Marco Ochse

@giga-a For some reason that went pass by me (so thanks to @Just5KY for opening this issue!). Just tested this out and noticed (although supported) it does not seem to...

@Just5KY Thanks for testing and reopening!

@Just5KY Just tested SMTP for now in the hopes it is just a config tweak before spending more time on this 😄 @giga-a Happy to test more if it helps,...

Pushed the changes (so far) to [T-Pot](https://github.com/telekom-security/tpotce/commit/a28dfec046205d6e6740382bb4d64923f2e58713), images pushed. Since the compose file changed you need to run `update.sh`.

@Just5KY According to the [Readme](https://github.com/qeeqbox/honeypots/blob/main/README.md) not all services do support logging `command_input`. My understanding is that https and snmp are not supported (supported list at the end).

@Just5KY @giga-a I can confirm this for SSH, connection is logged, but then the connection hangs ...: ``` honeypots | {"action": "login", "dest_ip": "0.0.0.0", "dest_port": "22", "password": "123456", "protocol": "ssh",...

Within FTP the log differentiates between the actions for `command` and `connection`. Within SMTP this is not the case; as user I'd expect `connection` just for the connection and `command`...

@giga-a Thanks. I am testing with nmap / lftp / ssh / telnet on Linux / Debian. Based on my tests the behavior stayed the same for ftp / ssh.

@giga-a Mixed bag. Tested on same machine (passive mode, too) and from other machines. With Cyberduck on macOS I am getting a `550 Requested action not taken; file unavailable`: ```...

... nevermind, even in `network_mode: "host"` the behavior does not change.