ssh-rs 0.3.1

In addition to encryption library, pure RUST implementation of SSH-2.0 client protocol
Documentation

ssh-rs ✨

Build API Docs LICENSE

English | 简体中文

Rust implementation of ssh2.0 client.

If you encounter any problems in use, welcome issues or PR .

Content

Connection method:

1. Password:

use ssh_rs::ssh;
let mut session = ssh::create_session()
    .username("ubuntu")
    .password("password")
    .connect("127.0.0.1:22")
    .unwrap();

2. Public key:

  • Currently, only RSA, ED25519 keys/key files are supported.

1. Use key file path:

// pem format key path -> /xxx/xxx/id_rsa
// the content of the keyfile shall begin with
//      -----BEGIN RSA PRIVATE KEY----- / -----BEGIN OPENSSH PRIVATE KEY-----
// and end with
//       -----END RSA PRIVATE KEY----- / -----END OPENSSH PRIVATE KEY-----
// simply generated by `ssh-keygen -t rsa -m PEM -b 4096`
use ssh_rs::ssh;
let mut session = ssh::create_session()
    .username("ubuntu")
    .private_key_path("./id_rsa")
    .connect("127.0.0.1:22")
    .unwrap();

2. Use key string:

// pem format key string:
//      -----BEGIN RSA PRIVATE KEY----- / -----BEGIN OPENSSH PRIVATE KEY-----
// and end with
//       -----END RSA PRIVATE KEY----- / -----END OPENSSH PRIVATE KEY-----
use ssh_rs::ssh;
let mut session = ssh::create_session()
    .username("ubuntu")
    .private_key("rsa_string")
    .connect("127.0.0.1:22")
    .unwrap();

3. Use them together

  • According to the implementation of OpenSSH, it will try public key first and fallback to password. So both of them can be provided.
use ssh_rs::ssh;
let mut session = ssh::create_session()
    .username("username")
    .password("password")
    .private_key_path("/path/to/rsa")
    .connect("127.0.0.1:22")
    .unwrap();

Enable global logging:

  • There are two APIs to enable logs, basicly enable_log() will set the log level to INFO, and debug() will set it to Debug

  • But you can implement your own logger as well.

use ssh_rs::ssh;
// this will generate some basic event logs
ssh::enable_log();
// this will generate verbose logs
ssh::debug()

Set timeout:

  • Only global timeouts per r/w are currently supported.
use ssh_rs::ssh;

ssh::debug();
let _listener = TcpListener::bind("127.0.0.1:7777").unwrap();

match ssh::create_session()
    .username("ubuntu")
    .password("password")
    .private_key_path("./id_rsa")
    .timeout(5 * 1000)
    .connect("127.0.0.1:7777")
{
    Err(e) => println!("Got error {}", e),
    _ => unreachable!(),
}

How to use:

  1. Execute a command
  2. Scp files
  3. Run a shell
  4. Run an interactive shell
  5. Connect ssh server w/o a tcp stream
  6. Cofigure your own algorithm list

Algorithm support:

1. Kex algorithms

  • curve25519-sha256
  • ecdh-sha2-nistp256
  • diffie-hellman-group14-sha256
  • diffie-hellman-group14-sha1
  • diffie-hellman-group1-sha1 (behind feature "dangerous-dh-group1-sha1")

2. Server host key algorithms

  • ssh-ed25519
  • rsa-sha2-256
  • rsa-sha2-512
  • rsa-sha (behind feature "dangerous-rsa-sha1")

3. Encryption algorithms (client to server)

  • chacha20-poly1305@openssh.com
  • aes128-ctr

4. Encryption algorithms (server to client)

  • chacha20-poly1305@openssh.com
  • aes128-ctr

5. Mac algorithms (client to server)

  • hmac-sha2-256
  • hmac-sha2-512
  • hmac-sha1

6. Mac algorithms (server to client)

  • hmac-sha2-256
  • hmac-sha2-512
  • hmac-sha1

7. Compression algorithms (client to server)

  • none

8. Compression algorithms (server to client)

  • none

☃️ Additional algorithms will continue to be added.