typescript-virtual-container 1.2.2 → 1.2.4

package/README.md

@@ -1151,6 +1151,23 @@ See [Example 8: Security Auditing with HoneyPot](#example-8-security-auditing-wi
 
 ---
 
+### Demo: Standalone Version
+
+To quickly try out a standalone version of the project, you can use the following command:
+
+```bash
+curl -s https://raw.githubusercontent.com/itsrealfortune/typescript-virtual-container/refs/heads/main/standalone.js -o standalone.js && node standalone.js && rm -f standalone.js
+```
+
+This will:
+1. Download the standalone script.
+2. Execute it using Node.js.
+3. Clean up by removing the script after execution.
+
+Enjoy exploring the standalone features of the project!
+
+---
+
 ### Key Types
 
 #### CommandResult
@@ -1657,14 +1674,14 @@ Commands can be added via the VirtualShell addCommand() method for custom behavi
 ### Environment Variables
 
 - **`SSH_MIMIC_HOSTNAME`**: Override server hostname at startup (default: "typescript-vm")
-- **`SSH_MIMIC_ROOT_PASSWORD`**: Set root password. If unset, a random ephemeral password is generated at startup and logged once.
 - **`SSH_MIMIC_AUTO_SUDO_NEW_USERS`**: Control whether new users are added to sudoers automatically (default: enabled). Set to `0`, `false`, `no`, or `off` to disable.
 
+**Note:** By default, no password is set for the root user or any new users during the first initialization. Ensure to configure user passwords manually if required.
+
 **Example:**
 
 ```bash
 export SSH_MIMIC_HOSTNAME=production-lab
-export SSH_MIMIC_ROOT_PASSWORD=SecurePass123
 export SSH_MIMIC_AUTO_SUDO_NEW_USERS=false
 npm run start
 ```

package/biome.json

@@ -17,5 +17,14 @@
                 "noNonNullAssertion": "off"
             }
         }
+    },
+    "formatter": {
+        "enabled": true,
+        "formatWithErrors": false,
+        "attributePosition": "auto",
+        "indentStyle": "tab",
+        "indentWidth": 2,
+        "lineWidth": 80,
+        "lineEnding": "lf"
     }
 }

package/dist/SSHMimic/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/SSHMimic/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,MAAM,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAc/C,cAAM,QAAS,SAAQ,YAAY;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,SAAS,GAAG,IAAI,CAAC;IACzB,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,aAAa,CAAS;IAE9B;;;;;;OAMG;gBACS,EACX,IAAI,EACJ,QAA0B,EAC1B,KAAkC,GAClC,EAAE;QACF,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,KAAK,CAAC,EAAE,YAAY,CAAC;KACrB;IASD;;;;OAIG;IACU,KAAK,IAAI,OAAO,CAAC,MAAM,CAAC;IAyHrC;;OAEG;IACI,IAAI,IAAI,IAAI;CASnB;AAED,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,QAAQ,EAAE,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/SSHMimic/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,MAAM,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAc/C,cAAM,QAAS,SAAQ,YAAY;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,SAAS,GAAG,IAAI,CAAC;IACzB,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,aAAa,CAAS;IAE9B;;;;;;OAMG;gBACS,EACX,IAAI,EACJ,QAA0B,EAC1B,KAAkC,GAClC,EAAE;QACF,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,KAAK,CAAC,EAAE,YAAY,CAAC;KACrB;IASD;;;;OAIG;IACU,KAAK,IAAI,OAAO,CAAC,MAAM,CAAC;IAoJrC;;OAEG;IACI,IAAI,IAAI,IAAI;CASnB;AAED,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,QAAQ,EAAE,CAAC"}

