typescript-virtual-container 1.2.0 → 1.2.1

package/dist/VirtualShell/index.js

@@ -1,6 +1,7 @@
 import { randomBytes } from "node:crypto";
 import { EventEmitter } from "node:events";
 import { createCustomCommand, registerCommand, runCommand } from "../commands";
+import { createPerfLogger } from "../utils/perfLogger";
 import VirtualFileSystem from "../VirtualFileSystem";
 import { VirtualUserManager } from "../VirtualUserManager";
 import { startShell } from "./shell";
@@ -9,12 +10,19 @@ const defaultShellProperties = {
     os: "Fortune GNU/Linux x64",
     arch: "x86_64",
 };
+const perf = createPerfLogger("VirtualShell");
+let cachedRootPassword = null;
 function resolveRootPassword() {
+    if (cachedRootPassword) {
+        return cachedRootPassword;
+    }
     const configured = process.env.SSH_MIMIC_ROOT_PASSWORD;
     if (configured && configured.trim().length > 0) {
-        return configured;
+        cachedRootPassword = configured.trim();
+        return cachedRootPassword;
     }
     const generated = randomBytes(18).toString("base64url");
+    cachedRootPassword = generated;
     console.warn(`[ssh-mimic] SSH_MIMIC_ROOT_PASSWORD missing; generated ephemeral root password: ${generated}`);
     return generated;
 }
@@ -47,6 +55,7 @@ class VirtualShell extends EventEmitter {
      */
     constructor(hostname, properties, basePath) {
         super();
+        perf.mark("constructor");
         this.hostname = hostname;
         this.properties = properties || defaultShellProperties;
         this.basePath = basePath || ".";
@@ -67,6 +76,7 @@ class VirtualShell extends EventEmitter {
      * Call this before any authentication or command execution.
      */
     async ensureInitialized() {
+        perf.mark("ensureInitialized");
         await this.initialized;
     }
     /**
@@ -91,6 +101,7 @@ class VirtualShell extends EventEmitter {
      * @param cwd
      */
     executeCommand(rawInput, authUser, cwd) {
+        perf.mark("executeCommand");
         runCommand(rawInput, authUser, this.hostname, "shell", cwd, this);
         this.emit("command", { command: rawInput, user: authUser, cwd });
     }
@@ -103,6 +114,7 @@ class VirtualShell extends EventEmitter {
      * @param remoteAddress The address of the remote client.
      */
     startInteractiveSession(stream, authUser, sessionId, remoteAddress, terminalSize) {
+        perf.mark("startInteractiveSession");
         // Interactive shell logic
         this.emit("session:start", { user: authUser, sessionId, remoteAddress });
         startShell(this.properties, stream, authUser, this.hostname, sessionId, remoteAddress, terminalSize, this);
@@ -139,6 +151,7 @@ class VirtualShell extends EventEmitter {
      * @param content File content.
      */
     writeFileAsUser(authUser, targetPath, content) {
+        perf.mark("writeFileAsUser");
         this.users.assertWriteWithinQuota(authUser, targetPath, content);
         this.vfs.writeFile(targetPath, content);
     }

package/dist/VirtualUserManager/index.d.ts

@@ -25,12 +25,14 @@ export interface VirtualActiveSession {
 /**
  * Persistent user, sudoers, and active-session manager for the shell runtime.
  *
- * Passwords are hashed with scrypt and stored in the backing virtual filesystem.
+ * Passwords are hashed with scrypt by default and stored in the backing virtual filesystem.
  */
 export declare class VirtualUserManager extends EventEmitter {
     private readonly vfs;
     private readonly defaultRootPassword;
     private readonly autoSudoForNewUsers;
+    private static readonly recordCache;
+    private static readonly fastPasswordHash;
     private readonly usersPath;
     private readonly sudoersPath;
     private readonly quotasPath;
@@ -169,6 +171,7 @@ export declare class VirtualUserManager extends EventEmitter {
     private loadSudoersFromVfs;
     private loadQuotasFromVfs;
     private persist;
+    private writeIfChanged;
     private createRecord;
     private hashPassword;
     private validateUsername;

