Dear all...
We have build a small IO-device thate are ment to be connected on internet. Take a look at http://www.ipio.nu In the next version of this we want to use AVR32 and use uCLinux as operating system. On the device we will have som simple server to control it. SSL seems to be to many things and OpenSSH have no libraries that we can use. libssh2 seems to be what we want for a client - but we could not find any simple "server side" libraries. We don't want X11-forwaring, and all other fantastic things. Just authentication and a secure channel. Nothing more! Is there any possibility that lsh can do the work for us? (How do we get rid of all nice features ;-)
"Goran Hasse" gorhas@gmail.com writes:
but we could not find any simple "server side" libraries. We don't want X11-forwaring, and all other fantastic things. Just authentication and a secure channel. Nothing more!
What kind of channel do you want? An ordinary session channel (which belongs to the "connection" layer in the ssh stack, and which would let you connect using a plain ssh client), or something more primitive and minimalistic?
The development version of lsh tries to separate the different layers; on the server side, there's one server process that handles the transport protocol, i.e., encryption, message authentication and server authentication. It spawns separate processes for handling the user authentication and for the connection layer (the latter is responsible for the multiplexing multiple channels with flow control, as well as the spawning login shells, the various forwarding features, and connect this functionality to the channel machinery. The processes communicate with eachother over pipes, sending enencrypted ssh packets back and forth.
This makes it possible to use just the transport layer, or transport layer + user authentication, together with other types of services. Depending on what you need, that separation might be of some use for you.
Regards, /Niels