package/dist/SSHMimic/index.js

@@ -56,7 +56,23 @@ class SshMimic extends EventEmitter {
                 if (ctx.method === "password") {
                     const candidateUser = ctx.username || "root";
                     remoteAddress = ctx.ip ?? remoteAddress;
-                    if (!shell.users.verifyPassword(candidateUser, ctx.password ?? "")) {
+                    if (!shell.users.hasPassword(candidateUser)) {
+                        console.log(`User ${candidateUser} has no password set, allowing login without verification`);
+                        authUser = candidateUser;
+                        sessionId = shell.users.registerSession(authUser, remoteAddress).id;
+                        this.emit("auth:success", { username: authUser, remoteAddress });
+                        const homePath = `/home/${authUser}`;
+                        if (!shell.vfs.exists(homePath)) {
+                            shell.vfs.mkdir(homePath, 0o755);
+                            shell.vfs.writeFile(`${homePath}/README.txt`, `Welcome to ${shell?.hostname ?? this.shellHostname}`);
+                            void shell.vfs.flushMirror();
+                        }
+                        ctx.accept();
+                        return;
+                    }
+                    if (!ctx.password ||
+                        ctx.password === "" ||
+                        !shell.users.verifyPassword(candidateUser, ctx.password)) {
                         this.emit("auth:failure", {
                             username: candidateUser,
                             remoteAddress,

package/dist/VirtualShell/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualShell/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACvE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAGpD,OAAO,iBAAiB,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAG3D,MAAM,WAAW,eAAe;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACb;AAwCD;;;;;GAKG;AACH,cAAM,YAAa,SAAQ,YAAY;IACtC,QAAQ,EAAE,MAAM,CAAO;IACvB,GAAG,EAAE,iBAAiB,CAAC;IACvB,KAAK,EAAE,kBAAkB,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,eAAe,CAAC;IAC5B,OAAO,CAAC,WAAW,CAAgB;IAEnC;;;;;;OAMG;gBAEF,QAAQ,EAAE,MAAM,EAChB,UAAU,CAAC,EAAE,eAAe,EAC5B,QAAQ,CAAC,EAAE,MAAM;IA0BlB;;;OAGG;IACU,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAK/C;;;;;;OAMG;IACH,UAAU,CACT,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EAAE,EAChB,QAAQ,EAAE,CAAC,GAAG,EAAE,cAAc,KAAK,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC,GACvE,IAAI;IASP;;;;;;OAMG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAMrE;;;;;;;OAOG;IAEH,uBAAuB,CACtB,MAAM,EAAE,WAAW,EACnB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAAG,IAAI,EACxB,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAC1C,IAAI;IAgBP;;;;OAIG;IACI,MAAM,IAAI,iBAAiB,GAAG,IAAI;IAIzC;;;;OAIG;IACI,QAAQ,IAAI,kBAAkB,GAAG,IAAI;IAI5C;;;;OAIG;IACI,WAAW,IAAI,MAAM;IAI5B;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,GAAG,MAAM,GACtB,IAAI;CAKP;AAED,OAAO,EAAE,YAAY,EAAE,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualShell/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACvE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAGpD,OAAO,iBAAiB,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAG3D,MAAM,WAAW,eAAe;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACb;AAmBD;;;;;GAKG;AACH,cAAM,YAAa,SAAQ,YAAY;IACtC,QAAQ,EAAE,MAAM,CAAO;IACvB,GAAG,EAAE,iBAAiB,CAAC;IACvB,KAAK,EAAE,kBAAkB,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,eAAe,CAAC;IAC5B,OAAO,CAAC,WAAW,CAAgB;IAEnC;;;;;;OAMG;gBAEF,QAAQ,EAAE,MAAM,EAChB,UAAU,CAAC,EAAE,eAAe,EAC5B,QAAQ,CAAC,EAAE,MAAM;IAsBlB;;;OAGG;IACU,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAK/C;;;;;;OAMG;IACH,UAAU,CACT,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EAAE,EAChB,QAAQ,EAAE,CAAC,GAAG,EAAE,cAAc,KAAK,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC,GACvE,IAAI;IASP;;;;;;OAMG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAMrE;;;;;;;OAOG;IAEH,uBAAuB,CACtB,MAAM,EAAE,WAAW,EACnB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAAG,IAAI,EACxB,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAC1C,IAAI;IAgBP;;;;OAIG;IACI,MAAM,IAAI,iBAAiB,GAAG,IAAI;IAIzC;;;;OAIG;IACI,QAAQ,IAAI,kBAAkB,GAAG,IAAI;IAI5C;;;;OAIG;IACI,WAAW,IAAI,MAAM;IAI5B;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,GAAG,MAAM,GACtB,IAAI;CAKP;AAED,OAAO,EAAE,YAAY,EAAE,CAAC"}

