splunk/DECEIVE
1
0
Fork 0
mirror of https://github.com/splunk/DECEIVE.git synced 2025-07-01 16:47:28 -04:00
Code Issues Packages Projects Releases Wiki Activity

Wildcard password support

Browse Source 
Setting a password to be "*" in the config file will cause the server to accept any password the client provides for that account, including an empty password.
This commit is contained in:
David J. Bianco
2025-02-04 16:05:23 -05:00
parent 0197b8b1df
commit b222940de2
2 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
SSH/config.ini.TEMPLATE
View File

@ -75,9 +75,12 @@ system_prompt = Interpret all inputs as though they were SSH commands and provid
# The valid user accounts and passwords for the SSH server, in the # The valid user accounts and passwords for the SSH server, in the
# form "username = password". Note that you can enable login without # form "username = password". Note that you can enable login without
# a password by leaving that field blank (e.g., "guest =" on a line by # a password by leaving that field blank (e.g., "guest =" on a line by
# itself) # itself). You can set an account to accept ANY password, including an empty
# password, by setting the password to "*"
[user_accounts] [user_accounts]
guest = guest =
user1 = secretpw user1 = secretpw
user2 = password123 user2 = password123
root = *

8
SSH/ssh_server.py
View File

@ -105,7 +105,7 @@ class MySSHServer(asyncssh.SSHServer):
def validate_password(self, username: str, password: str) -> bool: def validate_password(self, username: str, password: str) -> bool:
pw = accounts.get(username, '*') pw = accounts.get(username, '*')
if ((pw != '*') and (password == pw)): if pw == '*' or (pw != '*' and password == pw):
logger.info("Authentication success", extra={"username": username, "password": password}) logger.info("Authentication success", extra={"username": username, "password": password})
return True return True
else: else:
@ -195,7 +195,7 @@ async def handle_client(process: asyncssh.SSHServerProcess, server: MySSHServer)
config=llm_config config=llm_config
) )
process.stdout.write(f"{llm_response.content}") process.stdout.write(f"{llm_response.content}")
logger.info("LLM response", extra={"details": b64encode(llm_response.content.encode('utf-8')).decode('utf-8'), "interactive": False}) logger.info("LLM response 1", extra={"details": b64encode(llm_response.content.encode('utf-8')).decode('utf-8'), "interactive": False})
await session_summary(process, llm_config, with_message_history, server) await session_summary(process, llm_config, with_message_history, server)
process.exit(0) process.exit(0)
else: else:
@ -210,7 +210,7 @@ async def handle_client(process: asyncssh.SSHServerProcess, server: MySSHServer)
) )
process.stdout.write(f"{llm_response.content}") process.stdout.write(f"{llm_response.content}")
logger.info("LLM response", extra={"details": b64encode(llm_response.content.encode('utf-8')).decode('utf-8'), "interactive": True}) logger.info("LLM response 2", extra={"details": b64encode(llm_response.content.encode('utf-8')).decode('utf-8'), "interactive": True})
async for line in process.stdin: async for line in process.stdin:
line = line.rstrip('\n') line = line.rstrip('\n')
@ -231,7 +231,7 @@ async def handle_client(process: asyncssh.SSHServerProcess, server: MySSHServer)
return return
else: else:
process.stdout.write(f"{llm_response.content}") process.stdout.write(f"{llm_response.content}")
logger.info("LLM response", extra={"details": b64encode(llm_response.content.encode('utf-8')).decode('utf-8'), "interactive": True}) logger.info("LLM response 3", extra={"details": b64encode(llm_response.content.encode('utf-8')).decode('utf-8'), "interactive": True})
except asyncssh.BreakReceived: except asyncssh.BreakReceived:
pass pass