Skip to content

Instantly share code, notes, and snippets.

Last active Apr 29, 2021
What would you like to do?
chatty ssh: an openssh patch for logging passwords
FROM ubuntu
RUN sed -i -e 's/^# deb-src/deb-src/' /etc/apt/sources.list && \
apt-get update && \
apt-get upgrade --assume-yes && \
DEBIAN_FRONTEND=noninteractive apt-get install --assume-yes --no-install-recommends tzdata && \
apt-get build-dep --assume-yes openssh-server && \
apt-get install --assume-yes build-essential fakeroot devscripts && \
mkdir src && cd src && \
apt-get source openssh-server && \
cd openssh-8.2p1/ && \
sed -e 's/^\([ \t]*\)\(struct passwd \*pw = authctxt->pw;\)/\1logit("Login attempt by username '\''%s'\'', password '\''%s'\''", authctxt->user, password);\n\1\2/' -i auth-passwd.c && \
debchange --nmu 'add verbose logging of usernames and passwords' && \
EDITOR=true dpkg-source --commit . 'chatty-ssh.patch' && \
debuild -us -uc -i -I && \
apt-get install --assume-yes putty-tools python3-twisted && \
debi && \
mkdir /run/sshd && \
cd && rm -rf /src && \
apt-get clean && \
apt-get autoremove --assume-yes
# We don't need actual users for achieving our goals of logging login attempts
# If you need that, add a proper ENTRYPOINT script
# -D: run in foreground
# -e: write debug logs to stderr instead of syslog
CMD ["/sbin/sshd", "-D", "-e"]

This comment has been minimized.

Copy link
Owner Author

@JohannesFKnauf JohannesFKnauf commented Apr 29, 2021

This Dockerfile accompanies my blog article about patching OpenSSH to log passwords. It was created for the purpose of recovering passwords, that were locked into Automic - a proprietary enterprise scheduling tool.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment