On 06/06/14 23:50, Isaac Dunham wrote: > On Fri, Jun 06, 2014 at 09:53:17PM +0200, Daniel Cegiełka wrote: >> 2014-06-06 18:12 GMT+02:00 stephen Turner <[email protected]>: >>> Rob, have you given any thought into adding a embedded ssh like dropbear to >>> toybox? >> >> or like tinyssh :) >> >> http://tinyssh.org/index.html > > Features: > ... > Tinyssh doesn't have...scp, sftp > ...using NaCL/TweetNaCL > > I lost interest there. > scp and sftp are *the* main use I have for ssh. I have three computers > of my own (desktop and two laptops, all Linux), there's another one > (Windows) the family uses, and I find that the best way to copy something > from a to b is to use scp or something like FileZilla.
scp is a trivial protocol: https://blogs.oracle.com/janp/entry/how_the_scp_protocol_works > And no, I'm not interested in adding another daemon, transferring > files in plain mode, or having to run commands on both ends. Pity, "tar cpz dir | ssh dest tar xvpz" works fine without scp and is trivially scriptable. (I tend to do that because scp isn't always good about symlinks and hardlinks and so on.) > As far as the second feature I quote goes, see: > landley.net/notes.html#31-03-2014 > > dropbear is a permissively licensed mcb that gets a good workout. Seems > like it fits with toybox. > And libtomcrypt seems like the better place to start, should an ssh > server and client be desired. I've dug into libtomcrypt and find it incomprehensible, but it's really the libtommath part I'm having problems with. I need to write my own big math library for bc, and the darn spec says it has to do cosine and fractional exponents and such, which I dunno how to do off the top of my head. > I note also that there's yet another small ssh server, moussh: > ftp.rodents-montreal.org/mouse/local/src/moussh > The developer was at one point considering using some of the libtom* > libraries; it currently needs gmp and a set of homegrown crypto libs. > It does have one or two rather frightening notes: it requires a > special preprocessor (included) or a version of gcc patched to support > "labeled control structure", whatever that is. > > While we're talking about crypto, I might as well mention axtls. > It's a small BSD-licensed TLS1 library that uses kconfig with perhaps > too many options (what *FLAGS you want, which keys/certificates, openssl > API, ...). Didn't musl have a wiki page collecting this sort of thing? To be honest, rsync is higher priority for me than any of this, and _that_ is post-1.0. The big need for https is because wget and friends kinda useless without it these days. kernel.org: https only. twitter:https only. github: https only. And there are regular announcements like: http://code.flickr.net/2014/04/30/flickr-api-going-ssl-only-on-june-27th-2014/ Basically the NSA has convinced people that non-encrypted connections are a categorical bad idea. Rob _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
