FSCONS Göteborg, November 14 th  2009
Your humble presenter <ul><li>Daniel Stenberg
Consultant at Haxx
Open Source since 15 years
Contributed to 20+ projects
15K public commits
cURL, Rockbox etc </li></ul>
Questions Please do interrupt and ask if you have questions!
Agenda <ul><li>What is SSH
Background
Why a lib is needed
The project
Basic design </li></ul><ul><li>License
App examples
Competitors
Future
Contributors </li></ul>
SSH explained <ul><li>Secure Shell or SSH is a  network protocol that allows data to be exchanged using a secure channel b...
On top of TCP/IP
Invented by Tatu Ylönen in 1995
OpenSSH 1999
Internet Standard 2002, RFC4251 and friends
SSH is not SSL but similarities exist </li></ul>
 
A little story Once upon a time...
1997 Wouldn't it be nice with a tool that grabs HTTP?
1998 Wouldn't it be nice if it did FTP too?
1999 And Gopher!
1999 Wouldn't it be nice if it did HTTPS too?
2000 You get the picture. Time moved on. It was now also a lib
Upcoming SlideShare
Loading in...5
×

Libssh2 at FSCONS 2009

1,281

Published on

Daniel Stenberg's libssh2 presentation at FSCONS 2099.

Published in: Technology, Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,281
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
5
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Commits counted by ohloh c-ares, Subversion
  • SSH v1 is deemed insecure and is widely abandoned anyway
  • Libssh2 supports the different layers
  • Gcrypt or OpenSSL Knownhost works with OpenSSH style knownhost files
  • See how its almost the same, just a little extra cruft added for SFTP instead of SCP.
  • An additional abstraction layer. Most useful if you deal with more than one protocol, or perhaps if you want to work easily with many parallell transfers with ease.
  • SCP speed is on par with OpenSSH SFTP speed is lesser than OpenSSH due to protocol complexity and how the libssh2 API works and the work needed to fix it. Faster than libssh still Features wise, it offers a lot. Bug wise it is fairly stable and solid, even if there still are bugs appearing that need to be fixed. Several existing commercial applications are relying on libssh2.
  • BSD without advertising clause
  • Libssh is LGPL
  • Like most projects, this never ends
  • We need your help
  • Libssh2 at FSCONS 2009

