Before we begin

Change standard ssh Port =Install some packets

• apt-get install python-dev openssl python-openssl python-pyasn1 python-twisted git authbind

Adduser and change visudo that kippo can list users

• adduser kippo
• visudo

add

kippo ALL=(ALL:ALL) ALL

under the “root” user. =create fil and change some rights?

• touch /etc/authbind/byport/22
• chown kippo:kippo /etc/authbind/byport/22
• chmod 777 /etc/authbind/byport/22

We have to install an older version of Python Twisted

manually because of issues with the current version of Twisted and Kippo. I can’t recall the error at the moment, but I’ll see if I can find it in the logs later.

• apt-get install python-dev
• cd /tmp
• wget https://github.com/twisted/twisted/archive/twisted-14.0.2.tar.gz
• tar -zxvf twisted-14.0.2.tar.gz
• cd twisted-twisted-14.0.2/
• ./setup.py install

At this point we enter the system as ‘kippo’ user and go to the /home directory.

• sudo - kippo

Download the latest Kippo version from GitHub

• git clone https://github.com/desaster/kippo.git

change port

• cd kippo
• sed -e "/ssh_port =/s/2222/22/" kippo.cfg.dist > kippo.cfg

Finally, change the Kippo start script

• sed -i.bak -e "/kippo.tac/s/twistd/authbind --deep &/" start.sh

start

• ./start.sh

netstat

• netstat -lntp

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 22627/python

Links

• https://bruteforce.gr/installing-kippo-ssh-honeypot-on-ubuntu.html
• https://thelosingedgeblog.wordpress.com/2016/02/15/kippo-kali-pi/