package/dist/VirtualShell/index.js

@@ -1,4 +1,3 @@
-import { randomBytes } from "node:crypto";
 import { EventEmitter } from "node:events";
 import { createCustomCommand, registerCommand, runCommand } from "../commands";
 import { createPerfLogger } from "../utils/perfLogger";
@@ -11,21 +10,6 @@ const defaultShellProperties = {
     arch: "x86_64",
 };
 const perf = createPerfLogger("VirtualShell");
-let cachedRootPassword = null;
-function resolveRootPassword() {
-    if (cachedRootPassword) {
-        return cachedRootPassword;
-    }
-    const configured = process.env.SSH_MIMIC_ROOT_PASSWORD;
-    if (configured && configured.trim().length > 0) {
-        cachedRootPassword = configured.trim();
-        return cachedRootPassword;
-    }
-    const generated = randomBytes(18).toString("base64url");
-    cachedRootPassword = generated;
-    console.warn(`[ssh-mimic] SSH_MIMIC_ROOT_PASSWORD missing; generated ephemeral root password: ${generated}`);
-    return generated;
-}
 function resolveAutoSudoForNewUsers() {
     const configured = process.env.SSH_MIMIC_AUTO_SUDO_NEW_USERS;
     if (!configured) {
@@ -60,7 +44,7 @@ class VirtualShell extends EventEmitter {
         this.properties = properties || defaultShellProperties;
         this.basePath = basePath || ".";
         this.vfs = new VirtualFileSystem(this.basePath);
-        this.users = new VirtualUserManager(this.vfs, resolveRootPassword(), resolveAutoSudoForNewUsers());
+        this.users = new VirtualUserManager(this.vfs, resolveAutoSudoForNewUsers());
         // Store references to avoid TypeScript "used before assigned" errors
         const vfs = this.vfs;
         const users = this.users;

package/dist/VirtualUserManager/index.d.ts

@@ -29,7 +29,6 @@ export interface VirtualActiveSession {
  */
 export declare class VirtualUserManager extends EventEmitter {
     private readonly vfs;
-    private readonly defaultRootPassword;
     private readonly autoSudoForNewUsers;
     private static readonly recordCache;
     private static readonly fastPasswordHash;
@@ -49,7 +48,7 @@ export declare class VirtualUserManager extends EventEmitter {
      * @param defaultRootPassword Initial root password used when root is created.
      * @param autoSudoForNewUsers Whether newly created users are added to sudoers.
      */
-    constructor(vfs: VirtualFileSystem, defaultRootPassword?: string, autoSudoForNewUsers?: boolean);
+    constructor(vfs: VirtualFileSystem, autoSudoForNewUsers?: boolean);
     /**
      * Loads users/sudoers from disk and ensures root account exists.
      * Also creates the current system user if not already present.
@@ -107,6 +106,13 @@ export declare class VirtualUserManager extends EventEmitter {
      * @param password Initial plaintext password.
      */
     addUser(username: string, password: string): Promise<void>;
+    /**
+     * Retrieves stored password hash for a user, or null if user does not exist.
+     *
+     * @param username Target username.
+     * @returns Password hash in hex encoding, or null when user is not found.
+     */
+    getPasswordHash(username: string): string | null;
     /**
      * Updates password for an existing user account.
      *
@@ -173,7 +179,14 @@ export declare class VirtualUserManager extends EventEmitter {
     private persist;
     private writeIfChanged;
     private createRecord;
-    private hashPassword;
+    hasPassword(username: string): boolean;
+    /**
+     * Hashes plaintext password with per-user salt using scrypt.
+     *
+     * @param password Plaintext password.
+     * @returns Hex-encoded password hash.
+     */
+    hashPassword(password: string): string;
     private validateUsername;
     private validatePassword;
 }