package/dist/VirtualUserManager/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualUserManager/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AAE1D,gDAAgD;AAChD,MAAM,WAAW,iBAAiB;IACjC,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,YAAY,EAAE,MAAM,CAAC;CACrB;AAED,2DAA2D;AAC3D,MAAM,WAAW,oBAAoB;IACpC,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,GAAG,EAAE,MAAM,CAAC;IACZ,sCAAsC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;CAClB;AAED;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,YAAY;IAmBlD,OAAO,CAAC,QAAQ,CAAC,GAAG;IACpB,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IApBrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAoC;IAC9D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAmC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkC;IAC7D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA2B;IACvD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAwC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA2C;IAC1E,OAAO,CAAC,OAAO,CAAK;IAEpB;;;;;;OAMG;gBAEe,GAAG,EAAE,iBAAiB,EACtB,mBAAmB,GAAE,MAAe,EACpC,mBAAmB,GAAE,OAAc;IAKrD;;;OAGG;IACU,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAgCxC;;;;;OAKG;IACU,aAAa,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAchB;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMxD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAIrD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAS9C;;;;;;;;OAQG;IACI,sBAAsB,CAC5B,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAAG,MAAM,GAC1B,IAAI;IAmCP;;;;;;OAMG;IACI,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IASlE;;;;;OAKG;IACU,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBvE;;;;;OAKG;IACU,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY3E;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBxD;;;;;OAKG;IACI,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAI1C;;;;OAIG;IACU,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvD;;;;OAIG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU1D;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,oBAAoB;IAiBvB;;;;OAIG;IACI,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,IAAI;IAgBpE;;;;;;OAMG;IACI,aAAa,CACnB,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACpC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,IAAI;IAiBP;;;;OAIG;IACI,kBAAkB,IAAI,oBAAoB,EAAE;IAMnD,OAAO,CAAC,WAAW;IA4BnB,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,iBAAiB;YAwBX,OAAO;IAmCrB,OAAO,CAAC,YAAY;IASpB,OAAO,CAAC,YAAY;IAIpB,OAAO,CAAC,gBAAgB;IAUxB,OAAO,CAAC,gBAAgB;CAKxB"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualUserManager/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AAE1D,gDAAgD;AAChD,MAAM,WAAW,iBAAiB;IACjC,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,YAAY,EAAE,MAAM,CAAC;CACrB;AAED,2DAA2D;AAC3D,MAAM,WAAW,oBAAoB;IACpC,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,GAAG,EAAE,MAAM,CAAC;IACZ,sCAAsC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;CAClB;AAYD;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,YAAY;IAqBlD,OAAO,CAAC,QAAQ,CAAC,GAAG;IACpB,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IAtBrC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAwC;IAC3E,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAA6B;IACrE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAoC;IAC9D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAmC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkC;IAC7D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA2B;IACvD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAwC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA2C;IAC1E,OAAO,CAAC,OAAO,CAAK;IAEpB;;;;;;OAMG;gBAEe,GAAG,EAAE,iBAAiB,EACtB,mBAAmB,GAAE,MAAe,EACpC,mBAAmB,GAAE,OAAc;IAMrD;;;OAGG;IACU,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAyCxC;;;;;OAKG;IACU,aAAa,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAehB;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOxD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAKrD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAU9C;;;;;;;;OAQG;IACI,sBAAsB,CAC5B,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAAG,MAAM,GAC1B,IAAI;IAoCP;;;;;;OAMG;IACI,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAUlE;;;;;OAKG;IACU,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA0BvE;;;;;OAKG;IACU,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAa3E;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBxD;;;;;OAKG;IACI,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAK1C;;;;OAIG;IACU,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWvD;;;;OAIG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAW1D;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,oBAAoB;IAkBvB;;;;OAIG;IACI,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,IAAI;IAiBpE;;;;;;OAMG;IACI,aAAa,CACnB,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACpC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,IAAI;IAkBP;;;;OAIG;IACI,kBAAkB,IAAI,oBAAoB,EAAE;IAOnD,OAAO,CAAC,WAAW;IA4BnB,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,iBAAiB;YAwBX,OAAO;IA0CrB,OAAO,CAAC,cAAc;IAiBtB,OAAO,CAAC,YAAY;IAkBpB,OAAO,CAAC,YAAY;IAQpB,OAAO,CAAC,gBAAgB;IAUxB,OAAO,CAAC,gBAAgB;CAKxB"}

