pkgs/by-name/ss/sshesame/package.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

{ lib
, buildGoModule
, fetchFromGitHub
, nix-update-script
}:

buildGoModule rec {
  pname = "sshesame";
  version = "0.0.27";

  src = fetchFromGitHub {
    owner = "jaksi";
    repo = "sshesame";
    rev = "v${version}";
    hash = "sha256-pDLCOyjvbHM8Cw1AIt7+qTbCmH0tGSmwaTBz5pQ05bc=";
  };

  vendorHash = "sha256-iaINGWpj2gHfwsIOEp5PwlFBohXX591+/FBGyu656qI=";

  ldflags = [ "-s" "-w" ];

  hardeningEnable = [ "pie" ];

  passthru.updateScript = nix-update-script { };

  meta = {
    description = "An easy to set up and use SSH honeypot";
    longDescription = ''
      A fake SSH server that lets anyone in and logs their activity.
      sshesame accepts and logs SSH connections and activity (channels, requests),
      without doing anything on the host (e.g. executing commands, making network requests).
    '';
    homepage = "https://github.com/jaksi/sshesame";
    license = lib.licenses.asl20;
    maintainers = with lib.maintainers; [ eclairevoyant ];
    mainProgram = "sshesame";
  };
}