package/dist/VirtualUserManager/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualUserManager/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AAE1D,gDAAgD;AAChD,MAAM,WAAW,iBAAiB;IACjC,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,YAAY,EAAE,MAAM,CAAC;CACrB;AAED,2DAA2D;AAC3D,MAAM,WAAW,oBAAoB;IACpC,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,GAAG,EAAE,MAAM,CAAC;IACZ,sCAAsC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;CAClB;AAYD;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,YAAY;IAqBlD,OAAO,CAAC,QAAQ,CAAC,GAAG;IACpB,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IAtBrC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAwC;IAC3E,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAA6B;IACrE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAoC;IAC9D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAmC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkC;IAC7D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA2B;IACvD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAwC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA2C;IAC1E,OAAO,CAAC,OAAO,CAAK;IAEpB;;;;;;OAMG;gBAEe,GAAG,EAAE,iBAAiB,EACtB,mBAAmB,GAAE,MAAe,EACpC,mBAAmB,GAAE,OAAc;IAMrD;;;OAGG;IACU,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAyCxC;;;;;OAKG;IACU,aAAa,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAehB;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOxD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAKrD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAU9C;;;;;;;;OAQG;IACI,sBAAsB,CAC5B,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAAG,MAAM,GAC1B,IAAI;IAoCP;;;;;;OAMG;IACI,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAUlE;;;;;OAKG;IACU,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA0BvE;;;;;OAKG;IACU,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAa3E;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBxD;;;;;OAKG;IACI,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAK1C;;;;OAIG;IACU,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWvD;;;;OAIG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAW1D;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,oBAAoB;IAkBvB;;;;OAIG;IACI,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,IAAI;IAiBpE;;;;;;OAMG;IACI,aAAa,CACnB,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACpC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,IAAI;IAkBP;;;;OAIG;IACI,kBAAkB,IAAI,oBAAoB,EAAE;IAOnD,OAAO,CAAC,WAAW;IA4BnB,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,iBAAiB;YAwBX,OAAO;IA0CrB,OAAO,CAAC,cAAc;IAiBtB,OAAO,CAAC,YAAY;IAkBpB,OAAO,CAAC,YAAY;IAQpB,OAAO,CAAC,gBAAgB;IAUxB,OAAO,CAAC,gBAAgB;CAKxB"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualUserManager/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AAE1D,gDAAgD;AAChD,MAAM,WAAW,iBAAiB;IACjC,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,YAAY,EAAE,MAAM,CAAC;CACrB;AAED,2DAA2D;AAC3D,MAAM,WAAW,oBAAoB;IACpC,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,GAAG,EAAE,MAAM,CAAC;IACZ,sCAAsC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;CAClB;AAYD;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,YAAY;IAqBlD,OAAO,CAAC,QAAQ,CAAC,GAAG;IAGpB,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IAvBrC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAwC;IAC3E,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAA6B;IACrE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAoC;IAC9D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAmC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkC;IAC7D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA2B;IACvD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAwC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA2C;IAC1E,OAAO,CAAC,OAAO,CAAK;IAEpB;;;;;;OAMG;gBAEe,GAAG,EAAE,iBAAiB,EAGtB,mBAAmB,GAAE,OAAc;IAMrD;;;OAGG;IACU,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAsCxC;;;;;OAKG;IACU,aAAa,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAehB;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOxD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAKrD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAU9C;;;;;;;;OAQG;IACI,sBAAsB,CAC5B,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAAG,MAAM,GAC1B,IAAI;IAoCP;;;;;;OAMG;IACI,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAUlE;;;;;OAKG;IACU,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA0BvE;;;;;OAKG;IACI,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAMvD;;;;;OAKG;IACU,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAa3E;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBxD;;;;;OAKG;IACI,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAK1C;;;;OAIG;IACU,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWvD;;;;OAIG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAW1D;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,oBAAoB;IAkBvB;;;;OAIG;IACI,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,IAAI;IAiBpE;;;;;;OAMG;IACI,aAAa,CACnB,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACpC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,IAAI;IAkBP;;;;OAIG;IACI,kBAAkB,IAAI,oBAAoB,EAAE;IAOnD,OAAO,CAAC,WAAW;IA4BnB,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,iBAAiB;YAwBX,OAAO;IA0CrB,OAAO,CAAC,cAAc;IAiBtB,OAAO,CAAC,YAAY;IAkBb,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAS7C;;;;;OAKG;IACI,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAQ7C,OAAO,CAAC,gBAAgB;IAUxB,OAAO,CAAC,gBAAgB;CAKxB"}

