npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

ssh-backend-connector

v0.5.29

Published

> Secure SSH backend connection manager for applications with password protected encrypted key storage.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dforsberdforsber

Keywords

Readme

SSH Backend Connector

Secure SSH backend connection manager for applications with password protected encrypted key storage.

Features

  • Secure AES-256-GCM encryption for SSH keys
  • Password-based key derivation using scrypt
  • Automatic cleanup of sensitive data
  • Encrypted local storage of SSH keys and configurations
  • SSH tunnel management

Install

npm install ssh-backend-connector

Usage

import { SSHStoreManager, SSHManager } from "ssh-backend-connector";

// Initialize store with encryption
const store = new SSHStoreManager();
await store.connect("your-secure-password"); // At least 12 characters

// Store SSH keys (encrypted)
await store.saveKeyPair({
  id: "prod-key",
  name: "Production Server",
  privateKey: "-----BEGIN RSA PRIVATE KEY-----...",
});

// Store backend config
await store.saveBackend({
  id: "prod",
  name: "Production",
  host: "192.168.1.100",
  port: 22,
  username: "admin",
  keyPairId: "prod-key",
  tunnels: [{ localPort: 1234, remotePort: 4321 }],
});

// Create SSH manager with the store
const ssh = new SSHManager(store);

// Connect and setup tunnel
await ssh.connect("prod");

// When done, cleanup
ssh.disconnect("prod");
store.disconnect(); // Clears sensitive data from memory

API

SSHStoreManager

  • connect(password: string): Initialize encryption with password
  • disconnect(): Clear sensitive data from memory
  • saveKeyPair(keyPair: SSHKeyPair): Store encrypted SSH key pair
  • getKeyPair(id: string): Retrieve and decrypt key pair
  • getAllKeyPairs(): List all key pairs
  • deleteKeyPair(id: string): Remove key pair
  • saveBackend(backend: Backend): Store backend configuration
  • getBackend(id: string): Retrieve backend config
  • getAllBackends(): List all backends
  • deleteBackend(id: string): Remove backend config

SSHManager

  • constructor(store: SSHStoreManager): Create manager with store
  • connect(backendId: string): Establish SSH connection
  • disconnect(backendId: string): Close connection

Security

This package takes security seriously:

✓ Passwords must be at least 12 characters with complexity requirements
✓ Keys are encrypted using AES-256-GCM
✓ Sensitive data is automatically cleared from memory
✓ Password is never stored in memory
✓ Encryption is verified on connection
✓ Rate limiting on connection attempts
✓ Connection timeouts to prevent hanging
✓ Maximum concurrent connections limit
✓ File size limits to prevent DoS
✓ Secure file permissions (0600)
✓ Path traversal protection

Future Security Improvements

Here is a list of potential future work items in the security area:

  • Crypto Versioning

    • Version tags for encrypted data
    • Support for key rotation
    • Crypto algorithm negotiation

  • SSH Security

    • SSH key format validation
    • Host key verification
    • Certificate validation support

  • Advanced Security Features

    • Audit logging
    • Intrusion detection
    • Automated backup/restore
    • Key expiration and rotation policies

Development

npm install
npm test
npm run build

License

MIT