From c45caf7f37281fd2ae781b344a5cec8cbe81bfbb Mon Sep 17 00:00:00 2001 From: Michel Oosterhof Date: Sun, 17 Jan 2016 10:32:35 +0400 Subject: [PATCH] authbind docs --- INSTALL.md | 15 +++++++++++++-- start.sh | 8 +++++++- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index d574091..9e0595f 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -2,7 +2,7 @@ Installing cowrie in six easy steps. -It's recommended to install under a separate non-root user id: +It's strongly recommended to install under a dedicated non-root user id: ``` $ sudo adduser --disabled-password cowrie @@ -37,13 +37,24 @@ $ ./start.sh Starting cowrie in the background... ``` -Cowry runs by default on port 2222. This can be modified in the configuration file. Running on port 22 is not recommended. +Cowry runs by default on port 2222. This can be modified in the configuration file. The following firewall rule will forward incoming traffic on port 22 to port 2222. ``` $ sudo iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 2222 ``` +Alternatively you can run authbind to listen as non-root on port 22 directly: + +``` +$ apt-get install authbind +$ touch /etc/authbind/byport/22 +$ chown cowrie:cowrie /etc/authbind/byport/22 +$ chmod 777 /etc/authbind/byport/22 +``` + +* Edit start.sh and modify the AUTHBIND_ENABLED setting +* Change listen_port to 22 in cowrie.cfg # Bugs and workarounds diff --git a/start.sh b/start.sh index b1759f3..f439499 100755 --- a/start.sh +++ b/start.sh @@ -1,4 +1,5 @@ #!/bin/sh +AUTHBIND_ENABLED=no set -e @@ -25,4 +26,9 @@ then fi echo "Starting cowrie in the background..." -twistd -l log/cowrie.log --pidfile cowrie.pid cowrie +if [ $AUTHBIND_ENABLED == "no" ] +then + twistd -l log/cowrie.log --pidfile cowrie.pid cowrie +else + authbind --deep twistd -l log/cowrie.log --pidfile cowrie.pid cowrie +fi