package/dist/VirtualUserManager/index.js

@@ -1,15 +1,24 @@
-import { randomBytes, randomUUID, scryptSync } from "node:crypto";
+import { createHash, randomBytes, randomUUID, scryptSync } from "node:crypto";
 import { EventEmitter } from "node:events";
 import * as path from "node:path";
+import { createPerfLogger } from "../utils/perfLogger";
+function resolveFastPasswordHash() {
+    const configured = process.env.SSH_MIMIC_FAST_PASSWORD_HASH;
+    return (!!configured &&
+        !["0", "false", "no", "off"].includes(configured.toLowerCase()));
+}
+const perf = createPerfLogger("VirtualUserManager");
 /**
  * Persistent user, sudoers, and active-session manager for the shell runtime.
  *
- * Passwords are hashed with scrypt and stored in the backing virtual filesystem.
+ * Passwords are hashed with scrypt by default and stored in the backing virtual filesystem.
  */
 export class VirtualUserManager extends EventEmitter {
     vfs;
     defaultRootPassword;
     autoSudoForNewUsers;
+    static recordCache = new Map();
+    static fastPasswordHash = resolveFastPasswordHash();
     usersPath = "/virtual-env-js/.auth/htpasswd";
     sudoersPath = "/virtual-env-js/.auth/sudoers";
     quotasPath = "/virtual-env-js/.auth/quotas";
@@ -31,32 +40,39 @@ export class VirtualUserManager extends EventEmitter {
         this.vfs = vfs;
         this.defaultRootPassword = defaultRootPassword;
         this.autoSudoForNewUsers = autoSudoForNewUsers;
+        perf.mark("constructor");
     }
     /**
      * Loads users/sudoers from disk and ensures root account exists.
      * Also creates the current system user if not already present.
      */
     async initialize() {
+        perf.mark("initialize");
         this.loadFromVfs();
         this.loadSudoersFromVfs();
         this.loadQuotasFromVfs();
-        this.users.set("root", this.createRecord("root", this.defaultRootPassword));
+        let changed = false;
+        if (!this.users.has("root")) {
+            this.users.set("root", this.createRecord("root", this.defaultRootPassword));
+            changed = true;
+        }
         this.sudoers.add("root");
         // Auto-create current system user for easier authentication
         const currentUser = process.env.USER || process.env.USERNAME;
         if (currentUser && currentUser !== "root" && !this.users.has(currentUser)) {
-            // Use same password as root for convenience, or a generic default
             const userPassword = this.defaultRootPassword;
             this.users.set(currentUser, this.createRecord(currentUser, userPassword));
             this.sudoers.add(currentUser);
-            // Create home directory for the system user
+            changed = true;
             const homePath = `/home/${currentUser}`;
             if (!this.vfs.exists(homePath)) {
                 this.vfs.mkdir(homePath, 0o755);
                 this.vfs.writeFile(`${homePath}/README.txt`, `Welcome to the virtual environment, ${currentUser}`);
             }
         }
-        await this.persist();
+        if (changed) {
+            await this.persist();
+        }
         this.emit("initialized");
     }
     /**
@@ -66,6 +82,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param maxBytes Quota ceiling in bytes.
      */
     async setQuotaBytes(username, maxBytes) {
+        perf.mark("setQuotaBytes");
         this.validateUsername(username);
         if (!this.users.has(username)) {
             throw new Error(`quota: user '${username}' does not exist`);
@@ -82,6 +99,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param username Target username.
      */
     async clearQuota(username) {
+        perf.mark("clearQuota");
         this.validateUsername(username);
         this.quotas.delete(username);
         await this.persist();
@@ -93,6 +111,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns Quota in bytes, or null when unlimited.
      */
     getQuotaBytes(username) {
+        perf.mark("getQuotaBytes");
         return this.quotas.get(username) ?? null;
     }
     /**
@@ -102,6 +121,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns Current usage in bytes.
      */
     getUsageBytes(username) {
+        perf.mark("getUsageBytes");
         const homePath = `/home/${username}`;
         if (!this.vfs.exists(homePath)) {
             return 0;
@@ -118,6 +138,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param nextContent New file content.
      */
     assertWriteWithinQuota(username, targetPath, nextContent) {
+        perf.mark("assertWriteWithinQuota");
         const quota = this.quotas.get(username);
         if (quota === undefined) {
             return;
@@ -152,6 +173,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns True when credentials are valid.
      */
     verifyPassword(username, password) {
+        perf.mark("verifyPassword");
         const record = this.users.get(username);
         if (!record) {
             return false;
@@ -165,6 +187,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param password Initial plaintext password.
      */
     async addUser(username, password) {
+        perf.mark("addUser");
         this.validateUsername(username);
         this.validatePassword(password);
         if (this.users.has(username)) {
@@ -190,6 +213,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param password New plaintext password.
      */
     async setPassword(username, password) {
+        perf.mark("setPassword");
         this.validateUsername(username);
