github r-smith/deceptifeed v0.66.0
0.66.0
on GitHub

latest release: v0.67.0
19 days ago

Changes

Threat Feed

Honeypots

  • You can now set the status code the HTTP honeypot uses for error pages (such as when a page isn't found). Previously, it'd always use 404. You can now use any 400- or 500-series code. In the honeypot configuration, use <errorCode>...</errorCode>, such as <errorCode>403</errorCode>.
  • If you set the HTTP honeypot to use error code 401, the error page prompts users for basic auth.
  • Changed the default SSH version identifier to OpenSSH_9.9 (this is sent to clients as part of the SSH handshake)
  • When generating new SSH private keys, the ed25519 algorithm is now used rather than RSA. This matches what's usually seen on modern SSH servers. Existing RSA keys remain fully compatible and won't be replaced unless deleted.
  • The SSH honeypot now fully supports public key authentication. Previously, public key auth was advertised, but ignored if clients used it. Public key auth attempts are now logged and fully integrate with the Threat Feed.

Logs

  • For SSH logs, the authentication method is now logged as auth_method. This will equal either password or publickey.
  • When Proxy Protocol or an IP HTTP header is configured, the proxy IP address is now logged as proxy_ip rather than remote_ip.
  • You can now set the server's hostname that appears in logs using the DECEPTIFEED_HOSTNAME environment variable. Blank strings are supported too.

Fixes and Performance

  • Numerous performance improvements have been made. See the full changelog below for a list.
  • Fixed a few data race bugs.

Other

I wanted to delete a commit someone submitted last year (just a typo fix), because I didn't like them showing up in the contributor list. I used git rebase without fully understanding the effects. The commit is now deleted, but timestamps in the commit history are reset. Every commit I've made (after the deleted commit) now has today's timestamp on it.

All of my commits are now signed. You'll see the green verified tag in the commit history. The git rebase command I ran also re-pushed my old commits, so most of the history is showing signed.

I've enabled immutable releases on this repository. This is a new GitHub feature that prevents releases from being modified or deleted after publishing.


Full Changelog: v0.65.0...v0.66.0


Binaries built with Go 1.25.6 using make all from the project root.

Check out latest releases or
releases around r-smith/deceptifeed v0.66.0

Don't miss a new deceptifeed release

NewReleases is sending notifications on new releases.

Get notifications