Dockerfile


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

FROM python:3-slim

WORKDIR /

# Update the image to remediate any vulnerabilities.
RUN apt clean && apt update && apt -y dist-upgrade && apt clean && rm -rf /var/lib/apt/lists/*

# Remove suid & sgid bits from all files.
RUN find / -xdev -perm /6000 -exec chmod ug-s {} \; 2> /dev/null || true

# Copy the ssh-audit code.
COPY ssh-audit.py .
COPY src/ .

# Allow listening on 2222/tcp for client auditing.
EXPOSE 2222

# Drop root privileges.
USER nobody:nogroup

ENTRYPOINT ["python3", "/ssh-audit.py"]