What does HackerNews think of endlessh?

Nice idea. From the docs:

Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server.

Since the tarpit is in the banner before any cryptographic exchange occurs, this program doesn't depend on any cryptographic libraries. It's a simple, single-threaded, standalone C program. It uses poll() to trap multiple clients at a time.

https://github.com/skeeto/endlessh

This is not the best solution (fail2ban and 2fa would be better) but https://github.com/skeeto/endlessh is a neat tool if you want to annoy someone with unsophisticated scripts. It’s worth noting that annoying a script kiddie might get you ddosed.

The post is referring to this: https://github.com/skeeto/endlessh

I'm guessing that the person you replied to is referring to the same.

I've seen endlessh[0] referenced in the past. Here's an article that talks about this and other SSH tarpits[1].

[0]: https://github.com/skeeto/endlessh

[1]: https://nullprogram.com/blog/2019/03/22/

> Wasting an attackers time is a fine goal. reply

This. Putting a tarpit on port 22 isn't going to stop an attacker, but it will slow the ssh scans down for everyone.

https://github.com/skeeto/endlessh

You may be interested in an SSH tarpit like Endlessh [1].

[1]: https://github.com/skeeto/endlessh