From d4f3a7ef2a6c7cd570ff3f743416f1f4a7567fd3 Mon Sep 17 00:00:00 2001
From: Michel Oosterhof <micheloosterhof@users.noreply.github.com>
Date: Wed, 20 Nov 2024 09:52:11 +0800
Subject: [PATCH] add option to login with any public key (#2391)

additional logging
---
 etc/cowrie.cfg.dist         |  6 ++++++
 src/cowrie/core/checkers.py | 26 +++++++++++++++++++++++++-
 2 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/etc/cowrie.cfg.dist b/etc/cowrie.cfg.dist
index bea2bafa..2247a5ad 100644
--- a/etc/cowrie.cfg.dist
+++ b/etc/cowrie.cfg.dist
@@ -640,10 +640,16 @@ forward_tunnel = false
 # (default: false)
 #auth_none_enabled = false
 
+# Public key authentication
+# This is an all or nothing switch that will allow none or any public key certificate to login
+#
+# (default: false)
+auth_publickey_allow_any = false
 
 # Configure keyboard-interactive login
 auth_keyboard_interactive_enabled = false
 
+
 # ============================================================================
 # Telnet Specific Options
 # ============================================================================
diff --git a/src/cowrie/core/checkers.py b/src/cowrie/core/checkers.py
index 8696879f..5c23ed8a 100644
--- a/src/cowrie/core/checkers.py
+++ b/src/cowrie/core/checkers.py
@@ -43,7 +43,26 @@ class HoneypotPublicKeyChecker:
             type=_pubKey.sshType(),
         )
 
-        return failure.Failure(error.ConchError("Incorrect signature"))
+        if CowrieConfig.getboolean("ssh", "auth_publickey_allow_any", fallback=False):
+            log.msg(
+                eventid="cowrie.login.success",
+                format="public key login attempt for [%(username)s] succeeded",
+                username=credentials.username,
+                fingerprint=_pubKey.fingerprint(),
+                key=_pubKey.toString("OPENSSH"),
+                type=_pubKey.sshType(),
+            )
+            return defer.succeed(credentials.username)
+        else:
+            log.msg(
+                eventid="cowrie.login.failed",
+                format="public key login attempt for [%(username)s] failed",
+                username=credentials.username,
+                fingerprint=_pubKey.fingerprint(),
+                key=_pubKey.toString("OPENSSH"),
+                type=_pubKey.sshType(),
+            )
+            return failure.Failure(error.ConchError("Incorrect signature"))
 
 
 @implementer(ICredentialsChecker)
@@ -55,6 +74,11 @@ class HoneypotNoneChecker:
     credentialInterfaces = (conchcredentials.IUsername,)
 
     def requestAvatarId(self, credentials):
+        log.msg(
+            eventid="cowrie.login.success",
+            format="login attempt [%(username)s] succeeded",
+            username=credentials.username,
+        )
         return defer.succeed(credentials.username)