security/sshesame: new port

An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in
and logs their activity. sshesame accepts and logs SSH connections and activity
(channels, requests), without doing anything on the host (e.g. executing
commands, making network requests).

GIDs

@@ -308,7 +308,7 @@ elog:*:364:
 gotify:*:365:
 opengist:*:366:
 velbustcpd:*:367:
-# free: 368
+sshesame:*:368:
 # free: 369
 _wsdd:*:370:
 # free: 371

UIDs

@@ -314,7 +314,7 @@ elog:*:364:364::0:0:Elog server:/nonexistent:/usr/sbin/nologin
 gotify:*:365:365::0:0:Gotify User:/var/db/gotify:/usr/sbin/nologin
 opengist:*:366:366::0:0:OpenGist User:/var/db/opengist:/usr/sbin/nologin
 velbustcpd:*:367:367::0:0:Velbustcp Deamon:/nonexistent:/usr/sbin/nologin
-# free: 368
+sshesame:*:368:368::0:0:Sshesame Daemon:/nonexistent:/usr/sbin/nologin
 # free: 369
 _wsdd:*:370:370::0:0:Web Service Discovery Daemon:/nonexistent:/usr/sbin/nologin
 # free: 371

security/sshesame/Makefile

@@ -0,0 +1,27 @@
+PORTNAME=	sshesame
+DISTVERSIONPREFIX=	v
+DISTVERSION=	0.0.39
+CATEGORIES=	security
+
+MAINTAINER=	skozlov@FreeBSD.org
+COMMENT=	Easy to set up and use SSH honeypot
+WWW=		https://github.com/jaksi/sshesame
+
+LICENSE=	APACHE20
+LICENSE_FILE=	${WRKSRC}/LICENSE
+
+USES=		go:1.22,modules
+USE_RC_SUBR=	${PORTNAME}
+
+USERS=		sshesame
+GROUPS=		sshesame
+
+GO_MODULE=	github.com/jaksi/sshesame
+
+PLIST_FILES=	"@sample etc/${PORTNAME}.yaml.sample" \
+		bin/${PORTNAME}
+
+post-install:
+	${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.yaml ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.yaml.sample
+
+.include <bsd.port.mk>

security/sshesame/distinfo

@@ -0,0 +1,5 @@
+TIMESTAMP = 1745923901
+SHA256 (go/security_sshesame/sshesame-v0.0.39/v0.0.39.mod) = c4f5d9cfa804935307c14fa9a884d83b1732b13bb80529871db5a5394254d33d
+SIZE (go/security_sshesame/sshesame-v0.0.39/v0.0.39.mod) = 630
+SHA256 (go/security_sshesame/sshesame-v0.0.39/v0.0.39.zip) = 4dfe91efa8b6d55886d29d9ec18c20ddcef4a828f463c562c1c73d1841e15f04
+SIZE (go/security_sshesame/sshesame-v0.0.39/v0.0.39.zip) = 63861

security/sshesame/files/sshesame.in

@@ -0,0 +1,55 @@
+#!/bin/sh
+
+# PROVIDE: sshesame
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+#
+# Add the following line to /etc/rc.conf to enable sshesame:
+#
+# sshesame_enable (bool):	Set to "NO" by default.
+#                          	Set to "YES" to enable sshesame.
+# sshesame_user (str):      Default to "sshesame".
+# sshesame_group (str):     Default to "sshesame".
+#                          	User and group to run sshesame with.
+# sshesame_config (str):    Default to "%%PREFIX%%/etc/sshesame.yaml".
+#                          	sshesame config file.
+# sshesame_datadir (str):	Default to "/var/db/sshesame".
+#                          	Directory to store automatically generated host keys in
+# sshesame_logdir (str):    Default to "/var/log/sshesame".
+#                          	Directory to store sshesame logs
+
+. /etc/rc.subr
+
+name=sshesame
+rcvar=sshesame_enable
+desc="SSH honeypot"
+
+load_rc_config sshesame
+
+: ${sshesame_enable:=NO}
+: ${sshesame_user:=sshesame}
+: ${sshesame_group:=sshesame}
+: ${sshesame_config=%%PREFIX%%/etc/sshesame.yaml}
+: ${sshesame_datadir=/var/db/sshesame}
+: ${sshesame_logdir=/var/log/sshesame}
+
+pidfile=/var/run/${name}/${name}.pid
+start_precmd=sshesame_precmd
+procname="%%PREFIX%%/bin/sshesame"
+required_files="${sshesame_config}"
+command=/usr/sbin/daemon
+command_args="-cf -p ${pidfile} -o ${sshesame_logdir}/sshesame.out ${procname} -config ${sshesame_config} -data_dir ${sshesame_datadir}"
+
+sshesame_precmd()
+{
+    # Create PID file directory
+    install -d -o ${sshesame_user} -g ${sshesame_group} -m 0755 "$(dirname ${pidfile})"
+
+    install -d -o ${sshesame_user} -g ${sshesame_group} -m 0755 "${sshesame_datadir}"
+    install -d -o ${sshesame_user} -g ${sshesame_group} -m 0755 "${sshesame_logdir}"
+
+    # Remove default flags, they're added in `command_args` manually
+    rc_flags=""
+}
+
+run_rc_command "$1"

security/sshesame/pkg-descr

@@ -0,0 +1,3 @@
+sshesame accepts and logs SSH connections and activity (channels, requests),
+without doing anything on the host (e.g. executing commands, making network
+requests).