         this.validatePassword(password);
         if (!this.users.has(username)) {
@@ -204,6 +228,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param username Username to remove.
      */
     async deleteUser(username) {
+        perf.mark("deleteUser");
         this.validateUsername(username);
         if (username === "root") {
             throw new Error("deluser: cannot delete root");
@@ -222,6 +247,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns True when user can run sudo.
      */
     isSudoer(username) {
+        perf.mark("isSudoer");
         return this.sudoers.has(username);
     }
     /**
@@ -230,6 +256,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param username Username to promote.
      */
     async addSudoer(username) {
+        perf.mark("addSudoer");
         this.validateUsername(username);
         if (!this.users.has(username)) {
             throw new Error(`sudoers: user '${username}' does not exist`);
@@ -243,6 +270,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param username Username to demote.
      */
     async removeSudoer(username) {
+        perf.mark("removeSudoer");
         this.validateUsername(username);
         if (username === "root") {
             throw new Error("sudoers: cannot remove root");
@@ -258,6 +286,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns Registered session descriptor.
      */
     registerSession(username, remoteAddress) {
+        perf.mark("registerSession");
         const session = {
             id: randomUUID(),
             username,
@@ -279,6 +308,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param sessionId Session identifier; ignored when nullish.
      */
     unregisterSession(sessionId) {
+        perf.mark("unregisterSession");
         if (!sessionId) {
             return;
         }
@@ -300,6 +330,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param remoteAddress New remote address value.
      */
     updateSession(sessionId, username, remoteAddress) {
+        perf.mark("updateSession");
         if (!sessionId) {
             return;
         }
@@ -319,6 +350,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns Snapshot of active session descriptors.
      */
     listActiveSessions() {
+        perf.mark("listActiveSessions");
         return Array.from(this.activeSessions.values()).sort((left, right) => left.startedAt.localeCompare(right.startedAt));
     }
     loadFromVfs() {
@@ -379,30 +411,57 @@ export class VirtualUserManager extends EventEmitter {
         if (!this.vfs.exists(this.authDirPath)) {
             this.vfs.mkdir(this.authDirPath, 0o700);
         }
-        const content = Array.from(this.users.values())
+        const authContent = Array.from(this.users.values())
             .sort((left, right) => left.username.localeCompare(right.username))
             .map((record) => [record.username, record.salt, record.passwordHash].join(":"))
             .join("\n");
-        this.vfs.writeFile(this.usersPath, content.length > 0 ? `${content}\n` : "", { mode: 0o600 });
         const sudoersContent = Array.from(this.sudoers.values()).sort().join("\n");
-        this.vfs.writeFile(this.sudoersPath, sudoersContent.length > 0 ? `${sudoersContent}\n` : "", { mode: 0o600 });
         const quotasContent = Array.from(this.quotas.entries())
             .sort(([left], [right]) => left.localeCompare(right))
             .map(([username, maxBytes]) => `${username}:${maxBytes}`)
             .join("\n");
-        this.vfs.writeFile(this.quotasPath, quotasContent.length > 0 ? `${quotasContent}\n` : "", { mode: 0o600 });
-        await this.vfs.flushMirror();
+        let changed = false;
+        changed =
+            this.writeIfChanged(this.usersPath, authContent.length > 0 ? `${authContent}\n` : "", 0o600) || changed;
+        changed =
+            this.writeIfChanged(this.sudoersPath, sudoersContent.length > 0 ? `${sudoersContent}\n` : "", 0o600) || changed;
+        changed =
+            this.writeIfChanged(this.quotasPath, quotasContent.length > 0 ? `${quotasContent}\n` : "", 0o600) || changed;
+        if (changed) {
+            await this.vfs.flushMirror();
+        }
+    }
+    writeIfChanged(targetPath, content, mode) {
+        if (this.vfs.exists(targetPath)) {
+            const existing = this.vfs.readFile(targetPath);
+            if (existing === content) {
+                this.vfs.chmod(targetPath, mode);
+                return false;
+            }
+        }
+        this.vfs.writeFile(targetPath, content, { mode });
+        return true;
     }
     createRecord(username, password) {
+        const cacheKey = `${username}:${password}`;
+        const cached = VirtualUserManager.recordCache.get(cacheKey);
+        if (cached) {
+            return cached;
+        }
         const salt = randomBytes(16).toString("hex");
-        return {
+        const record = {
             username,
             salt,
             passwordHash: this.hashPassword(password, salt),
         };
+        VirtualUserManager.recordCache.set(cacheKey, record);
+        return record;
     }
     hashPassword(password, salt) {
-        return scryptSync(password, salt, 64).toString("hex");
+        if (VirtualUserManager.fastPasswordHash) {
+            return createHash("sha256").update(`${salt}:${password}`).digest("hex");
+        }
+        return scryptSync(password, salt, 32).toString("hex");
     }
     validateUsername(username) {
         if (!username || username.trim() === "") {

