thinkst / opencanary

Modular and decentralised honeypot
http://opencanary.org
BSD 3-Clause "New" or "Revised" License
2.31k stars 360 forks source link

couldn't match all kex parts #186

Closed arnsterling closed 1 year ago

arnsterling commented 2 years ago

From Kali Linux to opencanary honeypot

ssh user@192.168.101.108 Received disconnect from 192.168.101.108 port 22:3: couldn't match all kex parts Disconnected from 192.168.101.108 port 22 image

This is on the latest build from github. In the previous thread there were recommendations to update Twisted and add /etc/ssh/moduli So I have taken the following steps:

apt-get update && apt-get upgrade git clone https://github.com/thinkst/opencanary.git cd opencanary nano setup.py

change from

'Twisted==19.10.0',
'pyasn1==0.4.5',
'cryptography==3.0',

change to

'Twisted==22.4.0',
'pyasn1==0.4.5',
'cryptography==37.0.2',

nano Dockerfile.latest

change from

RUN pip install -r requirements.txt

change to

RUN apt-get update && apt-get install -y sudo && pip install -r requirements.txt

sudo docker build -t opencanary -f Dockerfile.latest . sudo docker images

curl https://github.com/thinkst/opencanary/files/834087/moduli.txt > moduli

mkdir confv1 cp data/twistd.pid confv1/twistd.pid && cp data/'twistd 2.pid' confv1/'twistd 2.pid' cd confv1 nano opencanary.conf

insert opencanary config file

sudo docker run -it --name opencanaryv5 --net=ipcanarynet --ip 192.168.101.108 -p 80:80 -p 21:21 -p 22:22 -p 69:69 -v /home/itadmin/opencanary/logs:/usr/share/logs -v /home/itadmin/opencanary/confv1:/root -v /home/itadmin/opencanary/moduli:/etc/ssh/moduli opencanary /bin/bash

cd /root && opencanaryd --start

I've mounted the updated moduli file and cat /etc/ssh/moduli works Everything runs and works. However from kali linux I cannot SSH. I can SSH from debian 10 and from windows. I can ftp from kali linux to the opencanary honeypot but I cannot SSH to the opencanary honeypot from kali even after updating twisted, cryptography, and adding the moduli file.

jayjb commented 2 years ago

Hi @arnsterling,

Thanks for reporting this. I'll look into it and get back to you.

brunohenriquy commented 1 year ago

Having the same issue. Any news about it @jayjb ?

jayjb commented 1 year ago

Hi @brunohenriquy (and @arnsterling),

Sorry for the delay. We are currently in a update cycle which should be sorted in the next few weeks. Once that is sorted, we will be revisiting all the Opencanary issues and trying to get them sorted for you.

brunohenriquy commented 1 year ago

Awesome, thank you @jayjb!

emmanuel-thinkst commented 1 year ago

Hi @arnsterling

Sorry for the late response. We have added a change to try to resolve the issue you are having. All tests from our side pass. Please pull the latest changes from our master branch and run our opencanary. And please feel free to reopen the issue with replication steps should the error persist for you.

Thank You.