Rss

  • linkedin

How to install Kippo SSH honeypot on OpenBSD 5.5 with chroot

This is a basic guide how to install Kippo SSH Honeypot on OpenBSD 5.5 using chroot.

Please remember that this might be dangerous since the hacker depending of the skill set might find a way to escape from the honeypot or tries to find other service that are related to you. Only run a honeypot if you know what you are doing since the offender might retaliate

More information about Kippo can be found here: https://code.google.com/p/kippo/

Don’t run Kippo as root and use ports above 1024 (non privileged ports). Use port forwarding if you want to listen on port 22

Comments (5)

  1. […] from BSDCan (or the fateful attempt to get there) and turn their attention to FreeBSD 11, OpenBSD honeypots with Kippo, and doing cool stuff with rdomains on OpenBSD, among […]

  2. jungle

    brand new install of openBSD 5.5 on ramnode.

    I step outside these steps above was to add
    “export PKG_PATH=ftp://openbsd.cs.toronto.edu/pub/OpenBSD/5.5/packages/machine -a/” to my .profile.

    Fails to start:
    http://pastiebin.com/538cbc0a49ab3

    Any suggestions?

    • Johan Ryberg

      Oh, you probably don’t have any /dev/?random devices in your chroot.

      try this dry run.

      cp -R /dev/MAKEDEV /var/kippo/dev
      chroot /var/kippo
      cd /dev
      ./MAKEDEV *random std
      rm MAKEDEV
      exit

      If this works I will have to modify the guide since I must have missed to document to chroot when creating devices.

      // Johan

    • jungle

      Hi Johan,

      I think you’re close…

      cp -R /dev/MAKEDEV /var/kippo/dev
      # chroot /var/kippo
      chroot: /bin/ksh: No such file or directory

      # whereis chroot
      /usr/sbin/chroot

  3. rifqi

    chroot -ukippo -gkippo /var/kippo ./start.sh

    found this error :

    Failed to load application: No secure random source available

Leave a Reply

Your email address will not be published. Required fields are marked *