Subject: Re: libssh2: Ported to UC Linux ? + DETAIL

Re: libssh2: Ported to UC Linux ? + DETAIL

From: Paul Romero <>
Date: Thu, 01 Jul 2010 16:06:13 -0700

Hi Peter:

I forgot to mention that the version of libgnutls that
came with GSASL provides Diffie-Hellman.

Best Regards,

Paul R.

************ PREVIOUS MESSAGE **********

Hi Peter:

First, thank you for the quick and detailed reply and be assured
the difference between SSH and SASL is clear to me. Also,
I must emphasize that my interest is in the SSH-2 component
subset required to support SFTP rather than SSH.

I think the SASL version of libgcrypt meets the minimum libssh2
and that AES and RIJNDAEL are the same. Also, I assume that
libssh2 can use DES and 3DES interchangeably. It appears most
SFTP implementations also use the following: Diffie Hellman-SHA1,
Blowfish, Twofish, HMAC-SHA1 and HMAC-MD5. Do you
think that is correct ?

The reason I mentioned SASL is the version GSASL I am using came with a
version of libgcrypt. However, I am not sure if libgcrypt is part of
package or it came from elsewhere.

In any case, assuming a version of libgcrypt that supplies what
libssh2 needs is found, libssh2 and libgcrypt can easily be linked
Is that correct ? Using OpenSSL is not an option because it is
too large for an embedded environment.

You seem to suggest that compiling libssh2 requires modern automake
capabilities. Using a newer version of the GNU ELF Toolchain may
solve that problem for me--cross compilers etc. But, migrating to a
UC Linux version is not an option. Would this be a barrier to using
(i.e. I am sure the GNU toolchain I am using does not have modern
automake capabilities.)
Note that the UC Linux Makefile scheme, and where and how libraries
are linked is quite different than in standard Linux. In addition there
are differences in how forking and exits work despite the fact
the kernel API is the same.

Most of the "porting" I mentioned consists of creating Makefiles that
within the UC Linux scheme which is not a huge effort but certainly not
Knowing libssh2 had been ported to the UC Linux environment or
that is known to be easy to port it would make it much easier to
assess the risk and time involved in using libssh2.

Finally, do you have a size estimate for libssh2, assuming
it is configured for SFTP support in my target environment ?

Best Regards,

Paul R.

Peter Stuge wrote:

> Hi Paul,
> Paul Romero wrote:
> > libssh2
> ..
> > Has it previously been ported to the UC Linux OS ?
> No porting is required. You may know that uClinux provides the exact
> same API as the regular Linux kernel.
> > Note that UC Linux is a diskless embedded system OS,
> Um, no, uClinux is a kernel variant..
> > and typically runs on processors without an MMU. Also, the .o file
> > format is ELF 32-bit MSB relocatable 68020, not stripped.
> That will obviously depend on which binary file formats you enable in
> the uClinux configuration, and which architecture you are running on.
> > My target system is M5249C3 dev. board with UC Linux version 2.4.27
> > and version 2.4.X or the kernel.
> Maybe this is what you got delivered to you but I highly doubt that
> this would be the only configuration that you could use with that
> board. I would suggest that you create a fresh set of binaries for
> your target, from the latest versions of what makes up a typical
> embedded Linux system.
> > It must be compiled with version 2.95.3 of the GNU ELF Toolchain
> I also doubt this very strongly. The 2.4 codebase might indeed have
> some requirements on compiler version, but I don't think that 2.95.3
> is the only thing you can use. Note also that 2.95.3 is the version
> of GCC only. "Toolchain" is a term commonly used to describe C
> compiler (GCC) along with linker and other binary utilities (GNU
> binutils). binutils has it's own versioning scheme.
> > which does not have modern automake capabilities.
> Again I doubt this. You could most likely use the very latest
> autotools also with the older toolchain that you got.
> > I use the SASL library
> ..
> > I wonder if the libssh2 SH-2 library duplicates a significant part
> > of functionality.
> No. libssh2 implements SSH, not SASL. libssh2 specifically does not
> implement cryptography, for that it uses libgcrypt or OpenSSL. I
> don't think the SASL library implements cryptography either.
> > The size of the current SASL authentication/encryption library I am
> > using is about 605.4 K, and it provides GNU TLS functionality.
> If there's a libgcrypt API then libssh2 can use it.
> > The other functionality it provides is as follows: DES, MD5, ARC4,
> > largest components are DEs, RSA and ASN1 whose sizes are about 18.3,
> > 9.1, and 67 K respectively.
> The minimum you need for libssh2 is AES, RSA, DSA and SHA1.
> //Peter
> _______________________________________________
> libssh2-devel

Paul Romero
RCOM Communications Software
Phone/Fax: (510)339-2628
Received on 2010-07-02