2014-06-23 12:07:57 -05:00
|
|
|
wolfssh
|
|
|
|
=======
|
|
|
|
|
2016-03-31 16:12:18 -05:00
|
|
|
wolfSSL's Embeddable SSH Server
|
|
|
|
|
2016-10-23 18:00:40 -05:00
|
|
|
dependencies
|
|
|
|
------------
|
|
|
|
|
|
|
|
wolfSSH is dependent on wolfCrypt. The simplest configuration of wolfSSL
|
|
|
|
required for wolfSSH is the default build.
|
|
|
|
|
|
|
|
$ cd wolfssl
|
2018-05-30 12:45:48 -05:00
|
|
|
$ ./configure [OPTIONS] --enable-ssh
|
2016-10-23 18:00:40 -05:00
|
|
|
$ make check
|
|
|
|
$ sudo make install
|
|
|
|
|
|
|
|
To use the key generation function in wolfSSH, wolfSSL will need to be
|
|
|
|
configured with keygen: `--enable-keygen`.
|
|
|
|
|
|
|
|
If the bulk of wolfSSL code isn't desired, wolfSSL can be configured with
|
|
|
|
the crypto only option: `--enable-cryptonly`.
|
|
|
|
|
|
|
|
|
2016-03-31 16:12:18 -05:00
|
|
|
building
|
|
|
|
--------
|
|
|
|
|
|
|
|
From the source directory run:
|
|
|
|
|
|
|
|
$ ./autogen.sh
|
|
|
|
$ ./configure
|
|
|
|
$ make
|
|
|
|
$ make check
|
|
|
|
|
|
|
|
The `autogen.sh` script only has to be run the first time after cloning the
|
|
|
|
repository. If you have already run it or are using code from a source
|
|
|
|
archive, you should skip it.
|
|
|
|
|
2017-09-13 13:38:19 -05:00
|
|
|
For building under Windows with Visual Studio, see the file
|
|
|
|
"ide/winvs/README.md".
|
|
|
|
|
2018-05-21 11:31:46 -05:00
|
|
|
NOTE: On resource constrained devices the DEFAULT_WINDOW_SZ may need to be set
|
|
|
|
to a lower size. By default channels are set to handle 1 Mb of data being sent
|
|
|
|
and received. An example of setting a lower window size for new channels would
|
2018-08-14 15:19:49 -05:00
|
|
|
be as follows "./configure CPPFLAGS=-DDEFAULT_WINDOW_SZ=16384"
|
2016-10-23 18:00:40 -05:00
|
|
|
|
2016-03-31 16:12:18 -05:00
|
|
|
examples
|
|
|
|
--------
|
|
|
|
|
|
|
|
The directory `examples` contains an echoserver that any client should be able
|
|
|
|
to connect to. From the terminal run:
|
|
|
|
|
|
|
|
$ ./examples/echoserver/echoserver
|
|
|
|
|
|
|
|
From another terminal run:
|
|
|
|
|
|
|
|
$ ssh_client localhost -p 22222
|
|
|
|
|
|
|
|
The server will send a canned banner to the client:
|
|
|
|
|
2017-07-14 14:24:38 -05:00
|
|
|
wolfSSH Example Echo Server
|
2016-03-31 16:12:18 -05:00
|
|
|
|
|
|
|
Characters typed into the client will be echoed to the screen by the server.
|
2017-07-14 14:24:38 -05:00
|
|
|
If the characters are echoed twice, the client has local echo enabled. The
|
|
|
|
echo server isn't being a proper terminal so the CR/LF translation will not
|
|
|
|
work as expected.
|
2016-06-16 17:50:11 -05:00
|
|
|
|
2016-10-23 18:00:40 -05:00
|
|
|
|
2016-06-16 17:50:11 -05:00
|
|
|
testing notes
|
|
|
|
-------------
|
|
|
|
|
2016-06-23 12:46:32 -05:00
|
|
|
After cloning the repository, be sure to make the testing private keys read-
|
|
|
|
only for the user, otherwise ssh_client will tell you to do it.
