* Add configuration option to restrict connections to specified subnets
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
* Remove accidentally included message
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
* Move to cidr-matcher
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
* feat: Add configuration option to restrict connections to specified subnets
If config.json is present and user.privatekey has an ssh-rsa private key defined as well as a user.name, the SSH server will staticlly authenticate to whatever host is specified on the URL with those credentials.
The ssh-rsa private key must have is line returns replaced with the litaral \n
Example: "-----BEGIN RSA PRIVATE KEY-----\nblahblahblah\n"
* Accept default username/password overrides from config. Clarified supplying custom config. (#146)
* feat(auth): username and password may now be sourced from config.json fixes#104
* style:remove test changelog
* build:remove uglify from build process and reaplce with terser
* style:format changelog
* Accept default username/password overrides from config. Clarified supplying custom config. (#146)
* feat(auth): username and password may now be sourced from config.json fixes#104
- Missing require('fs') in `server/app.js` See issue [#135](../../issues/135)
- Patched read-config to mitigate vulnerability in js-yaml
- issue not exploitable on webssh2 implementation
- patched anyway
- sending my patch upstream to read-config, webssh2 package.json points to patched version in my repository https://github.com/billchurch/nodejs-read-config
- See https://github.com/nodeca/js-yaml/issues/475 for more detail
