LoginGraceTime or equivalent?
Closed this issue · 3 comments
Is there any way in 'sshpiperd' to specify something like 'LoginGraceTime' (or other timeouts) as in 'sshd'?
We often encounter dos-like attacks when users from eastern IPs just having fun e.g. by 'telnet our.sshpiper.server 22'.
In such cases 'sshpiperd' does never timeout or drop the connection. So after a short time our ssh proxy is out of free slots.
Are there any plans to support something like 'LoginGraceTime'?
Thanks this is very important
359fa09
added option
--login-grace-time=
Piper disconnects after this time if the pipe has not successfully established (default: 30s) [$SSHPIPERD_LOGIN_GRACETIME]
please test if you have time
Thanks for such a fast fix!
A quick test by my own says that it is working. Let me see over the weekend what the bad internet is saying to this change...
BTW: A totally fresh installation by 'go get -u github.com/tg123/sshpiper/sshpiperd' says:
# github.com/tg123/sshpiper/sshpiperd/challenger
go/src/github.com/tg123/sshpiper/sshpiperd/challenger/provider.go:12:84: undefined: ssh.AdditionalChallengeContext
# github.com/tg123/sshpiper/sshpiperd/upstream
go/src/github.com/tg123/sshpiper/sshpiperd/upstream/provider.go:17:59: undefined: ssh.AdditionalChallengeContext
go/src/github.com/tg123/sshpiper/sshpiperd/upstream/provider.go:17:103: undefined: ssh.AuthPipe
Please use Go1.12+