Feature request

[savelyglazkov]

Can you modify this program to record only correct passwords?
Can you also add session hijack when public key authentication is used?

[littlebear2]

This server is only able to intercept password authentication. There is a branch with public key authentication, but both authentication methods does not work together 😞

There is another @ssh-mitm project which is able to intercept public key authentication: https://github.com/ssh-mitm/ssh-mitm

With the other project, I was able to successfully intercept publickey and password authentication.

I don't know how this works, but the recommended project is able to use the same authentication method as the remote server. This means, if you want to login with publickey authentication it only accepts the same key as the remote server. If logging in with publickey authentication is not possible, because you have no publickeys which are allowed to login to the remote server, the mitm server falls back to password authentication. That's how magic works 😃

Note on publickey authentication: The other server is able to fully intercept publickey authentication, but only when an agent was forwarded. If no agent was forwarded, the session will be closed. This can be avoided if you use a honeypot as fallback.

ssh-mitm --remote-host 1.2.3.4:22 --fallback-host user:password@honeypot:22

The fallback host is only used, when the client is allowed to login with publickey authentication on the remote server but no agent was forwarded!
If the client is not allowed to login with publickey authentication on the remote server, authentication against the mitm server also fails.

[jtesta]

On Fri, 2021-10-29 at 03:53 -0700, littlebear2 wrote: @jtesta recommended me in #14 to use another project

I did not.

[littlebear2]

On Fri, 2021-10-29 at 03:53 -0700, littlebear2 wrote: @jtesta recommended me in #14 to use another project
I did not.

@jtesta I'm sorry if I misunderstood. 😢