<div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Mar 3, 2019, 3:18 PM Chris Johns <<a href="mailto:chrisj@rtems.org">chrisj@rtems.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
<br>
On 2/3/19 3:37 am, Christian Mauderer wrote:<br>
> Am 01.03.19 um 17:01 schrieb Gedare Bloom:<br>
>><br>
>><br>
>> On Fri, Mar 1, 2019 at 10:52 AM Joel Sherrill <<a href="mailto:joel@rtems.org" target="_blank" rel="noreferrer">joel@rtems.org</a><br>
>> <mailto:<a href="mailto:joel@rtems.org" target="_blank" rel="noreferrer">joel@rtems.org</a>>> wrote:<br>
>><br>
>><br>
>><br>
>> On Fri, Mar 1, 2019 at 2:57 AM Sebastian Huber<br>
>> <<a href="mailto:sebastian.huber@embedded-brains.de" target="_blank" rel="noreferrer">sebastian.huber@embedded-brains.de</a><br>
>> <mailto:<a href="mailto:sebastian.huber@embedded-brains.de" target="_blank" rel="noreferrer">sebastian.huber@embedded-brains.de</a>>> wrote:<br>
>><br>
>> Hello Gedare,<br>
>><br>
>> we evaluated porting of OpenSSH some time ago. Something to<br>
>> consider is<br>
>> also Dropbear SSH:<br>
>><br>
>> <a href="https://matt.ucc.asn.au/dropbear/dropbear.html" rel="noreferrer noreferrer" target="_blank">https://matt.ucc.asn.au/dropbear/dropbear.html</a><br>
>><br>
>> We didn't spend much time with both programs, but it seems to be<br>
>> complex. We ended up with web sockets via HTTPS.<br>
>><br>
>><br>
>> This would be good to support via a port and the RSB.<br>
>><br>
>><br>
>> Thanks. I have some plan to add an SSH server, but I haven't yet<br>
>> untangled the complexity of it. Dropbear looks promising--it works under<br>
>> Cygwin so hopefully the newlib support is sufficient. I think this could<br>
>> be a GSoC Project, with some proper scoping and some "Extras" in case<br>
>> the porting turns out to be a bit trivial.<br>
>> <br>
>><br>
>><br>
>> I thought we had a port of an SSL library but I don't see it in the RSB.<br>
>><br>
>><br>
>> We have OpenSSL in the libbsd. Is that what you mean? <br>
>> <br>
> <br>
> One possible SSL library is OpenSSL from libbsd. Most likely that's the<br>
> simplest choice. For some other project we have also build libressl<br>
> without bigger problems before OpenSSL was included in libbsd. But that<br>
> was without RSB.<br>
> <br>
> Another interesting SSL library would be mbed TLS. It promises to be a<br>
> lot smaller than OpenSSL. But I didn't try that one yet.<br>
> <br>
<br>
There is also <a href="https://tinyssh.org/" rel="noreferrer noreferrer" target="_blank">https://tinyssh.org/</a>. I had the crypto tests working and I was<br>
able to make secure connections. The missing piece was to look at the telnet<br>
code we have and to see what could be made common and shared and then to wire<br>
that to the ssh connection. The nice thing about tinyssh is it's size. it is<br>
self contained, and it works with the legacy networking and libbsd stacks.<br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">Would it make sense to have a broad SSH gsoc project that ported multiple and compared them? On code size, performance, features, etc. If you can run libbsd, you have lots of RAM and code space. But in lighter targets, less might be attractive.</div><div dir="auto"><br></div><div dir="auto">Also related is this:</div><div dir="auto"><br></div><div dir="auto"><a href="https://cloud.google.com/blog/products/iot-devices/introducing-cloud-iot-device-sdk-a-new-way-for-embedded-iot-devices-to-connect-to-google-cloud-iot-core">https://cloud.google.com/blog/products/iot-devices/introducing-cloud-iot-device-sdk-a-new-way-for-embedded-iot-devices-to-connect-to-google-cloud-iot-core</a><br></div><div dir="auto"><br></div><div dir="auto">Which looks like a nice collection of services in a bsd licensed kit.</div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Chris<br>
</blockquote></div></div></div>