Short: SSH2 for the Amiga Author: s.franke@bebbosoft.de Uploader: s franke bebbosoft de Type: comm/net Version: 1.26 Architecture: m68k-amigaos Required: bsdsocket.library (e.g AmiTCP) =============================================================================== NAME amigassh SSH2 for the Amiga, 68000+. Needs a server that supports the used crypto stuff. It will work on an unaccelerated Amiga but establishing the connection takes about one minute. It provides - amigasshd - amigassh - amigascp - amigasshkeygen An A3000 will * create an X25519 key pair in 2s * verify/verify a signature in ~5s NOTE that this is *NOT* feature complete. If you want more features: Support me. If you want to see the code on github.com: Support me more^^ =============== amigassh =============== USAGE: amigassh [options] [user@]host[:port] [command [args]] -? display this help -p define a port -L [bind_address:]port:host:hostport listen at bind_address:port and forward to host:hostport -T don't allocate a pseudo terminal -v set verbosity, 0 = OFF, 7 = TRACE command to run instead of shell Open a shell on the host using your console colors and mouse. Or execute a command via SSH2. =============== amigasshd =============== * Create the folder ENVARC:ssh * Copy the file sshd_config to ENVARC:ssh * Edit the file ENVARC:ssh/sshd_config at your needs * Create an unencrypted key file and name it as in ENVARC:ssh/sshd_config * e.g. ENVARC:ssh/ssh_host_ed25519_key * Create and edit the file ENVARC:ssh/passwd * create entries with username password * the passwords are getting hashed on first user logon Start amigasshd to accept remote SSH2 connections. * A simple terminal emulation is provided. (Works now for some stuff on ApolloOS) * You may also use sftp copy files from/to the Amiga. (This should work on ApolloOS too) =============== amigasshkeygen =============== USAGE: amigasshkeygen [-f ] -? display this help Create ed25519 key files. =============== amigascp =============== USAGE: amigascp [options] [source] [target] one of [source]/[target] must be remote, the other local -? display this help -i select the private key file for public key authentication -p connect to the host at port -t allocate a pseudo terminal -u connect as or use @: -v set verbosity, defaults to 4 = INFO Copy files from remote to local or from local to remote. Wildstar pattern is supported in the last element of the source. =============================================================================== SUPPORT ME If you want more features implemented: Support me! Support me via PayPal: https://t.ly/N8WkB also small monthly donations do help :-) Thanks to all supporters! It financed me an one year subscription of the Amiga Future magazine plus a license of the TCP/IP stack RoadShow. =============================================================================== TESTING Many thanks to all testers, especially to * Patrik Axelsson * Javier de las Rivas =============================================================================== COPYRIGHT ed/curve25519 based on code from Public Domain, Authors: - Daniel J. Bernstein - Niels Duif - Tanja Lange - lead: Peter Schwabe - Bo-Yin Yang * optimized, modified to use 16 bit integers by Stefan "Bebbo" Franke aes based on code from Nate Wiger gcm, sha256, sh512, amigassh itself: - Stefan "Bebbo" Franke Written in 2024 by Stefan "Bebbo" Franke To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty. You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see . =============================================================================== DISCLAIMER OF WARRANTY Software is provided "AS IS," without a warranty of any kind. You may use it on your own risk. =============================================================================== LIMITATION OF LIABILITY I SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY YOU OR ANY THIRD PARTY AS A RESULT OF USING OR DISTRIBUTING SOFTWARE. IN NO EVENT WILL I BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF I HAVE ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. =============================================================================== HISTORY amigassh V1.26 * disable RoadShow's CTRL-C handling... amigassh V1.25 * another fragmentation fix to read from some ssh servers.. amigassh V1.24 * fix NPE in libnix:amistdio * fix UBE in libnix:init-shared * fix cache issues in libnix:init-shared (flush cache) * lots of internal refactoring... * add support for connection forwarding * colorize tab completion list amigassh V1.23 * amigascp now handles fragmented read responses. * amigascp fix recognizing user@host * add more bound checks * using newest simple library creation for libcryptossh.library * reduce stack usage again * more accurate progress indicator * TAB in sshd shell performs autocompletion * sshd passes CTRL+C to running task amigassh V1.22 * added amigascp to copy file from/to remote ssh servers. amigassh V1.21 * more AES tuning (that's it) A3000 ~ 32kB/s V4SA ~ 630kB/s * remove the missing key file ERROR message * refactored amigassh, and hopefully it still works... amigassh V1.20 * removed some debug output * switched the AES implementation to gain more speed A3000 ~ 30kB/s V4SA ~ 580kB/s * create the lib using a .def file to only export used functions/data amigassh V1.19 * add support for the public key authentication to client and server. Note that only unprotected key files do work with amigassh. * improved AES/GCM encryption speed resulting in higher upload/download rates: A3000 ~ 20kB/s V4SA ~ 400kB/s this twice as fast as before! amigassh V1.18 * fixed an enforcer hit during library unloading * reworked terminal I/O handling: Normal Amiga applications do work on ApolloOS Stuff