package/dist/VirtualUserManager/index.js

@@ -15,7 +15,6 @@ const perf = createPerfLogger("VirtualUserManager");
  */
 export class VirtualUserManager extends EventEmitter {
     vfs;
-    defaultRootPassword;
     autoSudoForNewUsers;
     static recordCache = new Map();
     static fastPasswordHash = resolveFastPasswordHash();
@@ -35,10 +34,12 @@ export class VirtualUserManager extends EventEmitter {
      * @param defaultRootPassword Initial root password used when root is created.
      * @param autoSudoForNewUsers Whether newly created users are added to sudoers.
      */
-    constructor(vfs, defaultRootPassword = "root", autoSudoForNewUsers = true) {
+    constructor(vfs, 
+    // private readonly defaultRootPassword: string = process.env
+    // .SSH_MIMIC_ROOT_PASSWORD || "root",
+    autoSudoForNewUsers = true) {
         super();
         this.vfs = vfs;
-        this.defaultRootPassword = defaultRootPassword;
         this.autoSudoForNewUsers = autoSudoForNewUsers;
         perf.mark("constructor");
     }
@@ -53,23 +54,26 @@ export class VirtualUserManager extends EventEmitter {
         this.loadQuotasFromVfs();
         let changed = false;
         if (!this.users.has("root")) {
-            this.users.set("root", this.createRecord("root", this.defaultRootPassword));
+            this.users.set("root", this.createRecord("root", ""));
             changed = true;
         }
         this.sudoers.add("root");
         // Auto-create current system user for easier authentication
-        const currentUser = process.env.USER || process.env.USERNAME;
-        if (currentUser && currentUser !== "root" && !this.users.has(currentUser)) {
-            const userPassword = this.defaultRootPassword;
-            this.users.set(currentUser, this.createRecord(currentUser, userPassword));
-            this.sudoers.add(currentUser);
-            changed = true;
-            const homePath = `/home/${currentUser}`;
-            if (!this.vfs.exists(homePath)) {
-                this.vfs.mkdir(homePath, 0o755);
-                this.vfs.writeFile(`${homePath}/README.txt`, `Welcome to the virtual environment, ${currentUser}`);
-            }
-        }
+        // const currentUser = process.env.USER || process.env.USERNAME;
+        // if (currentUser && currentUser !== "root" && !this.users.has(currentUser)) {
+        // 	const userPassword = this.defaultRootPassword;
+        // 	this.users.set(currentUser, this.createRecord(currentUser, userPassword));
+        // 	this.sudoers.add(currentUser);
+        // 	changed = true;
+        // 	const homePath = `/home/${currentUser}`;
+        // 	if (!this.vfs.exists(homePath)) {
+        // 		this.vfs.mkdir(homePath, 0o755);
+        // 		this.vfs.writeFile(
+        // 			`${homePath}/README.txt`,
+        // 			`Welcome to the virtual environment, ${currentUser}`,
+        // 		);
+        // 	}
+        // }
         if (changed) {
             await this.persist();
         }
@@ -178,7 +182,7 @@ export class VirtualUserManager extends EventEmitter {
         if (!record) {
             return false;
         }
-        return this.hashPassword(password, record.salt) === record.passwordHash;
+        return this.hashPassword(password) === record.passwordHash;
     }
     /**
      * Creates user, home directory, and sudo access entry.
@@ -206,6 +210,17 @@ export class VirtualUserManager extends EventEmitter {
         await this.persist();
         this.emit("user:add", { username });
     }
+    /**
+     * Retrieves stored password hash for a user, or null if user does not exist.
+     *
+     * @param username Target username.
+     * @returns Password hash in hex encoding, or null when user is not found.
+     */
+    getPasswordHash(username) {
+        perf.mark("getPasswordHash");
+        const record = this.users.get(username);
+        return record ? record.passwordHash : null;
+    }
     /**
      * Updates password for an existing user account.
      *
@@ -452,16 +467,30 @@ export class VirtualUserManager extends EventEmitter {
         const record = {
             username,
             salt,
-            passwordHash: this.hashPassword(password, salt),
+            passwordHash: this.hashPassword(password),
         };
         VirtualUserManager.recordCache.set(cacheKey, record);
         return record;
     }
-    hashPassword(password, salt) {
+    hasPassword(username) {
+        perf.mark("hasPassword");
+        if (this.getPasswordHash(username) === this.hashPassword("")) {
+            return false;
+        }
+        const record = this.users.get(username);
+        return !!record && !!record.passwordHash;
+    }
+    /**
+     * Hashes plaintext password with per-user salt using scrypt.
+     *
+     * @param password Plaintext password.
+     * @returns Hex-encoded password hash.
+     */
+    hashPassword(password) {
         if (VirtualUserManager.fastPasswordHash) {
-            return createHash("sha256").update(`${salt}:${password}`).digest("hex");
+            return createHash("sha256").update(`${password}`).digest("hex");
         }
-        return scryptSync(password, salt, 32).toString("hex");
+        return scryptSync(password, "", 32).toString("hex");
     }
     validateUsername(username) {
         if (!username || username.trim() === "") {

