ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Is there an SSH protocol support library around? What I want to do is create a user space process that can be accessed using SSH (specifically SSH, not some other thing using plain SSL or whatever, so that an unmodified SSH client can be used). I want every aspect of the session being accessed to stay entirely in non-root user space. It should be usable whether the host system has SSHD running for logins or not (as long as the listen port isn't in conflict, of course).
Please don't bother me, or waste your time, with suggestions on how to use SSL, or how to configure SSHD into launching my app, etc. I already know how to do things those ways.
Please don't bother me, or waste your time, with suggestions on how to use SSL, or how to configure SSHD into launching my app, etc. I already know how to do things those ways.
Why aren't these viable solutions? What features would you expect to see in an ssh support library? And not just "act like sshd": is there a reason you can't modify sshd to to do what you want? If nothing else, maybe you can give sshd an api, take out main, and make it into a shared library.
Kevin Barry
Why aren't these viable solutions? What features would you expect to see in an ssh support library? And not just "act like sshd": is there a reason you can't modify sshd to to do what you want? If nothing else, maybe you can give sshd an api, take out main, and make it into a shared library.
Kevin Barry
Take for example the good old times of Mud and BBS, which traditionally ran on telnet (unencrypted); I can see you'd like to write something of the like that goes over SSH instead. Another example: a sort of shell for your application to be accessed securely. There are tons of reasons why you'd want to create an application that listens to SSH, rather than configure your ssh daemon.
Take for example the good old times of Mud and BBS, which traditionally ran on telnet (unencrypted); I can see you'd like to write something of the like that goes over SSH instead. Another example: a sort of shell for your application to be accessed securely. There are tons of reasons why you'd want to create an application that listens to SSH, rather than configure your ssh daemon.
I'm not sure who you're providing examples to. We all seem to agree that a secure protocol is necessary; however, OP wants "the" ssh but not to the point where it's actually the sshd executable. sshd forks every time a connection is made, so the only reasons I can think of to replace it are to have a single process service all connections, or to have direct access to the data structures used to handle the protocol.
Kevin Barry
Why aren't these viable solutions? What features would you expect to see in an ssh support library? And not just "act like sshd": is there a reason you can't modify sshd to to do what you want? If nothing else, maybe you can give sshd an api, take out main, and make it into a shared library.
Kevin Barry
I probably could modify sshd to do what I want. But that approach didn't need to ask on LQ. Admittedly, I should have googled better than I did on this one and not needed to ask even what I did.
Just to understand, when I have something I'm interested in doing, I look at as many possible ways as I can. When I'm not sure about how some of those way might work, but still recognize that they exist, I then ask about those ways. The problem with asking questions like this online is that some people see the other ways as the obvious or preferred solution (at least for them), and think the way I'm researching to ask the question about is all wrong. In other words, they are trying to evaluate the choices for me, rather than letting me evaluate the choice based on getting more information about the choices I know too little about.
Quote:
Originally Posted by ta0kira
I'm not sure who you're providing examples to. We all seem to agree that a secure protocol is necessary; however, OP wants "the" ssh but not to the point where it's actually the sshd executable. sshd forks every time a connection is made, so the only reasons I can think of to replace it are to have a single process service all connections, or to have direct access to the data structures used to handle the protocol.
Kevin Barry
What I'm thinking about doing is complicated, but if you think about it as a single process, it covers many of the issues. But another one is not wanting to have even the slightest bit of code in there that would possibly do anything other than my application's purpose. Sure, taking sshd source code and stripping huge amounts out could possibly solve that. And that idea is on the table. I just didn't have a question to ask about that one.
Let's just say it will involve making use of SSH's port forwarding aspects, e.g. -D and -L and -R in the client command, but without those ports being real on the server end, and instead, handled in special ways that I prefer stay in the same process.
I do recall someone actually did a MUD game a while back with an SSH listener in it. I couldn't remember it's name and that was one of the things I was looking for. I don't know how they actually did it, either. If they hacked things by passing the incoming stream over to the local unmodified sshd to run a special program that just passed the clear traffic back, that might be considered a nice hack, but isn't what I want to do (which, instead, needs to be clean, lean, and supportable).
Just to understand, when I have something I'm interested in doing, I look at as many possible ways as I can. When I'm not sure about how some of those way might work, but still recognize that they exist, I then ask about those ways. The problem with asking questions like this online is that some people see the other ways as the obvious or preferred solution (at least for them), and think the way I'm researching to ask the question about is all wrong. In other words, they are trying to evaluate the choices for me, rather than letting me evaluate the choice based on getting more information about the choices I know too little about.
Yeah, that sounds like nearly every thread I've started at LQ. I generally end up having to figure it out myself or repose the problem, not because the help was inadequate but because I normally ask about non-traditional things that I can't figure out even the hard way. Most of the time reposing the problem was the way to go, but that normally required massive rewrites.
As far as asking "why", etc., I was mostly trying to get the obvious out of the way so we knew in what ways the obvious was inadequate. If those things aren't clear it starts turning into trial-and-error on the part of people helping. Of course, now that I say that it makes sense the way some of my threads have gone.
Kevin Barry
I eventually did find libssh and libssh2 from the earlier suggestions by macemoneta and Reuti. It may be a larger project than I want to tackle at this time.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.