "password": "foof"}
{"date": "2021-09-02T12:44:21+02:00", "src": "127.0.0.1", "username": "test", "password": "fooof"}

#Options

A small tool to log IPs, usernames and passwords from incoming ssh-auth requests.

USAGE:
        sshlog [FLAGS]

FLAGS:
  -h, --help          Prints this help message and exits.
      --json          Log in JSON instead of plain text.
  -k, --key string    Path to the host key for the ssh server.
                      If absent it will automatically generate a new one for each run.
  -4, --onlyIPv4      Only listens on IPv4.
  -p, --port string   Port to listen for incoming connections. (default "22"))

#Utils

Inside the util directory you might find some additional information like how to create Systemd service for sshlog.

#License

This project is being licensed under the MIT license.