WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Update readme.

pull/367/head
John Safranek 2021-10-07 11:19:01 -07:00
parent a80d60f446
commit 513313e65e
No known key found for this signature in database
GPG Key ID: 8CE817DE0D3CCB4A
2 changed files with 306 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

167
README
View File

@ -1,4 +1,4 @@
wolfssh WOLFSSH
======= =======
wolfSSL's Embeddable SSH Server wolfSSL's Embeddable SSH Server
@ -50,13 +50,14 @@ examples
The directory `examples` contains an echoserver that any client should be able The directory `examples` contains an echoserver that any client should be able
to connect to. From the terminal run: to connect to. From the terminal run:
$ ./examples/echoserver/echoserver $ ./examples/echoserver/echoserver -f
From another terminal run: The option `-f` enables echo-only mode. From another terminal run:
$ ssh_client localhost -p 22222 $ ssh_client jill@localhost -p 22222
The server will send a canned banner to the client: When prompted for a password, enter "upthehill". The server will send a canned
banner to the client:
wolfSSH Example Echo Server wolfSSH Example Echo Server
@ -65,6 +66,13 @@ If the characters are echoed twice, the client has local echo enabled. The
echo server isn't being a proper terminal so the CR/LF translation will not echo server isn't being a proper terminal so the CR/LF translation will not
work as expected. work as expected.
The following control characters will trigger special actions in the
echoserver:
- CTRL-C: Terminate the connection.
- CTRL-E: Print out some session statistics.
- CTRL-F: Trigger a new key exchange.
testing notes testing notes
------------- -------------
@ -100,8 +108,125 @@ or public key list in the echoserver. That account will be logged into a shell
started by the echoserver with the privileges of the user running echoserver. started by the echoserver with the privileges of the user running echoserver.
scp support EXAMPLES
----------- ========
wolfSSH comes packaged with a few example tools for testing purposes and to
demonstrate interoperability with other SSH implementations.
echoserver
----------
The echoserver is the workhorse of wolfSSH. It originally only allowed one
to authenticate one of the canned account and would repeat the characters
typed into it. When enabling shell support, see the later section, it can
spawn a user shell. It will need an actual user name on the machine and an
updated user authentication callback function to validate the credentials.
The echoserver can also handle SCP and SFTP connections.
The echoserver tool accepts the following command line options:
-1 exit after a single (one) connection
-e expect ECC public key from client
-E use ECC private key
-f echo input
-p <num> port to accept on, default 22222
-N use non-blocking sockets
-d <string> set the home directory for SFTP connections
-j <file> load in a public key to accept from peer
client
------
The client establishes a connection to an SSH server. In its simplest mode,
it sends the string "Hello, wolfSSH!" to the server, prints the response,
and then exits. With the pseudo terminal option, the client will be a real
client.
The client tool accepts the following command line options:
-h <host> host to connect to, default 127.0.0.1
-p <num> port to connect on, default 22222
-u <username> username to authenticate as (REQUIRED)
-P <password> password for username, prompted if omitted
-e use sample ecc key for user
-i <filename> filename for the user's private key
-j <filename> filename for the user's public key
-x exit after successful connection without doing
read/write
-N use non-blocking sockets
-t use psuedo terminal
-c <command> executes remote command and pipe stdin/stdout
-a Attempt to use SSH-AGENT
portfwd
-------
The portfwd tool establishes a connection to an SSH server and sets up a
listener for local port forwarding or requests a listener for remote port
forwarding. After a connection, the tool terminates.
The portfwd tool accepts the following command line options:
-h <host> host to connect to, default 127.0.0.1
-p <num> port to connect on, default 22222
-u <username> username to authenticate as (REQUIRED)
-P <password> password for username, prompted if omitted
-F <host> host to forward from, default 0.0.0.0
-f <num> host port to forward from (REQUIRED)
