Skip to content

Improve security of SFTP server against timing attacks

Albert Vaca Cintora requested to merge work/improve-timing-attacks into master

Use a constant time string comparison for password auth and only keep a hash of the password in memory.

Merge request reports

Loading