package/dist/utils/perfLogger.d.ts

@@ -0,0 +1,9 @@
+export type PerfLogger = {
+    enabled: boolean;
+    mark: (label: string) => void;
+    done: (label?: string) => void;
+};
+export declare function isPerfLoggingEnabled(): boolean;
+export declare function createPerfLogger(scope: string): PerfLogger;
+export declare function withPerf<T>(scope: string, label: string, work: () => Promise<T>): Promise<T>;
+//# sourceMappingURL=perfLogger.d.ts.map

package/dist/utils/perfLogger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"perfLogger.d.ts","sourceRoot":"","sources":["../../src/utils/perfLogger.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,UAAU,GAAG;IACxB,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IAC9B,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/B,CAAC;AAiBF,wBAAgB,oBAAoB,IAAI,OAAO,CAI9C;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,CA0B1D;AAED,wBAAsB,QAAQ,CAAC,CAAC,EAC/B,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GACpB,OAAO,CAAC,CAAC,CAAC,CAYZ"}

package/dist/utils/perfLogger.js

@@ -0,0 +1,49 @@
+function isTruthyEnv(value) {
+    return value === "1" || value === "true";
+}
+function nowMs() {
+    if (typeof performance !== "undefined" &&
+        typeof performance.now === "function") {
+        return performance.now();
+    }
+    return Date.now();
+}
+export function isPerfLoggingEnabled() {
+    return (isTruthyEnv(process.env.DEV_MODE) || isTruthyEnv(process.env.RENDER_PERF));
+}
+export function createPerfLogger(scope) {
+    const enabled = isPerfLoggingEnabled();
+    if (!enabled) {
+        return {
+            enabled,
+            mark: () => undefined,
+            done: () => undefined,
+        };
+    }
+    const startedAt = nowMs();
+    const mark = (label) => {
+        const elapsedMs = nowMs() - startedAt;
+        console.log(`[perf][${scope}] ${label}: ${elapsedMs.toFixed(1)}ms`);
+    };
+    const done = (label = "done") => {
+        mark(label);
+    };
+    return {
+        enabled,
+        mark,
+        done,
+    };
+}
+export async function withPerf(scope, label, work) {
+    const perf = createPerfLogger(scope);
+    if (!perf.enabled) {
+        return work();
+    }
+    perf.mark(`${label}:start`);
+    try {
+        return await work();
+    }
+    finally {
+        perf.done(`${label}:done`);
+    }
+}

package/package.json

@@ -4,7 +4,7 @@
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "type": "module",
-  "version": "1.2.0",
+  "version": "1.2.1",
   "license": "MIT",
   "keywords": [
     "ssh",

