man in the middle SSH Server for security audits and malware analysis
Password and publickey authentication are supported and SSH-MITM is able to detect,
if a user is able to login with publickey authentication on the remote server.
This allows SSH-MITM to accept the same key as the destination server.
If publickey authentication is not possible, the authentication will fall back to
When publickey authentication is possible, a forwarded agent is needed to login
to the remote server. In cases, when no agent was forwarded, SSH-MITM can rediredt
the session to a honeypot.
The packages for RHEL 7, RHEL 8, and RHEL 9 are in each distribution’s respective Extra Packages for Enterprise Linux (EPEL) repository. The instructions for adding this repository diverge slightly between RHEL 7, RHEL 8 and RHEL 9, which is why they’re listed separately below.
The EPEL repository can be added to RHEL 9 with the following command: