No connections accepted when config is present

[efstajas]

Thanks for this great project — seeing all these strange commands people try to enter is amazing.

I installed via Docker, and am now trying to remove the default header identifying the honeypot and make some further config tweaks now. However, as soon as I mount seemingly any yaml into the docker container to /config.yaml, strangely after starting the image, no connections are accepted on port 2022. The logs look totally fine, and the last entry is always "listening on ... :2022". When I remove the config.yaml mount and restart the container, it immediately starts working. Same log output, but connections accepted. I've triple checked that I'm not accidentally changing anything about the container network. Same thing happens whether I mount either of the two example configs from the readme.

Probably just messed something up, but not really sure what's going on.

[jaksi]

My guess is you either aren't setting the server.listen_address config option (the default is 127.0.0.1:2022), or you are setting it to a local address. For Docker port forwarding to work, the app needs to listen on 0.0.0.0 (well, technically it needs to listen on the network interface docker provides, 0.0.0.0 is just a simple way to achieve this).

Can you try with the following config file?

server:
  listen_address: 0.0.0.0:2022

[SofianeHamlaoui]

My guess is you either aren't setting the server.listen_address config option (the default is 127.0.0.1:2022), or you are setting it to a local address. For Docker port forwarding to work, the app needs to listen on 0.0.0.0 (well, technically it needs to listen on the network interface docker provides, 0.0.0.0 is just a simple way to achieve this).

Can you try with the following config file?

server:
  listen_address: 0.0.0.0:2022

instead of doing that, you can add a network_mode: host and removing the 127.0.0.1 on the docker compose file, so it can be exposed on the host's network.

[SofianeHamlaoui]

Same thing on the CLI too :

[efstajas]

you either aren't setting the server.listen_address config option (the default is 127.0.0.1:2022), or you are setting it to a local address

Thank you! This was indeed the problem.

Just a suggestion; might be a good idea to add a comment about this in the default configurations linked from the README, given (I assume) Docker is a popular installation method, and it seemingly defaults to 0.0.0.0 if no config file is present, but 127.0.0.1 if it is... (?). At least that's the only way I can explain that it worked without a config file at all, but didn't when I used the minimal example, which doesn't include listen_address.

Cheers ✌️

[jaksi]

Just a suggestion; might be a good idea to add a comment about this in the default configurations linked from the README, given (I assume) Docker is a popular installation method, and it seemingly defaults to 0.0.0.0 if no config file is present, but 127.0.0.1 if it is... (?). At least that's the only way I can explain that it worked without a config file at all, but didn't when I used the minimal example, which doesn't include listen_address.

Added a note in the README. BTW, the reason it works without a custom config is that the default listen_address is replaced when building the container: https://github.com/jaksi/sshesame/blob/master/Dockerfile#L5