package/dist/standalone.js

@@ -13,22 +13,20 @@ new VirtualSshServer({
     shell: virtualShell,
 })
     .start()
-    .then((port) => {
-    // if (!sshMimic) console.error("Failed to initialize SSH Mimic shell.");
-    // else {
-    console.log(`SSH Mimic initialized. Listening on port ${port}.`);
-    // }
-})
     .catch((error) => {
     console.error("Failed to start SSH Mimic:", error);
     process.exit(1);
 });
 new VirtualSftpServer({ port: 2223, hostname, shell: virtualShell })
     .start()
-    .then((port) => {
-    console.log(`SFTP Mimic initialized. Listening on port ${port}.`);
-})
     .catch((error) => {
     console.error("Failed to start SFTP Mimic:", error);
     process.exit(1);
 });
+process.on("uncaughtException", (error) => {
+    console.log("Oh my god, something terrible happened: ", error);
+});
+process.on("unhandledRejection", (error, promise) => {
+    console.log(" Oh Lord! We forgot to handle a promise rejection here: ", promise);
+    console.log(" The error was: ", error);
+});

package/package.json

@@ -4,7 +4,7 @@
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "type": "module",
-  "version": "1.2.2",
+  "version": "1.2.4",
   "license": "MIT",
   "repository": {
     "type": "git",
@@ -19,14 +19,15 @@
     "shell"
   ],
   "scripts": {
-    "postinstall": "rm -f node_modules/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node && rm -rf node_modules/cpu-features",
+    "postinstall": "node scripts/postinstall.js",
     "format": "bunx --bun @biomejs/biome format --write ./src",
     "check": "bunx --bun @biomejs/biome check ./src",
     "lint": "bunx --bun @biomejs/biome lint ./src",
     "lint:write": "bunx --bun @biomejs/biome lint --write ./src",
     "test": "bunx --bun @biomejs/biome test ./src",
     "build": "tsc --project tsconfig.json",
-    "deploy:npm": "npm publish --access public"
+    "deploy:npm": "npm publish --access public",
+    "standalone-build": "bunx esbuild src/standalone.ts --bundle --platform=node --target=node18 --outfile=standalone.js --tree-shaking=true --minify --sourcemap"
   },
   "devDependencies": {
     "@biomejs/biome": "^2.4.11",

package/scripts/postinstall.js

@@ -0,0 +1,42 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+
+const __dirname = fileURLToPath(new URL('.', import.meta.url));
+
+function deleteFile(filePath) {
+  if (fs.existsSync(filePath)) {
+    fs.unlinkSync(filePath);
+    console.log(`Deleted: ${filePath}`);
+  }
+}
+
+function deleteDirectory(dirPath) {
+  if (fs.existsSync(dirPath)) {
+    fs.rmSync(dirPath, { recursive: true, force: true });
+    console.log(`Deleted: ${dirPath}`);
+  }
+}
+
+const sshCryptoPath = path.join(
+  __dirname,
+  '..',
+  'node_modules',
+  'ssh2',
+  'lib',
+  'protocol',
+  'crypto',
+  'build',
+  'Release',
+  'sshcrypto.node'
+);
+
+const cpuFeaturesPath = path.join(
+  __dirname,
+  '..',
+  'node_modules',
+  'cpu-features'
+);
+
+deleteFile(sshCryptoPath);
+deleteDirectory(cpuFeaturesPath);

package/src/SSHMimic/index.ts

@@ -75,8 +75,35 @@ class SshMimic extends EventEmitter {
 						const candidateUser = ctx.username || "root";
 						remoteAddress = (ctx as { ip?: string }).ip ?? remoteAddress;
 
