The idea here is you put your real SSH server on a different port and let Endlessh lock up the script kiddies for hours and even days.
Since the tarpit is in the banner before any cryptographic exchange occurs, this program doesn’t depend on any cryptographic libraries. It’s a simple, single-threaded, standalone C program. It uses
poll()to trap multiple clients at a time.
I’m not sure if this is actually a good idea or just fun to put into practice like those people who dedicate their precious free time scambaiting.