FakeSSH is an SSH server which denies all login requests sent its way. It's the result of literally minutes of work.
Move your real SSH server to a different port, then run the FakeSSH server.
In a sense, FakeSSH is based on the idea that security through obscurity is kind of like adding a single bit to your security, the value of which is widely known. It might actually prevent a targeted attack by an unskilled attacker.
Mostly, though, I just like the idea that someone is wasting time trying to log into a server which will literally never let them in.
- python
- paramiko
- Create an RSA key using
ssh_keygen. Save it to data/rsa. - Copy data/config.sample.json to data/config.json
- Edit if desired.
- Run
server.pywith python.
If you're on Ubuntu, you could create an upstart script at /etc/init/fakessh.conf:
# fakessh
description "A fake SSH server"
author "Tyler Menezes <tylermenezes@gmail.com>"
start on runlevel [2345]
stop on runlevel [016]
respawn
exec python /opt/fakessh/server.py
If you enable logging, you can run python stats.py to get statistics about login attempts. --today will get you the count today, and --hist will produce a graph of the last week. (You can use them both together.)