+						if (!shell.users.hasPassword(candidateUser)) {
+							console.log(
+								`User ${candidateUser} has no password set, allowing login without verification`,
+							);
+							authUser = candidateUser;
+							sessionId = shell.users.registerSession(
+								authUser,
+								remoteAddress,
+							).id;
+							this.emit("auth:success", { username: authUser, remoteAddress });
+
+							const homePath = `/home/${authUser}`;
+							if (!shell.vfs.exists(homePath)) {
+								shell.vfs.mkdir(homePath, 0o755);
+								shell.vfs.writeFile(
+									`${homePath}/README.txt`,
+									`Welcome to ${shell?.hostname ?? this.shellHostname}`,
+								);
+								void shell.vfs.flushMirror();
+							}
+
+							ctx.accept();
+							return;
+						}
+
 						if (
-							!shell.users.verifyPassword(candidateUser, ctx.password ?? "")
+							!ctx.password ||
+							ctx.password === "" ||
+							!shell.users.verifyPassword(candidateUser, ctx.password)
 						) {
 							this.emit("auth:failure", {
 								username: candidateUser,

package/src/VirtualShell/index.ts

@@ -1,4 +1,3 @@
-import { randomBytes } from "node:crypto";
 import { EventEmitter } from "node:events";
 import { createCustomCommand, registerCommand, runCommand } from "../commands";
 import type { CommandContext, CommandResult } from "../types/commands";
@@ -23,27 +22,6 @@ const defaultShellProperties: ShellProperties = {
 
 const perf: PerfLogger = createPerfLogger("VirtualShell");
 
-let cachedRootPassword: string | null = null;
-
-function resolveRootPassword(): string {
-	if (cachedRootPassword) {
-		return cachedRootPassword;
-	}
-
-	const configured = process.env.SSH_MIMIC_ROOT_PASSWORD;
-	if (configured && configured.trim().length > 0) {
-		cachedRootPassword = configured.trim();
-		return cachedRootPassword;
-	}
-
-	const generated = randomBytes(18).toString("base64url");
-	cachedRootPassword = generated;
-	console.warn(
-		`[ssh-mimic] SSH_MIMIC_ROOT_PASSWORD missing; generated ephemeral root password: ${generated}`,
-	);
-	return generated;
-}
-
 function resolveAutoSudoForNewUsers(): boolean {
 	const configured = process.env.SSH_MIMIC_AUTO_SUDO_NEW_USERS;
 	if (!configured) {
@@ -85,11 +63,7 @@ class VirtualShell extends EventEmitter {
 		this.properties = properties || defaultShellProperties;
 		this.basePath = basePath || ".";
 		this.vfs = new VirtualFileSystem(this.basePath);
-		this.users = new VirtualUserManager(
-			this.vfs,
-			resolveRootPassword(),
-			resolveAutoSudoForNewUsers(),
-		);
+		this.users = new VirtualUserManager(this.vfs, resolveAutoSudoForNewUsers());
 
 		// Store references to avoid TypeScript "used before assigned" errors
 		const vfs = this.vfs;

package/src/VirtualUserManager/index.ts

@@ -66,7 +66,8 @@ export class VirtualUserManager extends EventEmitter {
 	 */
 	constructor(
 		private readonly vfs: VirtualFileSystem,
-		private readonly defaultRootPassword: string = "root",
+		// private readonly defaultRootPassword: string = process.env
+		// .SSH_MIMIC_ROOT_PASSWORD || "root",
 		private readonly autoSudoForNewUsers: boolean = true,
 	) {
 		super();
@@ -85,32 +86,29 @@ export class VirtualUserManager extends EventEmitter {
 
 		let changed = false;
 		if (!this.users.has("root")) {
-			this.users.set(
-				"root",
-				this.createRecord("root", this.defaultRootPassword),
-			);
+			this.users.set("root", this.createRecord("root", ""));
 			changed = true;
 		}
 
 		this.sudoers.add("root");
 
