[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is ssh appropriate for this use case?


Andreas,
Thank you for your response. I have been playing with the ssh_server_fork.c
to see if I can adapt it to my needs.
I stripped out the code I wasn't interested in (no command line options,
only RSA auth), and now I have a simple
echo server that up-cases its input and sends back the result (source
attached if anyone is interested).

Now I would like to modify my simple, single-session-at-a-time server to
handle multiple concurrent sessions.
I can't fork here, so I need either non-blocking or threading, and in the
past I have found using non-blocking
servers easier. I am not worried about web-server type loads, I only need
to handle a few simultaneous connections (1-3).

Is it possible to add the socket endpoint from the ssh_bind_listen and add
it to the event loop? That way new
connections (new sessions) could be handled concurrently with existing
ones. When the server endpoint is
triggered, we just need to call ssh_bind_accept with a new session and add
the session to the event. There
could be a "session open request" callback if that needs to allow
customization.

In pseudo-code, something like:

   ssh_set_server_callbacks(&server_cb); // add a server callback including
session open request?
   ssh_bind_listen(ssh_bind);            // bind to the specified port
(error checking etc left out)
   ssh_event_add_XXX(event, ssh_bind);   // add the service endpoint to the
set of fds to check
   while (1) {
       // Handle new connections, authentication, session and channel
events
       ssh_event_dopoll(event, TIMEOUT);
       ...
Or is there some existing way to do what I need?
Thanks
Chris


On Fri, Apr 10, 2020 at 3:22 AM Andreas Schneider <asn@xxxxxxxxxxxxxx>
wrote:

> On Friday, 10 April 2020 02:07:59 CEST Christopher Morley wrote:
> > Hi all -
> > I hope this is an appropriate question for this forum.
> >
> > I have an application that consists of a user interface component
> (written
> > in java) and a simulation engine (written in c++). These run in separate
> > processes, potentially on different machines. The java process can start
> > one or more simulation processes, disconnect, and re-connect to them. The
> > simulation process can accept multiple user interface connections.
> > Currently the processes communicate via tcp sockets, with the c++ process
> > implementing a fairly standard non-blocking select-based event loop for
> > processing requests from the connected java process(es).
> >
> > I would like to add user authentication (for connection requests to the
> c++
> > simulation component) and encryption of the socket communications. I have
> > been working on a small prototype based on the sshd_direct-tcpip.c
> example
> > from libssh and the jsch example app UserAuthPubKey.java using public key
> > (RSA) authentication.
> >
> > OK, my specific questions:
> > 1. Is ssh in general and libssh (and jsch?) appropriate choices to solve
> > this problem?
>
> Yes it is.
>
> > 2. Is the direct-tcpip channel the right one to use? Is there a more
> > appropriate example that I can use, such as an "echo" server?
>
> For the server side ssh_server_fork.c just don't open a shell but see
> channel
> and read/write to it.
>
>
>
>         Andreas
>
>
>

Attachment: echo_server.c
Description: Binary data


References:
Is ssh appropriate for this use case?Christopher Morley <chris@xxxxxxxxxxxxxxx>
Re: Is ssh appropriate for this use case?Andreas Schneider <asn@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org