This is a basic guide how to install Kippo SSH Honeypot on OpenBSD 5.5 using chroot.

Please remember that this might be dangerous since the hacker depending of the skill set might find a way to escape from the honeypot or tries to find other service that are related to you. Only run a honeypot if you know what you are doing since the offender might retaliate

More information about Kippo can be found here:

Don’t run Kippo as root and use ports above 1024 (non privileged ports). Use port forwarding if you want to listen on port 22

5 thoughts on “How to install Kippo SSH honeypot on OpenBSD 5.5 with chroot

  1. brand new install of openBSD 5.5 on ramnode.

    I step outside these steps above was to add
    “export PKG_PATH= -a/” to my .profile.

    Fails to start:

    Any suggestions?

    1. Oh, you probably don’t have any /dev/?random devices in your chroot.

      try this dry run.

      cp -R /dev/MAKEDEV /var/kippo/dev
      chroot /var/kippo
      cd /dev
      ./MAKEDEV *random std
      rm MAKEDEV

      If this works I will have to modify the guide since I must have missed to document to chroot when creating devices.

      // Johan

    2. Hi Johan,

      I think you’re close…

      cp -R /dev/MAKEDEV /var/kippo/dev
      # chroot /var/kippo
      chroot: /bin/ksh: No such file or directory

      # whereis chroot

  2. chroot -ukippo -gkippo /var/kippo ./

    found this error :

    Failed to load application: No secure random source available

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.