5 releases (stable)
|1.0.3||Mar 16, 2023|
|1.0.2||Jan 24, 2023|
|1.0.1||Aug 6, 2022|
|1.0.0||Aug 4, 2022|
|0.3.0||Jul 7, 2022|
#1315 in Asynchronous
It’s a compact and portable SSH tarpit written in Rust and
Yup, there are millions of SSH tarpit servers, besides the original one.
Some are written in Rust as well, but—as far as I’ve seen—none of them use
To my taste, some of them are a bit too much, and some lack configurability. So here’s
Yet this pet project developed not to compete with anyone but to learn new things
and experiment. Not just with Rust and
async-std but also with things behind:
GitHub workflows, cross-compiling, containerization, etc. A somewhat complete
delivery cycle, in other words. (But no tests yet, maybe someday.)
Despite that, it should be 100% usable. Give it a try if it suits your tarpit needs.
DecoySSH is available as stand-alone binaries, a Cargo package, and a container image.
Cargo package can be installed as usually:
cargo install decoyssh
docker pull docker.io/aeron/decoyssh # …or… docker pull ghcr.io/aeron/decoyssh
Running the app with
--help option will give you the following:
Usage: decoyssh [OPTIONS] Options: -4, --ipv4-address [<IPV4_ADDR>...] IPv4 address(es) to bind on [max: 8] -6, --ipv6-address [<IPV6_ADDR>...] IPv6 address(es) to bind on [max: 8] -d, --delay <DELAY> Message delay (in milliseconds) [default: 10000] -l, --length <LENGTH> Maximum line length [default: 32] -c, --capacity <CAP> Maximum number of connections [default: 4096] -h, --help Print help information -V, --version Print version information
If no addresses are given, it’ll run on
0.0.0.0:22 only. To use both IPv4 and
IPv6 addresses, both options—with or without values—must be given explicitly.
All options are available as environment variables, with the same name as value names
but with the
DECOYSSH_ prefix. For example,
Running a container is pretty straigthforward:
docker -d --restart unless-stopped --name decoyssh \ --user=65534 \ -p 22/2222:tcp \ -e DECOYSSH_PORT=2222 \ docker.io/aeron/decoyssh
By default, the containerized app uses only an IPv4 address and
2222 port instead of
If you’re planning to use IPv4 binding only, you can use the container-specific
DECOYSSH_PORT variable to change the listening/exposed port number. Otherwise, use
standard environment variables explicitly.
Don’t forget about the unprivileged user trick. The container itself won’t enforce any specific UID.