tinyssh
ssh-tarpit
tinyssh | ssh-tarpit | |
---|---|---|
8 | 1 | |
1,388 | 33 | |
- | - | |
5.0 | 0.0 | |
11 days ago | over 1 year ago | |
C | Python | |
Creative Commons Zero v1.0 Universal | The Unlicense |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tinyssh
-
Ldd /usr/sbin/sshd – Alpine vs. Ubuntu for exploitability of CVE-2024-3094
While on topic of sshd having minimal dependencies, shout-out to Jan Mojžíš and his minimalist implementation:
https://github.com/janmojzis/tinyssh/
- Tinyssh
-
Large scale Internet SSH brute force attacks seem to have stopped here
> [after] hardening steps [...] most of the bots can't even negotiate a connection
Yep, same here, except I'm using [tinyssh], which organically does not support anything other than ed25519/curve25519, sha256, and chacha-poly.
[tinyssh] https://tinyssh.org/
-
OpenSSH 8.9
djb suggested that for openssh instead of the tinydns kex, so tinydns switched also:
https://github.com/janmojzis/tinyssh/issues/50
- tinyssh
- FreeBSD SSH Hardening
ssh-tarpit
What are some alternatives?
dropbear - Dropbear SSH
sshlog - Patch to log OpenSSH Passwords
ssh-audit - SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
laravel-echo-server - Socket.io server for Laravel Echo
server-side-tls - Server side TLS Tools
lobbyboy - A lobby boy will create a VPS server when you need one, and destroy it after using it.
Samba - https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
testssl.sh - Testing TLS/SSL encryption anywhere on any port
crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
yubikey-agent - yubikey-agent is a seamless ssh-agent for YubiKeys.
endlessh - SSH tarpit that slowly sends an endless banner