package/src/Honeypot/index.ts

@@ -11,6 +11,8 @@
 import type { EventEmitter } from "node:events";
 import type { SshMimic } from "../SSHMimic";
 import type { SftpMimic } from "../SSHMimic/sftp";
+import type { PerfLogger } from "../utils/perfLogger";
+import { createPerfLogger } from "../utils/perfLogger";
 import type VirtualFileSystem from "../VirtualFileSystem";
 import type { VirtualShell } from "../VirtualShell";
 import type { VirtualUserManager } from "../VirtualUserManager";
@@ -43,6 +45,8 @@ export interface HoneyPotStats {
 	clientDisconnects: number;
 }
 
+const perf: PerfLogger = createPerfLogger("HoneyPot");
+
 /**
  * HoneyPot audit and event tracking utility.
  *
@@ -74,6 +78,7 @@ export class HoneyPot {
 	 * @param maxLogSize Maximum audit log entries to retain (default: 10000).
 	 */
 	constructor(maxLogSize: number = 10000) {
+		perf.mark("constructor");
 		this.maxLogSize = maxLogSize;
 	}
 
@@ -93,6 +98,7 @@ export class HoneyPot {
 		ssh?: SshMimic,
 		sftp?: SftpMimic,
 	): void {
+		perf.mark("attach");
 		this.attachVirtualShell(shell);
 		this.attachVirtualFileSystem(vfs);
 		this.attachVirtualUserManager(users);
@@ -312,6 +318,7 @@ export class HoneyPot {
 	 * @returns Filtered audit log entries.
 	 */
 	public getAuditLog(type?: string, source?: string): AuditLogEntry[] {
+		perf.mark("getAuditLog");
 		return this.auditLog.filter(
 			(entry) =>
 				(!type || entry.type === type) && (!source || entry.source === source),
@@ -324,6 +331,7 @@ export class HoneyPot {
 	 * @returns Snapshot of honeypot stats.
 	 */
 	public getStats(): Readonly<HoneyPotStats> {
+		perf.mark("getStats");
 		return Object.freeze({ ...this.stats });
 	}
 
@@ -331,6 +339,7 @@ export class HoneyPot {
 	 * Clears audit log and resets statistics.
 	 */
 	public reset(): void {
+		perf.mark("reset");
 		this.auditLog = [];
 		this.stats = {
 			authAttempts: 0,
@@ -355,6 +364,7 @@ export class HoneyPot {
 	 * @returns Recent audit log entries.
 	 */
 	public getRecent(limit: number = 100): AuditLogEntry[] {
+		perf.mark("getRecent");
 		return this.auditLog.slice(Math.max(0, this.auditLog.length - limit));
 	}
 
@@ -368,6 +378,7 @@ export class HoneyPot {
 		severity: "low" | "medium" | "high";
 		message: string;
 	}> {
+		perf.mark("detectAnomalies");
 		const anomalies: Array<{
 			type: string;
 			severity: "low" | "medium" | "high";

package/src/SSHClient/index.ts

@@ -1,5 +1,7 @@
 import { runCommand } from "../commands";
 import type { CommandResult } from "../types/commands";
+import type { PerfLogger } from "../utils/perfLogger";
+import { createPerfLogger } from "../utils/perfLogger";
 import type { VirtualShell } from "../VirtualShell";
 
