manfred-kaiser
commented
3 years ago In the next days, I will make your docker file compatible with the source code provided from the repo
Closed manfred-kaiser closed 3 years ago
manfred-kaiser
commented
3 years ago In the next days, I will make your docker file compatible with the source code provided from the repo
manfred-kaiser
commented
3 years ago OpensSSH server can be compiled and the server allows connections.
manfred-kaiser
commented
3 years ago The docker container works and the port 2222 from the container is available/exposed.
I have not tested start.sh and stop.sh to set the iptables rules and configure the network, but I have removed the check if sshd (from ssh-mitm), which breaks the scripts to run.
manfred-kaiser
commented
3 years ago I have tested the mitm server with the debug server settings in lol.h and it worked.
ARP Spoofing was not tested.
manfred-kaiser
commented
3 years ago This PR is ready to merge
manfred-kaiser
commented
3 years ago I have converted the docker file to a multistage build docker file (https://docs.docker.com/develop/develop-images/multistage-build/) to keep the final container clean from build artefacts
manfred-kaiser
commented
3 years ago If you wonder, why I'm contributing to your project:
I think our implementations are different and each tool has their advantages and disadvantages. While your's is more compatible with ssh clients and has integrated support for arp spoofing, mine is easier to extend due to the plugin support.
I think we can both profit and make ssh better and more secure, if we work together. This is the reason, why I have created this pull request to support your work.
I have written a comparison and when to use which product: Comparison between ssh-mitm/ssh-mitm and jtesta/ssh-mitm
I also want to include your server in my documentation to provide an alternative. There is already a list of jump/mitm server available: https://docs.ssh-mitm.at/jumphosts.html
jtesta
commented
3 years ago As I said before, I appreciate the hard work you've put into this PR, but it was easier for me to do it myself than review the 716 changed files.
If there are any further improvements you'd like to make, please let me know!
While working with patch files is an easy method to apply changes to an existing project, it is hard to maintain and to add new features.
Also the commit history becomes complicated and adding new features is even harder.
The original source code has to be compared with the patched source code and adding new features from multiple pull requests could get a pain.
I have created an issue ticket for this pull request #32