configurable authentication timeout

cowrie.cfg.dist

@@ -96,13 +96,11 @@ txtcmds_path = txtcmds
 # (default: 0)
 #download_limit_size = 10485760
 
-
 # TTY logging will log a transcript of the complete terminal interaction in UML
 # compatible format.
 # (default: true)
 ttylog = true
 
-
 # Default directory for TTY logs.
 # (default: ttylog_path = %(log_path)s/tty)
 ttylog_path = ${honeypot:log_path}/tty
@@ -112,6 +110,11 @@ ttylog_path = ${honeypot:log_path}/tty
 # (default: 180)
 interactive_timeout = 180
 
+# Authentication Timeout
+# The server disconnects after this time if the user has not successfully logged in.  If the value is 0,
+# there is no time limit.  The default is 120 seconds.
+authentication_timeout = 120
+
 # EXPERIMENTAL: back-end to user for Cowrie, options: proxy or shell
 # a limited implementation is available for proxy, with request_exec functionality only
 # (default: shell)

cowrie/ssh/transport.py

@@ -15,6 +15,9 @@ import struct
 import uuid
 from hashlib import md5
 import zlib
+from configparser import NoOptionError
+
+from cowrie.core.config import CONFIG
 
 from twisted.conch.ssh import transport
 from twisted.python import log, randbytes
@@ -67,8 +70,12 @@ class HoneyPotSSHTransport(transport.SSHServerTransport, TimeoutMixin):
         self.transport.write('{0}\r\n'.format(self.ourVersionString).encode('ascii'))
         self.currentEncryptions = transport.SSHCiphers(b'none', b'none', b'none', b'none')
         self.currentEncryptions.setKeys(b'', b'', b'', b'', b'', b'')
-        self.setTimeout(120)
+
         self.logintime = time.time()
+        try:
+            self.setTimeout(CONFIG.getint('honeypot', 'authentication_timeout'))
+        except NoOptionError:
+            self.setTimeout(120)
 
 
     def sendKexInit(self):