 /**
@@ -16,6 +18,8 @@ import type { VirtualShell } from "../VirtualShell";
  * const list = await client.ls();
  * ```
  */
+const perf: PerfLogger = createPerfLogger("SshClient");
+
 export class SshClient {
 	private currentCwd = "/";
 
@@ -28,7 +32,9 @@ export class SshClient {
 	constructor(
 		private shell: VirtualShell,
 		private username: string,
-	) {}
+	) {
+		perf.mark("constructor");
+	}
 
 	/**
 	 * Executes raw shell command.
@@ -37,6 +43,7 @@ export class SshClient {
 	 * @returns Command result with stdout/stderr/exitCode.
 	 */
 	async exec(command: string): Promise<CommandResult> {
+		perf.mark("exec");
 		const vfs = this.shell.getVfs();
 		const users = this.shell.getUsers();
 		const hostname = this.shell.getHostname();
@@ -69,6 +76,7 @@ export class SshClient {
 	 * @returns Result with directory listing in stdout.
 	 */
 	async ls(path?: string): Promise<CommandResult> {
+		perf.mark("ls");
 		const target = path ?? ".";
 		return this.exec(`ls ${target}`);
 	}
@@ -79,6 +87,7 @@ export class SshClient {
 	 * @returns Result with cwd path in stdout.
 	 */
 	async pwd(): Promise<CommandResult> {
+		perf.mark("pwd");
 		return this.exec("pwd");
 	}
 
@@ -89,6 +98,7 @@ export class SshClient {
 	 * @returns Result; updates internal cwd on success.
 	 */
 	async cd(path: string): Promise<CommandResult> {
+		perf.mark("cd");
 		const result = await this.exec(`cd ${path}`);
 		if (result.nextCwd && result.exitCode !== 1) {
 			this.currentCwd = result.nextCwd;
@@ -103,6 +113,7 @@ export class SshClient {
 	 * @returns Result with file content in stdout.
 	 */
 	async cat(path: string): Promise<CommandResult> {
+		perf.mark("cat");
 		return this.exec(`cat ${path}`);
 	}
 
@@ -114,6 +125,7 @@ export class SshClient {
 	 * @returns Result from mkdir command.
 	 */
 	async mkdir(path: string, recursive = false): Promise<CommandResult> {
+		perf.mark("mkdir");
 		const flag = recursive ? "-p " : "";
 		return this.exec(`mkdir ${flag}${path}`);
 	}
@@ -125,6 +137,7 @@ export class SshClient {
 	 * @returns Result from touch command.
 	 */
 	async touch(path: string): Promise<CommandResult> {
+		perf.mark("touch");
 		return this.exec(`touch ${path}`);
 	}
 
@@ -136,6 +149,7 @@ export class SshClient {
 	 * @returns Result from rm command.
 	 */
 	async rm(path: string, recursive = false): Promise<CommandResult> {
+		perf.mark("rm");
 		const flag = recursive ? "-r " : "";
 		return this.exec(`rm ${flag}${path}`);
 	}
@@ -148,6 +162,7 @@ export class SshClient {
 	 * @returns Result from touch/write simulation.
 	 */
 	async writeFile(path: string, content: string): Promise<CommandResult> {
+		perf.mark("writeFile");
 		const vfs = this.shell.getVfs();
 		if (!vfs) {
 			throw new Error("SSH client not started");
@@ -171,6 +186,7 @@ export class SshClient {
 	 * @returns File content as string or error in result.
 	 */
 	async readFile(path: string): Promise<CommandResult> {
+		perf.mark("readFile");
 		const vfs = this.shell.getVfs();
 		if (!vfs) {
 			throw new Error("SSH client not started");
@@ -193,6 +209,7 @@ export class SshClient {
 	 * @returns Normalized cwd path.
 	 */
 	getCwd(): string {
+		perf.mark("getCwd");
 		return this.currentCwd;
 	}
 
@@ -202,6 +219,7 @@ export class SshClient {
 	 * @returns Associated username.
 	 */
 	getUsername(): string {
+		perf.mark("getUsername");
 		return this.username;
 	}
 
@@ -212,6 +230,7 @@ export class SshClient {
 	 * @returns Result with ASCII tree in stdout.
 	 */
 	async tree(path?: string): Promise<CommandResult> {
+		perf.mark("tree");
 		const target = path ?? ".";
 		return this.exec(`tree ${target}`);
 	}
@@ -222,6 +241,7 @@ export class SshClient {
 	 * @returns Result from whoami command.
 	 */
 	async whoami(): Promise<CommandResult> {
+		perf.mark("whoami");
 		return this.exec("whoami");
 	}
 
@@ -231,6 +251,7 @@ export class SshClient {
 	 * @returns Result from hostname command.
 	 */
 	async hostname(): Promise<CommandResult> {
+		perf.mark("hostname");
 		return this.exec("hostname");
 	}
 
@@ -240,6 +261,7 @@ export class SshClient {
 	 * @returns Result from who command.
 	 */
 	async who(): Promise<CommandResult> {
+		perf.mark("who");
 		return this.exec("who");
 	}
 }