25 lines
1.2 KiB
Markdown
25 lines
1.2 KiB
Markdown
# Docker SSH Authorized Keys Challenge
|
|
|
|
This is a simple challenge utilizing docker-compose to setup a ssh client/control environment where the controller is trying to connect into the client to dump a file.
|
|
|
|
## Setup
|
|
|
|
Running `docker-compose up -d --build` will setup a default environment.
|
|
|
|
Login with the default user `user` and check the container logs for the generated password.
|
|
The default password can be manually overridden with the `USER_PASSWORD` variable on the client host.
|
|
All "scoring" public/private keys will be stored under a local `keys` directory.
|
|
If the `user` key already exists a new one will not be created
|
|
|
|
## Goal
|
|
|
|
The goal is to give teams access to login to the `client` container and properly setup a provided public key.
|
|
Once the key is properly setup a file will appear in the appropriate teams home folder.
|
|
Since could take up to a minute to show up after completion.
|
|
|
|
For added complexity, the `SSHD_CHALLENGE_DIR` exists changing the default AuthorizedKeysFile within SSHD.
|
|
This adds a further challenge since teams will need to checkout the configuration in `/etc/ssh/sshd_config` for the correct structure.
|
|
|
|
The text which gets dumped into `~/.flag` can be controlled via the `SCORING_FLAG` variable.
|
|
|