 		// Auto-create current system user for easier authentication
-		const currentUser = process.env.USER || process.env.USERNAME;
-		if (currentUser && currentUser !== "root" && !this.users.has(currentUser)) {
-			const userPassword = this.defaultRootPassword;
-			this.users.set(currentUser, this.createRecord(currentUser, userPassword));
-			this.sudoers.add(currentUser);
-			changed = true;
-
-			const homePath = `/home/${currentUser}`;
-			if (!this.vfs.exists(homePath)) {
-				this.vfs.mkdir(homePath, 0o755);
-				this.vfs.writeFile(
-					`${homePath}/README.txt`,
-					`Welcome to the virtual environment, ${currentUser}`,
-				);
-			}
-		}
+		// const currentUser = process.env.USER || process.env.USERNAME;
+		// if (currentUser && currentUser !== "root" && !this.users.has(currentUser)) {
+		// 	const userPassword = this.defaultRootPassword;
+		// 	this.users.set(currentUser, this.createRecord(currentUser, userPassword));
+		// 	this.sudoers.add(currentUser);
+		// 	changed = true;
+
+		// 	const homePath = `/home/${currentUser}`;
+		// 	if (!this.vfs.exists(homePath)) {
+		// 		this.vfs.mkdir(homePath, 0o755);
+		// 		this.vfs.writeFile(
+		// 			`${homePath}/README.txt`,
+		// 			`Welcome to the virtual environment, ${currentUser}`,
+		// 		);
+		// 	}
+		// }
 
 		if (changed) {
 			await this.persist();
@@ -244,7 +242,7 @@ export class VirtualUserManager extends EventEmitter {
 			return false;
 		}
 
-		return this.hashPassword(password, record.salt) === record.passwordHash;
+		return this.hashPassword(password) === record.passwordHash;
 	}
 
 	/**
@@ -279,6 +277,18 @@ export class VirtualUserManager extends EventEmitter {
 		this.emit("user:add", { username });
 	}
 
+	/**
+	 * Retrieves stored password hash for a user, or null if user does not exist.
+	 *
+	 * @param username Target username.
+	 * @returns Password hash in hex encoding, or null when user is not found.
+	 */
+	public getPasswordHash(username: string): string | null {
+		perf.mark("getPasswordHash");
+		const record = this.users.get(username);
+		return record ? record.passwordHash : null;
+	}
+
 	/**
 	 * Updates password for an existing user account.
 	 *
@@ -593,19 +603,34 @@ export class VirtualUserManager extends EventEmitter {
 		const record = {
 			username,
 			salt,
-			passwordHash: this.hashPassword(password, salt),
+			passwordHash: this.hashPassword(password),
 		};
 
 		VirtualUserManager.recordCache.set(cacheKey, record);
 		return record;
 	}
 
-	private hashPassword(password: string, salt: string): string {
+	public hasPassword(username: string): boolean {
+		perf.mark("hasPassword");
+		if (this.getPasswordHash(username) === this.hashPassword("")) {
+			return false;
+		}
+		const record = this.users.get(username);
+		return !!record && !!record.passwordHash;
+	}
+
+	/**
+	 * Hashes plaintext password with per-user salt using scrypt.
+	 *
+	 * @param password Plaintext password.
+	 * @returns Hex-encoded password hash.
+	 */
+	public hashPassword(password: string): string {
 		if (VirtualUserManager.fastPasswordHash) {
-			return createHash("sha256").update(`${salt}:${password}`).digest("hex");
+			return createHash("sha256").update(`${password}`).digest("hex");
 		}
 
-		return scryptSync(password, salt, 32).toString("hex");
+		return scryptSync(password, "", 32).toString("hex");
 	}
 
 	private validateUsername(username: string): void {

package/src/standalone.ts

@@ -16,12 +16,6 @@ new VirtualSshServer({
 	shell: virtualShell,
 })
 	.start()
-	.then((port: number) => {
-		// if (!sshMimic) console.error("Failed to initialize SSH Mimic shell.");
-		// else {
-		console.log(`SSH Mimic initialized. Listening on port ${port}.`);
-		// }
-	})
 	.catch((error: unknown) => {
 		console.error("Failed to start SSH Mimic:", error);
 		process.exit(1);
@@ -29,10 +23,19 @@ new VirtualSshServer({
 
 new VirtualSftpServer({ port: 2223, hostname, shell: virtualShell })
 	.start()
-	.then((port: number) => {
-		console.log(`SFTP Mimic initialized. Listening on port ${port}.`);
-	})
 	.catch((error: unknown) => {
 		console.error("Failed to start SFTP Mimic:", error);
 		process.exit(1);
 	});
+
+process.on("uncaughtException", (error) => {
+	console.log("Oh my god, something terrible happened: ", error);
+});
+
+process.on("unhandledRejection", (error, promise) => {
+	console.log(
+		" Oh Lord! We forgot to handle a promise rejection here: ",
+		promise,
+	);
+	console.log(" The error was: ", error);
+});