SSH or other secure connection on RTEMS

Joel Sherrill joel.sherrill at OARcorp.com
Tue Sep 11 17:27:11 UTC 2001 

Sergei Organov wrote:
> 
> Just my 2 cents. It wold be a good idea to port OpenSSH
> <http://www.openssh.org> to RTEMS, I believe. It's covered by BSD license, so
> it should be allowed to use its sources in RTEMS, I think.

It will require some work to get it to cross compile.  It
does a lot of probes when configuring and they do not 
appear to be cross-friendly.  But after that is dealt with,
it may not be tough.  

I tried to configure it like this:

CC=sparc-rtems-gcc .../configure --target=sparc-rtems

and it died saying it could not do its endian test
in cross mode.  It also looked like it was peeking
at host include files but I am not sure on that one.

Probably just a handful of tricks and hackery. :)

--joel

> BR,
> Sergei.
> 
> "Fernando RUIZ CASAS" <correo at fernando-ruiz.com> writes:
> > > -----Mensaje original-----
> > > De: chris at mail.powweb.com [mailto:chris at mail.powweb.com]En nombre de
> > > Chris Caudle
> > > Enviado el: lunes, 10 de septiembre de 2001 3:46
> > > Para: rtems-users at oarcorp.com
> > > Asunto: Re: SSH or other secure connection on RTEMS
> > >
> > >
> > > Fernando RUIZ CASAS wrote:
> > > > What is the goal of this?
> > >
> > > To provide a way to change configuration settings on a network connected
> > > device without allowing public access to the configuration settings, and
> > > without sending passwords in plain text on the network.
> > >
> > > SSH was the first that came to mind, but perhaps SSL would be as
> > > appropriate?
> > >
> > I don't known the specifications of these protocols but I can imaginate it
> > like
> > a socket conecction but with a crypted that envolves the connection.
> >
> > If the end of the channel is a pure ascii conection like a telnet terminal
> > no problem to add a new level beetween the socket and the shell. Easy
> > because
> > it's only necesary to add a more complex routine to write or read into the
> > pseudo-terminal
> > in the master side.
> >
> >
> > > > And after all these steps a real user environment with several
> > > tasks owned
> > > > by the user linked must be deleted once the user does the logoff.
> > > > Is this necessary in rtems environment?
> > >
> > > No, not at all.  I had in mind something more like what the small
> > > Linksys or Netgear routers allow, or the cable and DSL modems: you can
> > > telnet in and change the network parameters, or you can use a web
> > > browser to access a setup page which uses something like CGI.
> > > If what is being controlled has some value, or can cause physical or
> > > monetary damage if misused, you would want more security than telnet or
> > > a simple http connection.
> > >
> > > > Perhaps too many lines of code in the kernel to link the tasks,
> > > users and
> > > > process.
> >
> > Maybe after to study the solution it could be optimized.
> >
> > >
> > > For what I am describing, I don't think you need as much as all that.
> > > Just a task running to handle the network connection.  Possibly that
> > > task would have to fake a user identity, but only for the convenience of
> > > reusing source code from a full posix implementation.
> > >
> > > > The embedded software runs always with the minimum of resources
> > > hardware and
> > > > the size of code is an important point to bear in mind.
> > >
> >
> > Sorry but I come from 8 Bit environment and all my embedded developements
> > were in too few memory CPUS.
> > Today I can imaginate the new PCCARD boards but ten years ago...
> >
> > > That is an oversimplification.  Many embedded devices use an RTOS
> > > because of high performance, the ability to preempt the kernel when
> > > needed, or determinism in scheduling, and are not averse to throwing
> > > processor cycles and memory at the problem.
> > > The embedded devices I work with all have at least 16MB of processor
> > > memory, not because I need that much memory, but because I would have to
> > > pay more money for less memory because of the volumes of the larger
> > > memory chips used.
> > >
> > > -- Chris Caudle
> > >
> >
> > Summing up I'm interested to improve this shell with your suggestion.
> >
> > Are you interested in this?
> >
> > Fernando RUIZ CASAS
> > home: correo at fernando-ruiz.com
> > work: fernando.ruiz at ctv.es

-- 
Joel Sherrill, Ph.D.             Director of Research & Development
joel at OARcorp.com                 On-Line Applications Research
Ask me about RTEMS: a free RTOS  Huntsville AL 35805
   Support Available             (256) 722-9985

More information about the users mailing list