Esempio n. 1
0
 def makeSSHFactory(self, primes=None):
     sshFactory = factory.SSHFactory()
     gpk = lambda: {'ssh-rsa': keys.Key(None)}
     sshFactory.getPrimes = lambda: primes
     sshFactory.getPublicKeys = sshFactory.getPrivateKeys = gpk
     sshFactory.startFactory()
     return sshFactory
Esempio n. 2
0
 def testMultipleFactories(self):
     f1 = factory.SSHFactory()
     f2 = factory.SSHFactory()
     gpk = lambda: {'ssh-rsa': keys.Key(None)}
     f1.getPrimes = lambda: None
     f2.getPrimes = lambda: {1: (2, 3)}
     f1.getPublicKeys = f2.getPublicKeys = gpk
     f1.getPrivateKeys = f2.getPrivateKeys = gpk
     f1.startFactory()
     f2.startFactory()
     p1 = f1.buildProtocol(None)
     p2 = f2.buildProtocol(None)
     self.failIf(
         'diffie-hellman-group-exchange-sha1' in p1.supportedKeyExchanges,
         p1.supportedKeyExchanges)
     self.failUnless(
         'diffie-hellman-group-exchange-sha1' in p2.supportedKeyExchanges,
         p2.supportedKeyExchanges)
Esempio n. 3
0
 def makeSSHFactory(self, primes=None):
     sshFactory = factory.SSHFactory()
     sshFactory.getPrimes = lambda: primes
     sshFactory.getPublicKeys = lambda: {
         b"ssh-rsa": keys.Key.fromString(publicRSA_openssh)
     }
     sshFactory.getPrivateKeys = lambda: {
         b"ssh-rsa": keys.Key.fromString(privateRSA_openssh)
     }
     sshFactory.startFactory()
     return sshFactory
Esempio n. 4
0
    def __init__(self):
        super(SSHService, self).__init__()

        self._name = Config.ssh.name
        self._port = Config.ssh.port

        p = Portal(SSHRealm())
        p.registerChecker(SSHService.honeytokendb)

        self._fService = factory.SSHFactory()
        self._fService.services[b'ssh-userauth'] = groveUserAuth

        self._limiter = Limiter(self._fService, Config.ssh.name,
                                Config.ssh.connections_per_host)

        self._fService.portal = p

        # self.protocol = SSHProtocol
        # self._fService.protocol = self.protocol
        home = expanduser('~')

        # XXX: These paths should be configurable
        privateKeyPath = home + '/.ssh/id_honeygrove'
        publicKeyPath = home + '/.ssh/id_honeygrove.pub'

        # Generate RSA keys if they don't exist
        if not (exists(privateKeyPath) and exists(publicKeyPath)):
            key = keys.rsa.generate_private_key(public_exponent=65537,
                                                key_size=4096,
                                                backend=default_backend())
            private_key = key.private_bytes(
                serialization.Encoding.PEM,
                serialization.PrivateFormat.TraditionalOpenSSL,
                serialization.NoEncryption())
            public_key = key.public_key().public_bytes(
                serialization.Encoding.OpenSSH,
                serialization.PublicFormat.OpenSSH)

            # make .ssh directory, if it doesn't exist
            os.makedirs(dirname(publicKeyPath), exist_ok=True)

            with open(privateKeyPath, 'w') as f:
                f.write(private_key.decode())
            with open(publicKeyPath, 'w') as f:
                f.write(public_key.decode())

        self._fService.privateKeys = {
            b'ssh-rsa': keys.Key.fromFile(privateKeyPath)
        }
        self._fService.publicKeys = {
            b'ssh-rsa': keys.Key.fromFile(publicKeyPath)
        }
Esempio n. 5
0
def run(host='127.0.0.1', port=2222):
    """
    Run a pretend SSH server.
    """
    sshFactory = factory.SSHFactory()
    sshFactory.portal = portal.Portal(PretendRealm())
    sshFactory.portal.registerChecker(RecordPassAllCredentials())

