[Toybox] features
Rob Landley
rob at landley.net
Sun Jun 8 09:51:04 PDT 2014
On 06/06/14 23:50, Isaac Dunham wrote:
> On Fri, Jun 06, 2014 at 09:53:17PM +0200, Daniel Cegiełka wrote:
>> 2014-06-06 18:12 GMT+02:00 stephen Turner <stephen.n.turner at gmail.com>:
>>> Rob, have you given any thought into adding a embedded ssh like dropbear to
>>> toybox?
>>
>> or like tinyssh :)
>>
>> http://tinyssh.org/index.html
>
> Features:
> ...
> Tinyssh doesn't have...scp, sftp
> ...using NaCL/TweetNaCL
>
> I lost interest there.
> scp and sftp are *the* main use I have for ssh. I have three computers
> of my own (desktop and two laptops, all Linux), there's another one
> (Windows) the family uses, and I find that the best way to copy something
> from a to b is to use scp or something like FileZilla.
scp is a trivial protocol:
https://blogs.oracle.com/janp/entry/how_the_scp_protocol_works
> And no, I'm not interested in adding another daemon, transferring
> files in plain mode, or having to run commands on both ends.
Pity, "tar cpz dir | ssh dest tar xvpz" works fine without scp and is
trivially scriptable. (I tend to do that because scp isn't always good
about symlinks and hardlinks and so on.)
> As far as the second feature I quote goes, see:
> landley.net/notes.html#31-03-2014
>
> dropbear is a permissively licensed mcb that gets a good workout. Seems
> like it fits with toybox.
> And libtomcrypt seems like the better place to start, should an ssh
> server and client be desired.
I've dug into libtomcrypt and find it incomprehensible, but it's really
the libtommath part I'm having problems with. I need to write my own big
math library for bc, and the darn spec says it has to do cosine and
fractional exponents and such, which I dunno how to do off the top of my
head.
> I note also that there's yet another small ssh server, moussh:
> ftp.rodents-montreal.org/mouse/local/src/moussh
> The developer was at one point considering using some of the libtom*
> libraries; it currently needs gmp and a set of homegrown crypto libs.
> It does have one or two rather frightening notes: it requires a
> special preprocessor (included) or a version of gcc patched to support
> "labeled control structure", whatever that is.
>
> While we're talking about crypto, I might as well mention axtls.
> It's a small BSD-licensed TLS1 library that uses kconfig with perhaps
> too many options (what *FLAGS you want, which keys/certificates, openssl
> API, ...).
Didn't musl have a wiki page collecting this sort of thing?
To be honest, rsync is higher priority for me than any of this, and
_that_ is post-1.0. The big need for https is because wget and friends
kinda useless without it these days. kernel.org: https only.
twitter:https only. github: https only. And there are regular
announcements like:
http://code.flickr.net/2014/04/30/flickr-api-going-ssl-only-on-june-27th-2014/
Basically the NSA has convinced people that non-encrypted connections
are a categorical bad idea.
Rob
1402246264.0
More information about the Toybox
mailing list