Libssh2 is an open source C library for SSH2 connections that was created in 2004 to fill the need for an embeddable SSH library. It aims to provide a small, portable library for SSH functionality like SCP and SFTP in a non-blocking manner. The presentation discusses the background and design of libssh2 as well as opportunities for future contributors to the project.

1. FSCONS Göteborg, November 14 th 2009

2. Your humble presenter Daniel Stenberg

3. Consultant at Haxx

4. Open Source since 15 years

5. Contributed to 20+ projects

6. 15K public commits

7. cURL, Rockbox etc

8. Questions Please do interrupt and ask if you have questions!

9. Agenda What is SSH

10. Background

11. Why a lib is needed

12. The project

13. Basic design License

14. App examples

15. Competitors

16. Future

17. Contributors

18. SSH explained Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices

19. On top of TCP/IP

20. Invented by Tatu Ylönen in 1995

21. OpenSSH 1999

22. Internet Standard 2002, RFC4251 and friends

23. SSH is not SSL but similarities exist

25. A little story Once upon a time...

26. 1997 Wouldn't it be nice with a tool that grabs HTTP?

27. 1998 Wouldn't it be nice if it did FTP too?

28. 1999 And Gopher!

29. 1999 Wouldn't it be nice if it did HTTPS too?

30. 2000 You get the picture. Time moved on. It was now also a lib

31. 2006 Supporting HTTP, HTTPS, FTP, FTPS, TELNET, LDAP, LDAPS, DICT, TFTP and FILE. Using several underlying libraries. Wouldn't it be nice if it did SCP and SFTP too?

32. How to select a SSH lib OpenSSH – no lib

33. Putty – no lib

34. Libssh (license, blocking, thread-safety...)

35. Libssh2 – there you go

36. Why libssh2 Because neither OpenSSH nor Putty “did it right”

37. Embeddable, command line tools aren't enough

38. Portability – not limited to POSIX (C89)

39. Use SSH for SSL-like stuff

40. License – as free as possible

41. Only 20K LOC

42. Libssh2 Background Created by Sara Golemon, Dec 2004

43. Client and server

44. SSH2 only (no v1)

45. For PHP

46. Sara set the API, made it run

47. Daniel entered Nov 2006

48. For libcurl (non-blocking!)

49. Client-side only (for simplicity)

50. The project Small

51. Plain ANSI C89 C

52. Low key

53. Mailing list driven

54. Meritocracy

55. Start-up feeling

56. Dealing with changes Responsive to new ideas and features

57. Not many users (apps)

58. git

59. Individual copyrights

60. No umbrella org

61. Protocol support Sessions

62. Channels

63. SCP

64. X11

65. SFTP

66. Publickey

67. More on design (non-)blocking

68. pass in socket

69. external poll()

70. Crypto-layer abstracted

71. Knownhost

72. Blocking API SCP client /* create a socket */ sockfd = socket(); /* connect to server */ connect(sockfd, address); /* get a libssh2 session handle (blocking behavior is default) */ session = libssh2_session_init(); /* pass in the socket to the SSH2 session */ libssh2_session_startup(session, sockfd); /* password authentication (known host handling skipped) */ libssh2_userauth_password(session, username, password)); /* request a file with SCP */ channel = libssh2_scp_recv(session, “/home/daniel/textfile”, &fileinfo); while (!done) libssh2_channel_read(channel, mem, amount); /* free the SCP channel */ libssh2_channel_free(channel); /* disconnect session */ libssh2_session_disconnect(session, "shutdown”); /* free the session */ libssh2_session_free(session); /* close the socket */ close(socket);

73. /* create a socket */ sockfd = socket(); /* connect to server */ connect(sockfd, address); /* get a libssh2 session handle (blocking behavior is default) */ session = libssh2_session_init(); /* pass in the socket to the SSH2 session */ libssh2_session_startup(session, sockfd); /* password authentication (known host handling skipped) */ libssh2_userauth_password(session, username, password)); /* request a file with SCP */ channel = libssh2_scp_recv(session, “/home/daniel/textfile”, &fileinfo); while (!done) libssh2_channel_read(channel, mem, amount); /* free the SCP channel */ libssh2_channel_free(channel); /* disconnect session */ libssh2_session_disconnect(session, "shutdown”); /* free the session */ libssh2_session_free(session); /* close the socket */ close(socket); Blocking API SFTP client /* create the SFTP session */ sftp_session = libssh2_sftp_init(session); sftp_handle = libssh2_sftp_open(sftp_session, “/home/daniel/file”, LIBSSH2_FXF_READ, 0); while (!done) libssh2_sftp_read(sftp_handle, mem, amount); /* close the SFTP handle */ libssh2_sftp_close(sftp_handle); /* close the SFTP session */ libssh2_sftp_shutdown(sftp_session);

74. Or use libcurl! Libcurl supports SCP and SFTP URLs http://curl.haxx.se/

75. How does it do? Speed wise?

76. Feature wise?

77. Bug and stability wise?

78. License Modified BSD

79. Free for virtually every use

80. Sara G picked it

81. Suitable for re-use by other libs/platforms

82. Competitor(s) Libssh Slower

83. License

84. non-blocking

85. Name-space polluting

86. Unstable API Others? Mostly non-C (Java, .NET ...)

87. Commercial?

88. Contributors Sara G

89. Me

90. Simon J

91. A few other happy campers

92. No particular company backing

93. Company-funded features

94. Future Remain client-side?

95. Make more stable

96. Improve speed (esp SFTP)

97. Use less mallocs

98. Use less memory (adjust windows etc)

99. Missing features?

100. Scratch itches

101. Summary Open source library for SSH2

102. Written in C

103. The best one available

104. Small team

105. www.libssh2.org

106. Join in! libssh2 needs you!