    1. 1. FSCONS Göteborg, November 14 th 2009
    2. 2. Your humble presenter <ul><li>Daniel Stenberg
    3. 3. Consultant at Haxx
    4. 4. Open Source since 15 years
    5. 5. Contributed to 20+ projects
    6. 6. 15K public commits
    7. 7. cURL, Rockbox etc </li></ul>
    8. 8. Questions Please do interrupt and ask if you have questions!
    9. 9. Agenda <ul><li>What is SSH
    10. 10. Background
    11. 11. Why a lib is needed
    12. 12. The project
    13. 13. Basic design </li></ul><ul><li>License
    14. 14. App examples
    15. 15. Competitors
    16. 16. Future
    17. 17. Contributors </li></ul>
    18. 18. SSH explained <ul><li>Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices
    19. 19. On top of TCP/IP
    20. 20. Invented by Tatu Ylönen in 1995
    21. 21. OpenSSH 1999
    22. 22. Internet Standard 2002, RFC4251 and friends
    23. 23. SSH is not SSL but similarities exist </li></ul>
    24. 25. A little story Once upon a time...
    25. 26. 1997 Wouldn't it be nice with a tool that grabs HTTP?
    26. 27. 1998 Wouldn't it be nice if it did FTP too?
    27. 28. 1999 And Gopher!
    28. 29. 1999 Wouldn't it be nice if it did HTTPS too?
    29. 30. 2000 You get the picture. Time moved on. It was now also a lib
    30. 31. 2006 Supporting HTTP, HTTPS, FTP, FTPS, TELNET, LDAP, LDAPS, DICT, TFTP and FILE. Using several underlying libraries. Wouldn't it be nice if it did SCP and SFTP too?
    31. 32. How to select a SSH lib <ul><li>OpenSSH – no lib
    32. 33. Putty – no lib
    33. 34. Libssh (license, blocking, thread-safety...)
    34. 35. Libssh2 – there you go </li></ul>
    35. 36. Why libssh2 <ul><li>Because neither OpenSSH nor Putty “did it right”
    36. 37. Embeddable, command line tools aren't enough
    37. 38. Portability – not limited to POSIX (C89)
    38. 39. Use SSH for SSL-like stuff
    39. 40. License – as free as possible
    40. 41. Only 20K LOC </li></ul>
    41. 42. Libssh2 Background <ul><li>Created by Sara Golemon, Dec 2004
    42. 43. Client and server
    43. 44. SSH2 only (no v1)
    44. 45. For PHP
    45. 46. Sara set the API, made it run
    46. 47. Daniel entered Nov 2006
    47. 48. For libcurl (non-blocking!)
    48. 49. Client-side only (for simplicity) </li></ul>
    49. 50. The project <ul><li>Small
    50. 51. Plain ANSI C89 C
    51. 52. Low key
    52. 53. Mailing list driven
    53. 54. Meritocracy
    54. 55. Start-up feeling </li></ul>
    55. 56. Dealing with changes <ul><li>Responsive to new ideas and features
    56. 57. Not many users (apps)
    57. 58. git
    58. 59. Individual copyrights
    59. 60. No umbrella org </li></ul>
    60. 61. Protocol support <ul><li>Sessions
    61. 62. Channels
    62. 63. SCP
    63. 64. X11
    64. 65. SFTP
    65. 66. Publickey </li></ul>
    66. 67. More on design <ul><li>(non-)blocking
    67. 68. pass in socket
    68. 69. external poll()
    69. 70. Crypto-layer abstracted
    70. 71. Knownhost </li></ul>
    71. 72. Blocking API SCP client /* create a socket */ sockfd = socket(); /* connect to server */ connect(sockfd, address); /* get a libssh2 session handle (blocking behavior is default) */ session = libssh2_session_init(); /* pass in the socket to the SSH2 session */ libssh2_session_startup(session, sockfd); /* password authentication (known host handling skipped) */ libssh2_userauth_password(session, username, password)); /* request a file with SCP */ channel = libssh2_scp_recv(session, “/home/daniel/textfile”, &fileinfo); while (!done) libssh2_channel_read(channel, mem, amount); /* free the SCP channel */ libssh2_channel_free(channel); /* disconnect session */ libssh2_session_disconnect(session, &quot;shutdown”); /* free the session */ libssh2_session_free(session); /* close the socket */ close(socket);
    72. 73. /* create a socket */ sockfd = socket(); /* connect to server */ connect(sockfd, address); /* get a libssh2 session handle (blocking behavior is default) */ session = libssh2_session_init(); /* pass in the socket to the SSH2 session */ libssh2_session_startup(session, sockfd); /* password authentication (known host handling skipped) */ libssh2_userauth_password(session, username, password)); /* request a file with SCP */ channel = libssh2_scp_recv(session, “/home/daniel/textfile”, &fileinfo); while (!done) libssh2_channel_read(channel, mem, amount); /* free the SCP channel */ libssh2_channel_free(channel); /* disconnect session */ libssh2_session_disconnect(session, &quot;shutdown”); /* free the session */ libssh2_session_free(session); /* close the socket */ close(socket); Blocking API SFTP client /* create the SFTP session */ sftp_session = libssh2_sftp_init(session); sftp_handle = libssh2_sftp_open(sftp_session, “/home/daniel/file”, LIBSSH2_FXF_READ, 0); while (!done) libssh2_sftp_read(sftp_handle, mem, amount); /* close the SFTP handle */ libssh2_sftp_close(sftp_handle); /* close the SFTP session */ libssh2_sftp_shutdown(sftp_session);
    73. 74. Or use libcurl! Libcurl supports SCP and SFTP URLs http://curl.haxx.se/
    74. 75. How does it do? <ul><li>Speed wise?
    75. 76. Feature wise?
    76. 77. Bug and stability wise? </li></ul>
    77. 78. License <ul><li>Modified BSD
    78. 79. Free for virtually every use
    79. 80. Sara G picked it
    80. 81. Suitable for re-use by other libs/platforms </li></ul>
    81. 82. Competitor(s) <ul><li>Libssh </li><ul><li>Slower
    82. 83. License
    83. 84. non-blocking
    84. 85. Name-space polluting
    85. 86. Unstable API </li></ul><li>Others? Mostly non-C (Java, .NET ...)
    86. 87. Commercial? </li></ul>
    87. 88. Contributors <ul><li>Sara G
    88. 89. Me
    89. 90. Simon J
    90. 91. A few other happy campers
    91. 92. No particular company backing
    92. 93. Company-funded features </li></ul>
    93. 94. Future <ul><li>Remain client-side?
    94. 95. Make more stable
    95. 96. Improve speed (esp SFTP)
    96. 97. Use less mallocs
    97. 98. Use less memory (adjust windows etc)
    98. 99. Missing features?
    99. 100. Scratch itches </li></ul>
    100. 101. Summary <ul><li>Open source library for SSH2
    101. 102. Written in C
    102. 103. The best one available
    103. 104. Small team
    104. 105. www.libssh2.org </li></ul>
    105. 106. Join in! libssh2 needs you!
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×