-T <host> host to forward to, default to host
-t <num> port to forward to (REQUIRED)
scpclient
---------
The scpclient, wolfscp, establishes a connection to an SSH server and copies
the specified files from or to the local machine.
The scpclient tool accepts the following command line options:
-H <host> host to connect to, default 127.0.0.1
-p <num> port to connect on, default 22222
-u <username> username to authenticate as (REQUIRED)
-P <password> password for username, prompted if omitted
-L <from>:<to> copy from local to server
-S <from>:<to> copy from server to local
sftpclient
----------
The sftpclient, wolfsftp, establishes a connection to an SSH server and
allows directory navigation, getting and putting files, making and removing
directories, etc.
The sftpclient tool accepts the following command line options:
-h <host> host to connect to, default 127.0.0.1
-p <num> port to connect on, default 22222
-u <username> username to authenticate as (REQUIRED)
-P <password> password for username, prompted if omitted
-d <path> set the default local path
-N use non blocking sockets
-e use ECC user authentication
-l <filename> local filename
-r <filename> remote filename
-g put local filename as remote filename
-G get remote filename as local filename
server
------
This tool is a place holder.
SCP
===
wolfSSH includes server-side support for scp, which includes support for both wolfSSH includes server-side support for scp, which includes support for both
copying files 'to' the server, and copying files 'from' the server. Both copying files 'to' the server, and copying files 'from' the server. Both
@ -148,10 +273,10 @@ To recursively copy a directory FROM the server to the local client:
$ scp -P 22222 -r jill@127.0.0.1:<remote_dir> <local_path> $ scp -P 22222 -r jill@127.0.0.1:<remote_dir> <local_path>
port forwarding support PORT FORWARDING
----------------------- ===============
wolfSSH provides client side support for port forwarding. This allows the user wolfSSH provides support for port forwarding. This allows the user
to set up an encrypted tunnel to another server, where the SSH client listens to set up an encrypted tunnel to another server, where the SSH client listens
on a socket and forwards connections on that socket to another socket on on a socket and forwards connections on that socket to another socket on
the server. the server.
@ -184,9 +309,22 @@ are routed back and forth between the client and server. "Hello, wolfSSL!"
The source for portfwd provides an example on how to set up and use the The source for portfwd provides an example on how to set up and use the
port forwarding support in wolfSSH. port forwarding support in wolfSSH.
The echoserver will handle local and remote port forwarding. To connect with
the ssh tool, using one of the following command lines. You can run either of
the ssh command lines from anywhere:
sftp support src/wolfssl$ ./examples/server/server
------------ src/wolfssh$ ./examples/echoserver/echoserver
anywhere 1$ ssh -p 22222 -L 12345:localhost:11111 jill@localhost
anywhere 2$ ssh -p 22222 -R 12345:localhost:11111 jill@localhost
src/wolfssl$ ./examples/client/client -p 12345
This will allow port forwarding between the wolfSSL client and server like in
the previous example.
SFTP
====
wolfSSH provides server and client side support for SFTP version 3. This wolfSSH provides server and client side support for SFTP version 3. This
allows the user to set up an encrypted connection for managing file systems. allows the user to set up an encrypted connection for managing file systems.
@ -230,8 +368,9 @@ An example of connecting to another system would be
src/wolfssh$ ./examples/sftpclient/wolfsftp -p 22 -u user -h 192.168.1.111 src/wolfssh$ ./examples/sftpclient/wolfsftp -p 22 -u user -h 192.168.1.111
shell support in example echoserver SHELL SUPPORT
----------------------------------- =============
wolfSSH's example echoserver can now fork a shell for the user trying to log wolfSSH's example echoserver can now fork a shell for the user trying to log
in. This currently has only been tested on Linux and macOS. The file in. This currently has only been tested on Linux and macOS. The file
echoserver.c must be modified to have the user's credentials in the user echoserver.c must be modified to have the user's credentials in the user