from C:bin/ is still broken. /shrug amigassh V1.17 * added a sftp subsystem to amigasshd: copy files from/to the Amiga. not available volumes are denied and result into: not found. An A3000 will copy with ~10kb/s, a Vampire with up to ~180kb/s. * crypto code moved into the library libcryptossh.library: The libcryptossh.library was built using my new simple library approach https://franke.ms/amiga/so.wiki amigassh V1.16 * added example ssd_config file * added example passwd * fixed an enforcer hit * now compiled with -regparms * improved some messages and the program return code * ignore unknown shell CHANNEL_REQUESTS amigassh V1.15 * added amigasshd, amigasshkeygen amigassh V1.14 * use all 16 bits of a WORD * enhanced C code with some asm statements * creating a key pair is down to ~15s * verifying the host is down to ~35s amigassh V1.13 * compute the private key before establishing the connection This increases the chance to establish a connection on slow Amigas * some speed improvements measured with WinUAE cycle exact A500: * creating a key pair is down to 43,2s! * verifying the host is down to 2:14,6! * removed CTRL+F * removed using c stdio * add -v switch amigassh V1.12 * fixed some bus errors, now it really runs on 68000 * CTRL+F is now used to ***Break * support sending CTRL+A/CTRL+E * better mapping of backspace and delete * stack usage is now below 4000 bytes * added -T switch to run without pseudo terminal amigassh V1.11 * reworked and combined the ed25519 and curve25519 code. Now 16 bit integers are sufficient! * the resulting program can now be used on a 68000. amigassh V1.10 * fix an enforcer hit (using updated binutils/gcc) amigassh V1.9 * renamed `mono` to `xterm-amiga`. Install it! Necessary since too many stuff checks for the string `xterm`... * added mouse support * patch the window title, like xterm * suppres right mouse button stuff, also during login amigassh V1.8 * support tooltype CONSOLE * modify __chkabort: use CTRL+E to interrupt amigassh, CTRL+C is handled only by the host * TERM can be set by an environment variable or define it in the icon * fixed an enforcer hit amigassh V1.7 * fix broken window resize - was filtered too... amigassh V1.6 * add key mappings for CTRL+ALT+CURSOR -> PgUp/Down,Pos1/End * pass CTRL+D and make it work * print preauth banner * support CTRL+S/CTRL+Q * suppress menu messages from KingCON amigassh V1.5 * fix build... * support redirected stdin/stdout amigassh V1.4 * bad version... amigassh V1.3 * amigassh is now pure. set the flag and make it resident! * internal setting of a suitable stack size * verbose error messages * unify ed25519/curve25519 code * properly create ENVARC:.ssh if missing * some terminal improvements amigassh V1.2 * properly exit after logout, no CTRL+D required * mono now supports 8 colors - update that file! * handle key stroke repetition * bind local, needed by roadshow * fix reading after buffer pointer changed amigassh V1.1 * some support for CTRL/ALT, * better cursor keys, * better terminfo `mono` * fix if stdin is a file/pipe amigassh V1.0 * initial version =============================================================================== SYNOPSIS amigassh [-p port] [user@]host[:port] The port defaults to 22. The user is read from the environment variable `USER`. =============================================================================== DESCRIPTION amigassh is an implementation of SSH2. The supported cryptographic methods are * curve25519-sha256 * ssh-ed25519 * aes128-gcm@openssh.com * hmac-sha2-256 * sha512 Only password based authentication is supported for now. Install the terminfo `xterm-amiga` on the remote system! Feel free to improve it! On many systems you have to copy it as root into `/usr/share/terminfo/x` Pimp your `.bash_profile` to unset `LANG` since the Amiga doesn't like UTF8... A convenient way is to add this to `.bash_profile`: ``` if [ "$TERM" == "xterm-amiga" ]; then unset LANG fi ``` =============================================================================== RANDOM HINTS * the know hosts are stored in `ENVARC:.ssh/known-hosts` * the random generator is not the best... It's rand() pimped with time and vpos. Then SHA256 is applied. Good enough? But who would talk about security on an unprotected system like the Amiga? * preset your username with set USER= you can do this in `s:shell-startup` * you can start it from the workbench! Use the icon tooltypes to set COMMAND a remote command to execute instead of a shell CONSOLE an Amiga console string (defaults to CON://///AUTO/CLOSE/WAIT) HOST the host name PORT the port (defaults to 22) TERM the terminal emulation (defaults to xterm-amiga) USER the user name * no console graphics? install the `xterm-amiga` terminfo! * no console colors? install the `xterm-amiga` terminfo! * no mouse in mc or other applications? install the `xterm-amiga` terminfo! * keys not working properly? install the `xterm-amiga` terminfo! * some key does still not work try pimping the xterm-amiga terminfo. use `tic -xsv9 -o. xterm-amiga.src` * console displays trash? text look blank? lines are bogus? unset the variable `LANG` * scp to amigasshd: closed remote port ensure you are using the sftp subsystem, on some systems it's the `-s` flag `scp -s ...` * your remote Amiga is blocking because you accessed a volume that doesn't exist? e.g.: list foobar: Get https://aminet.net/util/boot/Requester.lha and run "Cancel 5" from your startup-sequence! * public key authentication does not work!? Check the file ENVARC:.ssh/authorized_keys if your public key is listed there. * can't scp to a server name 'ram', e.g. amigascp c:s* ram:folder add your user name to avoid detection as a local assign/drive: myname@ram:folder