Board.KolibriOS.org

Official KolibriOS board
It is currently Wed Dec 11, 2019 12:31 am

All times are UTC+03:00




Post new topic  Reply to topic  [ 10 posts ] 
Author Message
 Post subject: SSH client
PostPosted: Sat May 07, 2016 1:55 pm 
Offline
Mentor/Kernel Developer
User avatar

Joined: Fri Jun 30, 2006 9:01 am
Posts: 1248
Here you can find an overview of the development of a native SSH client for KolibriOS.

TODO to get a usable SSH client:
    * Improve modular exponentiation, current implementation is slow and does not always work
    * Finish and test SSH transport routines (with MAC and encryption)
    * Diffie-Hellman key exchange
    * Implement user authentication
    * Properly implement channels
    * Finish implementing Shell
    * ...

Attachment:
VirtualBox_KolibriOS_10_08_2016_15_26_53.png
VirtualBox_KolibriOS_10_08_2016_15_26_53.png [ 37.83 KiB | Viewed 2619 times ]


Spoiler: Show
Attachment:
Diffie-hellman_Exchange.png
Diffie-hellman_Exchange.png [ 96.23 KiB | Viewed 3197 times ]

_________________
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction." Albert Einstein


Top
   
 Post subject: Re: SSH client
PostPosted: Sat May 07, 2016 4:20 pm 
Offline
Mentor

Joined: Tue Mar 11, 2014 11:37 am
Posts: 184
Well Done!

I hope, We will get SSH soon :)

_________________
---
Check out the Netsurf Web Browser for KolibriOS.
Read the wiki and happy hacking with KolibriOS!


Top
   
 Post subject: Re: SSH client
PostPosted: Sun May 08, 2016 1:36 am 
Offline
Mentor/Kernel Developer
User avatar

Joined: Thu Mar 26, 2015 5:16 pm
Posts: 1264
Quote:
Math enthusiasts may certainly improve current modular exponentiation routines.
Which routines? Can you test performance, to make sure it will not become worse?


Last edited by Pathoswithin on Mon May 09, 2016 12:36 am, edited 1 time in total.

Top
   
 Post subject: Re: SSH client
PostPosted: Sun May 08, 2016 3:23 pm 
Offline
KSoC/GSoC Student
User avatar

Joined: Fri Mar 04, 2016 6:19 pm
Posts: 23
Good news!! :)
Also good news for development of TLS library :wink:

_________________
Kolibri <3


Top
   
 Post subject: Re: SSH client
PostPosted: Sun May 08, 2016 10:37 pm 
Offline
Mentor/Kernel Developer
User avatar

Joined: Fri Jun 30, 2006 9:01 am
Posts: 1248
Quote:
Which routines? Can you test performance, to make sure it will not become worse?

I'm talking about the multi precision math routines in mpint.inc

It comes with a demo/test program (modexp.asm) which may easily be enhanced to measure time a certain calculation takes.

One of the things is; now almost every math routine is hard-coded to work on 'MAX_BITS' bits, while the true length of a number will be less in reality. This now requires extra zeros, extra calculations and more space, but easier routines.

_________________
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction." Albert Einstein


Top
   
 Post subject: Re: SSH client
PostPosted: Mon May 09, 2016 1:58 am 
Offline
Mentor/Kernel Developer
User avatar

Joined: Thu Mar 26, 2015 5:16 pm
Posts: 1264
So, the main routine is mpint_modexp? And why do you think these routines can be much improved? Do we even need more performance?


Top
   
 Post subject: Re: SSH client
PostPosted: Mon May 09, 2016 5:23 am 
Offline
Mentor

Joined: Tue Mar 11, 2014 11:37 am
Posts: 184
Pathoswithin wrote:
So, the main routine is mpint_modexp? And why do you think these routines can be much improved? Do we even need more performance?


We _always_ need more performance. It is especially useful in libraries because a lot of userspace programs might use it in the future and the library shouldnt be a bottleneck.

_________________
---
Check out the Netsurf Web Browser for KolibriOS.
Read the wiki and happy hacking with KolibriOS!


Top
   
 Post subject: Re: SSH client
PostPosted: Mon May 09, 2016 9:21 pm 
Offline
Mentor/Kernel Developer
User avatar

Joined: Thu Mar 26, 2015 5:16 pm
Posts: 1264
If I understand correctly, these routines will be used for key encryption, not the data itself? In that case, their part will be miserable.
Maybe I can improve mpint_mul routine, but test shows clearly, that the bottleneck is mpint_mod, and I doubt something can be done with it.


Attachments:
modexp.asm [2.88 KiB]
Downloaded 109 times
Top
   
 Post subject: Re: SSH client
PostPosted: Tue May 10, 2016 7:40 am 
Offline
Mentor/Kernel Developer
User avatar

Joined: Fri Jun 30, 2006 9:01 am
Posts: 1248
The modular exponentiation is required during key exchange, this is at connection time, but also later while re-keying after x bytes of data or x hours have passed.

I hear that the use of Karatsuba multiplication algorithm and or Montgomery reduction algorithm may be useful.

_________________
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction." Albert Einstein


Top
   
 Post subject: Re: SSH client
PostPosted: Wed May 11, 2016 5:12 pm 
Offline

Joined: Wed May 18, 2005 7:27 pm
Posts: 1001
Not found topic about TLS, so put this link http://www.gnutls.org/ here (http://permalink.gmane.org/gmane.networ ... neral/4127 http://www.opennet.ru/opennews/art.shtml?num=44393)


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 10 posts ] 

All times are UTC+03:00


Who is online

Users browsing this forum: Google [Bot] and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Limited