* Add SSH keys mount (mimicking default non-Docker behaviour).
* Increase manifest version to lowest 3.x supporting bind mounts.
* Change restart policy from `always` to `unless-stopped`.
* Set a container name.
* Fix port indentation to 2 spaces, as done elsewhere.
* move loading whitelist+ops from file to auth and save the loaded files fro reloading
* add /whitelist command with lots of open questions
* add test for /whitelist
* gofmt
* use the same auth (the tests don't seem to care, but htis is more right)
* mutex whitelistMode and remove some deferred TODOs
* s/whitelist/allowlist/ (user-facing); move helper functions outside the handler function
* check for ops in Auth.CheckPublicKey and move /allowlist handling to helper functions
* possibly fix the test timeout in HostNameCollision
* Revert "possibly fix the test timeout in HostNameCollision" (didn't work)
This reverts commit 664dbb0976.
* managed to reproduce the timeout after updating, hopefully it's the same one
* remove some unimportant TODOs; add a message when reverify kicks people; add a reverify test
* add client connection with key; add test for /allowlist import AGE
* hopefully make test less racy
* s/whitelist/allowlist/
* fix crash on specifying exactly one more -v flag than the max level
* use a key loader function to move file reading out of auth
* add loader to allowlist test
* minor message changes
* add --whitelist with a warning; update tests for messages
* apparently, we have another prefix
* check names directly on the User objects in TestHostNameCollision
* not allowlisted -> not allowed
* small message change
* update test
Fixes#402
When the user is not set as away, using the
`/back` or `/away` command should return error.
The previous behaviour was inconsistent,
`/away` sent a message and `/back` ignored it.
New behaviour is error for both cases.
Co-authored-by: Akshay <akshay.shekher@gmail.com>
* Move password authentication handling into sshd/auth (fixes#394).
Password authentication is now completely handeled in Auth. The normal
keyboard-interactive handler checks if passwords are supported and asks
for them, removing the need to override the callbacks.
Brute force throttling is removed; I'd like to base it on IP address
banning, which requires changes to the checks.
I'm not sure, but I think timing attacks against the password are fixed:
- The hashing of the real password happens only at startup.
- The hashing of a provided password is something an attacker can do
themselves; It doesn't leak anything about the real password.
- The hash comparison is constant-time.
* refactor checks, IP-ban incorrect passphrases, renames
- s/assword/assphrase/, typo fixes
- bans are checked separately from public keys
- an incorrect passphrase results in a one-minute IP ban
- whitelists no longer override bans (i.e. you can get banned if you're
whitelisted)
* (hopefully) final changes
* Fixes Env Vars to pass config to ssh-chat.
The env vars were beign parsed and set to the host
before the user was even added to the host and
hence ignored. This change moves the env var parsing
to after initializing the user.
TODO: tests, completeness+reliability
* cleaned up the test
* reduced test flakyness by adding wait instead of being optimistic
Co-authored-by: Akshay <akshay.shekher@gmail.com>
made away toggle status, like irc
updated /away feature
* added away message
* added broadcast away message as emote
* updated names list to show away users on the same line, with colors
added /away -> back message
Update away time to be time since marked away
reverted changes made for /list
Andrey Petrov
Steven Leibrock
pataquets
mik2k2
Andrey Petrov
Akshay Shekher
Akshay
Sy Tran
Abdelkader Bouadjadja
Alwin Lohrie