Implement Samsung FridgeOS-themed shell (PLAN.md §3.3) with inventory
management, temperature controls, diagnostics, alerts, and other
appliance commands. Add per-credential shell routing so static
credentials can specify which shell to use via the `shell` config field,
passed through ssh.Permissions.Extensions.
Also extract shared ReadLine helper from bash to the shell package so
both shells can reuse terminal input handling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Use subtle.ConstantTimeCompare for static credential checks to
prevent timing side-channel attacks
- Cap failCounts (100k) and rememberedCreds (10k) maps with eviction
to prevent memory exhaustion from botnet-scale scanning
- Sweep expired credentials on each auth attempt
- Add configurable max_connections (default 500) with semaphore to
limit concurrent connections and prevent goroutine/fd exhaustion
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add core SSH server with password authentication, per-IP failure
tracking, credential memory with TTL, and static credential support.
Includes TOML config loading with validation, Ed25519 host key
auto-generation, and a Nix package output.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
