aljaz/cowrie
1
0
Fork 0
mirror of https://github.com/aljazceru/cowrie.git synced 2026-01-31 20:14:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

gracefully handle ecdsa failures

Browse Source
This commit is contained in:
Michel Oosterhof
2016-01-04 11:08:50 +00:00
parent 357073616c
commit 60ec0ca280
1 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
cowrie/ssh/userauth.py
View File

@@ -7,10 +7,13 @@ This module contains ...
import struct
from twisted.python import log
from twisted.internet import defer
from twisted.conch.interfaces import IConchUser
from twisted.conch.ssh import userauth
from twisted.conch.ssh.common import NS, getNS
from twisted.internet import defer
from twisted.conch import error
from cowrie.core import credentials
@@ -61,6 +64,17 @@ class HoneyPotSSHUserAuthServer(userauth.SSHUserAuthServer):
return userauth.SSHUserAuthServer.ssh_USERAUTH_REQUEST(self, packet)
def auth_publickey(self, packet):
"""
We subclass to intercept non-dsa/rsa keys, or Conch will crash on ecdsa..
"""
algName, blob, rest = getNS(packet[1:], 2)
if not algName in ('ssh-rsa', 'ssh-dsa'):
log.msg( "Attempted public key authentication with %s algorithm" % (algName,))
return defer.fail(error.ConchError("Incorrect signature"))
return userauth.SSHUserAuthServer.auth_publickey(self, packet)
def auth_none(self, packet):
"""
Allow every login