167
README.md
View File

@ -1,4 +1,4 @@
wolfssh WOLFSSH
======= =======
wolfSSL's Embeddable SSH Server wolfSSL's Embeddable SSH Server
@ -50,13 +50,14 @@ examples
The directory `examples` contains an echoserver that any client should be able The directory `examples` contains an echoserver that any client should be able
to connect to. From the terminal run: to connect to. From the terminal run:
$ ./examples/echoserver/echoserver $ ./examples/echoserver/echoserver -f
From another terminal run: The option `-f` enables echo-only mode. From another terminal run:
$ ssh_client localhost -p 22222 $ ssh_client jill@localhost -p 22222
The server will send a canned banner to the client: When prompted for a password, enter "upthehill". The server will send a canned
banner to the client:
wolfSSH Example Echo Server wolfSSH Example Echo Server
@ -65,6 +66,13 @@ If the characters are echoed twice, the client has local echo enabled. The
echo server isn't being a proper terminal so the CR/LF translation will not echo server isn't being a proper terminal so the CR/LF translation will not
work as expected. work as expected.
The following control characters will trigger special actions in the
echoserver:
- CTRL-C: Terminate the connection.
- CTRL-E: Print out some session statistics.
- CTRL-F: Trigger a new key exchange.
testing notes testing notes
------------- -------------
@ -100,8 +108,125 @@ or public key list in the echoserver. That account will be logged into a shell
started by the echoserver with the privileges of the user running echoserver. started by the echoserver with the privileges of the user running echoserver.
scp support EXAMPLES
----------- ========
wolfSSH comes packaged with a few example tools for testing purposes and to
demonstrate interoperability with other SSH implementations.
echoserver
----------
The echoserver is the workhorse of wolfSSH. It originally only allowed one
to authenticate one of the canned account and would repeat the characters
typed into it. When enabling shell support, see the later section, it can
spawn a user shell. It will need an actual user name on the machine and an
updated user authentication callback function to validate the credentials.
The echoserver can also handle SCP and SFTP connections.
The echoserver tool accepts the following command line options:
-1 exit after a single (one) connection
-e expect ECC public key from client
-E use ECC private key
-f echo input
-p <num> port to accept on, default 22222
-N use non-blocking sockets
-d <string> set the home directory for SFTP connections
-j <file> load in a public key to accept from peer
client
------
The client establishes a connection to an SSH server. In its simplest mode,
it sends the string "Hello, wolfSSH!" to the server, prints the response,
and then exits. With the pseudo terminal option, the client will be a real
client.
The client tool accepts the following command line options:
-h <host> host to connect to, default 127.0.0.1
-p <num> port to connect on, default 22222
-u <username> username to authenticate as (REQUIRED)
-P <password> password for username, prompted if omitted
-e use sample ecc key for user
-i <filename> filename for the user's private key
-j <filename> filename for the user's public key
-x exit after successful connection without doing
read/write
-N use non-blocking sockets
-t use psuedo terminal
-c <command> executes remote command and pipe stdin/stdout
-a Attempt to use SSH-AGENT
portfwd
-------
The portfwd tool establishes a connection to an SSH server and sets up a
listener for local port forwarding or requests a listener for remote port
forwarding. After a connection, the tool terminates.
The portfwd tool accepts the following command line options:
-h <host> host to connect to, default 127.0.0.1
-p <num> port to connect on, default 22222
-u <username> username to authenticate as (REQUIRED)
-P <password> password for username, prompted if omitted
-F <host> host to forward from, default 0.0.0.0
-f <num> host port to forward from (REQUIRED)
-T <host> host to forward to, default to host
-t <num> port to forward to (REQUIRED)
scpclient
---------
The scpclient, wolfscp, establishes a connection to an SSH server and copies
the specified files from or to the local machine.
The scpclient tool accepts the following command line options:
-H <host> host to connect to, default 127.0.0.1
-p <num> port to connect on, default 22222
-u <username> username to authenticate as (REQUIRED)
-P <password> password for username, prompted if omitted
-L <from>:<to> copy from local to server
-S <from>:<to> copy from server to local
sftpclient
----------
The sftpclient, wolfsftp, establishes a connection to an SSH server and
allows directory navigation, getting and putting files, making and removing
directories, etc.
The sftpclient tool accepts the following command line options:
-h <host> host to connect to, default 127.0.0.1
-p <num> port to connect on, default 22222
-u <username> username to authenticate as (REQUIRED)
-P <password> password for username, prompted if omitted
-d <path> set the default local path
-N use non blocking sockets
-e use ECC user authentication
-l <filename> local filename
-r <filename> remote filename
-g put local filename as remote filename
-G get remote filename as local filename
server
------
This tool is a place holder.
SCP
===
wolfSSH includes server-side support for scp, which includes support for both wolfSSH includes server-side support for scp, which includes support for both
copying files 'to' the server, and copying files 'from' the server. Both copying files 'to' the server, and copying files 'from' the server. Both
@ -148,10 +273,10 @@ To recursively copy a directory FROM the server to the local client:
$ scp -P 22222 -r jill@127.0.0.1:<remote_dir> <local_path> $ scp -P 22222 -r jill@127.0.0.1:<remote_dir> <local_path>
port forwarding support PORT FORWARDING
----------------------- ===============
wolfSSH provides client side support for port forwarding. This allows the user wolfSSH provides support for port forwarding. This allows the user
to set up an encrypted tunnel to another server, where the SSH client listens to set up an encrypted tunnel to another server, where the SSH client listens
on a socket and forwards connections on that socket to another socket on on a socket and forwards connections on that socket to another socket on
the server. the server.
@ -184,9 +309,22 @@ are routed back and forth between the client and server. "Hello, wolfSSL!"
The source for portfwd provides an example on how to set up and use the The source for portfwd provides an example on how to set up and use the
port forwarding support in wolfSSH. port forwarding support in wolfSSH.
The echoserver will handle local and remote port forwarding. To connect with
the ssh tool, using one of the following command lines. You can run either of
the ssh command lines from anywhere:
sftp support src/wolfssl$ ./examples/server/server
------------ src/wolfssh$ ./examples/echoserver/echoserver
anywhere 1$ ssh -p 22222 -L 12345:localhost:11111 jill@localhost
anywhere 2$ ssh -p 22222 -R 12345:localhost:11111 jill@localhost
src/wolfssl$ ./examples/client/client -p 12345
This will allow port forwarding between the wolfSSL client and server like in
the previous example.
SFTP
====
wolfSSH provides server and client side support for SFTP version 3. This wolfSSH provides server and client side support for SFTP version 3. This
allows the user to set up an encrypted connection for managing file systems. allows the user to set up an encrypted connection for managing file systems.
@ -230,8 +368,9 @@ An example of connecting to another system would be
src/wolfssh$ ./examples/sftpclient/wolfsftp -p 22 -u user -h 192.168.1.111 src/wolfssh$ ./examples/sftpclient/wolfsftp -p 22 -u user -h 192.168.1.111
shell support in example echoserver SHELL SUPPORT
----------------------------------- =============
wolfSSH's example echoserver can now fork a shell for the user trying to log wolfSSH's example echoserver can now fork a shell for the user trying to log
in. This currently has only been tested on Linux and macOS. The file in. This currently has only been tested on Linux and macOS. The file
echoserver.c must be modified to have the user's credentials in the user echoserver.c must be modified to have the user's credentials in the user