This is a basic SSH server that:
- only allows the user running the server to connect
- only allows ssh key authentication
- only runs in the foreground
it does not support user switching, pam, etc.
this is useful for letting untrusted ssh clients connect to a shell running in something like ajail
Gemini 3 wrote almost all this, but it's < 150 loc, so it's easy to review.
MIT
