anti
65d585569b
Cowrie was exposing an SSH daemon on port 22 alongside the telnet service even when COWRIE_SSH_ENABLED=false, contaminating deployments that did not request an SSH service. New implementation mirrors the SSH service pattern: - busybox telnetd in foreground mode on port 23 - /bin/login for real PAM authentication (brute-force attempts logged) - rsyslog RFC 5424 bridge piped to stdout for Docker log capture - Configurable root password and hostname via env vars - No Cowrie dependency
48 lines
1.4 KiB
Python
48 lines
1.4 KiB
Python
from pathlib import Path
|
|
|
|
from decnet.services.base import BaseService
|
|
|
|
TEMPLATES_DIR = Path(__file__).parent.parent.parent / "templates" / "telnet"
|
|
|
|
|
|
class TelnetService(BaseService):
|
|
"""
|
|
Real telnetd using busybox telnetd + rsyslog logging pipeline.
|
|
|
|
Replaced Cowrie emulation (which also started an SSH daemon on port 22)
|
|
with a real busybox telnetd so only port 23 is exposed and auth events
|
|
are logged as RFC 5424 via the same rsyslog bridge used by the SSH service.
|
|
|
|
service_cfg keys:
|
|
password Root password (default: "admin")
|
|
hostname Override container hostname
|
|
"""
|
|
|
|
name = "telnet"
|
|
ports = [23]
|
|
default_image = "build"
|
|
|
|
def compose_fragment(
|
|
self,
|
|
decky_name: str,
|
|
log_target: str | None = None,
|
|
service_cfg: dict | None = None,
|
|
) -> dict:
|
|
cfg = service_cfg or {}
|
|
env: dict = {
|
|
"TELNET_ROOT_PASSWORD": cfg.get("password", "admin"),
|
|
}
|
|
if "hostname" in cfg:
|
|
env["TELNET_HOSTNAME"] = cfg["hostname"]
|
|
|
|
return {
|
|
"build": {"context": str(TEMPLATES_DIR)},
|
|
"container_name": f"{decky_name}-telnet",
|
|
"restart": "unless-stopped",
|
|
"cap_add": ["NET_BIND_SERVICE"],
|
|
"environment": env,
|
|
}
|
|
|
|
def dockerfile_context(self) -> Path:
|
|
return TEMPLATES_DIR
|