| wolfSSH | |
|---|---|
| Developer | John Safranek |
| Initial release | July 20, 2016[1] |
| Stable release | 1.4.20 |
| Repository | |
| Written in | C language |
| Operating system | Multi-platform |
| Type | Security library |
| License | GPL-3.0-or-later or proprietary license |
| Website | www |
wolfSSH is a small, portable, embedded SSH library targeted for use by embedded systems developers. It is an open-source implementation of SSH written in the C language. It includes SSH client libraries and an SSH server implementation. It allows for password and public key authentication.
Platforms
[edit]wolfSSH is currently available for Win32/64, Linux, macOS, Solaris, Threadx, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, WinCE, Haiku, OpenWrt, iPhone (iOS), Android, Wii and GameCube through DevKitPro support, QNX, MontaVista, TRON variants (TRON/ITRON/μITRON), NonStop OS, OpenCL, Micrium's MicroC/OS-II, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, TI-RTOS, HP-UX, uTasker, embOS, PIC32, PikeOS, and Green Hills INTEGRITY.
Protocols
[edit]The wolfSSH SSH library implements the SSHv2 protocol for both client and server. It also includes support for Secure Copy (SCP), SSH File Transfer Protocol (SFTP), remote command execution, and port forwarding. X509 certificate support RFC 6187[2].
Algorithms
[edit]wolfSSH uses the cryptographic services provided by wolfCrypt.[3] wolfCrypt Provides RSA, ECC, Diffie–Hellman, AES (CBC, GCM), Random Number Generation, Large Integer support, and base 16/64 encoding/decoding, and SHA-1, SHA-2, AES (GCM, CTR, CBC), X25519 and Ed25519, X448 and Ed448.
Key exchange
[edit]- diffie-hellman-group1-sha1
- diffie-hellman-group14-sha1
- diffie-hellman-group-exchange-sha256
- ecdh-sha2-nistp256
- ecdh-sha2-nistp384
- ecdh-sha2-nistp521
- diffie-hellman-group14-sha256
- curve25519-sha256
Public key
[edit]- ssh-rsa
- ecdsa-sha2-nistp256
- ecdsa-sha2-nistp384
- ecdsa-sha2-nistp521
- ssh-ed25519
- x509v3-ssh-rsa
- x509v3-ecdsa-sha2-nistp256
- x509v3-ecdsa-sha2-nistp384
- x509v3-ecdsa-sha2-nistp521
Integrity
[edit]- hmac-sha1
- hmac-sha1-96
- hmac-sha2-256
Encryption
[edit]- aes128-cbc
- aes192-cbc
- aes256-cbc
- aes128-ctr
- aes192-ctr
- aes256-ctr
- aes128-gcm (OpenSSH compatible)
Post-Quantum
[edit]- Supports hybrid post-quantum use with ML-KEM
Licensing
[edit]wolfSSH is open source and dual licensed under both the GNU GPL-3.0-or-later[4] and commercial licensing.
See also
[edit]
- Secure Shell
- OpenSSH
- DropBear
- Comparison of SSH clients
- Comparison of SSH servers
- Comparison of cryptography libraries
References
[edit]- ^ "wolfSSH ChangeLog".
- ^ "X.509v3 Certificates for Secure Shell Authentication".
- ^ wolfCrypt Usage Reference
- ^ "Licensing Information". Archived from the original on 2021-08-18.
External links
[edit]| Email clients | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Secure communication |
| ||||||||||||||
| Disk encryption (Comparison) | |||||||||||||||
| Anonymity | |||||||||||||||
| File systems (List) | |||||||||||||||
| Security-focused operating system | |||||||||||||||
| Service providers | |||||||||||||||
| Educational | |||||||||||||||
| Anti–computer forensics | |||||||||||||||
| Related topics | |||||||||||||||