    sshFactory.publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)}
    sshFactory.privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)}

    reactor.listenTCP(port, sshFactory, interface=host)
    reactor.run()
Esempio n. 6
0
def main():
    log.startLogging(sys.stdout)

    sshFactory = factory.SSHFactory()
    sshFactory.portal = portal.Portal(SSHRealm())

    sshFactory.portal.registerChecker(
        checkers.InMemoryUsernamePasswordDatabaseDontUse(admin='admin')
    )

    publicKey, privateKey = getRSAKeys()
    sshFactory.publicKeys = {'ssh-rsa': publicKey}
    sshFactory.privateKeys = {'ssh-rsa': privateKey}

    reactor.listenTCP(2222, sshFactory)
    reactor.run()
Esempio n. 7
0
    def hook_to_reactor(self, reactor):
        ssh_factory = factory.SSHFactory()
        ssh_factory.portal = portal.Portal(SSHDemoRealm(self.switch_core))
        if not self.users:
            self.users = {'root': b'root'}
        ssh_factory.portal.registerChecker(
            checkers.InMemoryUsernamePasswordDatabaseDontUse(**self.users))

        host_public_key, host_private_key = getRSAKeys()
        ssh_factory.publicKeys = {
            b'ssh-rsa': keys.Key.fromString(data=host_public_key.encode())}
        ssh_factory.privateKeys = {
            b'ssh-rsa': keys.Key.fromString(data=host_private_key.encode())}

        lport = reactor.listenTCP(port=self.port, factory=ssh_factory, interface=self.ip)
        logging.info(lport)
        logging.info("%s (SSH): Registered on %s tcp/%s" % (self.switch_core.switch_configuration.name, self.ip, self.port))
        return lport
Esempio n. 8
0
 def test_buildProtocolSignatureAlgorithms(self):
     """
     buildProtocol() sets supportedPublicKeys to the list of supported
     signature algorithms.
     """
     f = factory.SSHFactory()
     f.getPublicKeys = lambda: {
         b"ssh-rsa": keys.Key.fromString(publicRSA_openssh),
         b"ssh-dss": keys.Key.fromString(publicDSA_openssh),
     }
     f.getPrivateKeys = lambda: {
         b"ssh-rsa": keys.Key.fromString(privateRSA_openssh),
         b"ssh-dss": keys.Key.fromString(privateDSA_openssh),
     }
     f.startFactory()
     p = f.buildProtocol(None)
     self.assertEqual(
         [b"rsa-sha2-512", b"rsa-sha2-256", b"ssh-rsa", b"ssh-dss"],
         p.supportedPublicKeys,
     )
Esempio n. 9
0
        KEY_LENGTH = 1024
        rsaKey = RSA.generate(KEY_LENGTH, common.entropy.get_bytes)
        publicKeyString = keys.makePublicKeyString(rsaKey)
        privateKeyString = keys.makePrivateKeyString(rsaKey)
        # save keys for next time
        file('public.key', 'w+b').write(publicKeyString)
        file('private.key', 'w+b').write(privateKeyString)
        print "done."
    else:
        publicKeyString = file('public.key').read()
        privateKeyString = file('private.key').read()
    return publicKeyString, privateKeyString

if __name__ == "__main__":
    start_logging()
    components.registerAdapter(XsweetSession, SSHAvatar, session.ISession)
    sshFactory = factory.SSHFactory()
    sshFactory.portal = portal.Portal(SSHRealm())
    sshFactory.portal.registerChecker(HoneypotPasswordChecker())
    pubKeyString, privKeyString = getRSAKeys()

    sshFactory.publicKeys = {
        'ssh-rsa': keys.Key.fromString(data=pubKeyString)}
    sshFactory.privateKeys = {
        'ssh-rsa': keys.Key.fromString(data=privKeyString)}

    from twisted.internet import reactor
    reactor.listenTCP(2222, sshFactory)
    reactor.run()