|
|
|
|
|
2017-09-12 13:26:54 -05:00
|
|
|
$ chmod 0600 ./keys/gretel-key-rsa.pem ./keys/hansel-key-rsa.pem \
|
|
|
|
./keys/gretel-key-ecc.pem ./keys/hansel-key-ecc.pem
|
2016-06-23 12:46:32 -05:00
|
|
|
|
2016-06-16 17:50:11 -05:00
|
|
|
Authentication against the example echoserver can be done with a password or
|
|
|
|
public key. To use a password the command line:
|
|
|
|
|
|
|
|
$ ssh_client -p 22222 USER@localhost
|
|
|
|
|
|
|
|
Where the `USER` and password pairs are:
|
|
|
|
|
|
|
|
jill:upthehill
|
|
|
|
jack:fetchapail
|
|
|
|
|
|
|
|
To use public key authentication use the command line:
|
|
|
|
|
2017-09-13 13:38:19 -05:00
|
|
|
$ ssh_client -i ./keys/key-USER.pem -p 22222 USER@localhost
|
2016-06-16 17:50:11 -05:00
|
|
|
|
2017-09-13 13:38:19 -05:00
|
|
|
Where the user can be `gretel` or `hansel`.
|
2016-07-06 13:12:07 -05:00
|
|
|
|
|
|
|
|
2018-05-31 14:42:50 -05:00
|
|
|
scp support
|
|
|
|
-----------
|
|
|
|
|
|
|
|
wolfSSH includes server-side support for scp, which includes support for both
|
|
|
|
copying files 'to' the server, and copying files 'from' the server. Both
|
|
|
|
single file and recursive directory copy are supported with the default
|
|
|
|
send and receive callbacks.
|
|
|
|
|
|
|
|
To compile wolfSSH with scp support, use the `--enable-scp` build option
|
|
|
|
or define `WOLFSSL_SCP`:
|
|
|
|
|
|
|
|
$ ./configure --enable-scp
|
|
|
|
$ make
|
|
|
|
|
|
|
|
For full API usage and implementation details, please see the wolfSSH User
|
|
|
|
Manual.
|
|
|
|
|
|
|
|
The wolfSSL example server has been set up to accept a single scp request,
|
|
|
|
and is compiled by default when compiling the wolfSSH library. To start the
|
|
|
|
example server, run:
|
|
|
|
|
|
|
|
$ ./examples/server/server
|
|
|
|
|
|
|
|
Standard scp commands can be used on the client side. The following are a
|
|
|
|
few examples, where `scp` represents the ssh client you are using.
|
|
|
|
|
|
|
|
To copy a single file TO the server, using the default example user "jill":
|
|
|
|
|
|
|
|
$ scp -P 22222 <local_file> jill@127.0.0.1:<remote_path>
|
|
|
|
|
|
|
|
To copy the same single file TO the server, but with timestamp and in
|
|
|
|
verbose mode:
|
|
|
|
|
|
|
|
$ scp -v -p -P 22222 <local_file> jill@127.0.0.1:<remote_path>
|
|
|
|
|
|
|
|
To recursively copy a directory TO the server:
|
|
|
|
|
|
|
|
$ scp -P 22222 -r <local_dir> jill@127.0.0.1:<remote_dir>
|
|
|
|
|
|
|
|
To copy a single file FROM the server to the local client:
|
|
|
|
|
|
|
|
$ scp -P 22222 jill@127.0.0.1:<remote_file> <local_path>
|
|
|
|
|
|
|
|
To recursively copy a directory FROM the server to the local client:
|
|
|
|
|
|
|
|
$ scp -P 22222 -r jill@127.0.0.1:<remote_dir> <local_path>
|
|
|
|
|