torjus/oubliette
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-03-09. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
a40110f2f5f52509ff79a664395ab6a0f1e3e397
oubliette/oubliette.toml.example
Torjus Håkestad a40110f2f5 fix: address high-severity security issues from review 
- Use subtle.ConstantTimeCompare for static credential checks to
  prevent timing side-channel attacks
- Cap failCounts (100k) and rememberedCreds (10k) maps with eviction
  to prevent memory exhaustion from botnet-scale scanning
- Sweep expired credentials on each auth attempt
- Add configurable max_connections (default 500) with semaphore to
  limit concurrent connections and prevent goroutine/fd exhaustion

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-14 16:41:23 +01:00

19 lines
288 B
Plaintext
Raw Blame History

log_level = "info"
[ssh]
listen_addr = ":2222"
host_key_path = "oubliette_host_key"
max_connections = 500
[auth]
accept_after = 10
credential_ttl = "24h"
[[auth.static_credentials]]
username = "root"
password = "toor"
[[auth.static_credentials]]
username = "admin"
password = "admin"
Reference in New Issue View Git Blame Copy Permalink