tyler.durden/Win32-OpenSSH
1
0
Fork 0
mirror of https://github.com/PowerShell/Win32-OpenSSH.git synced 2025-07-31 01:45:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated About Win32 OpenSSH and Design Details (markdown)

manojampalam 2016-02-25 10:56:27 -08:00
parent 3aad76685f
commit 786d7569f6
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
About-Win32-OpenSSH-and-Design-Details.md

@ -3,7 +3,7 @@ Intro
[OpenSSH](https://en.wikipedia.org/wiki/OpenSSH), part of OpenBSD operating system, is a bunch of utility programs based on [SSH](https://en.wikipedia.org/wiki/Secure_Shell) protocol. These include server and client executables as well as utilities to create and manage cryptographic keys. [Portable OpenSSH](http://www.openssh.com/portable.html) is derived from the OpenBSD project and ported to support a wide variety of Unix flavors. The goal of this project is to extend support to Windows family of operating systems and be able to do this in a common repository without needing a Windows specific fork.
Relevant design details in the context of this project -
OpenSSH and the portable version are single threaded applications, interacting with IO using POSIX based [File Descriptors](https://en.wikipedia.org/wiki/File_descriptor) and multiplexing IO operations using [select] (https://en.wikipedia.org/wiki/Select_%28Unix%29) calls. Session isolation and [privilege separation](http://www.citi.umich.edu/u/provos/ssh/privsep.html) are implemented using the standard UNIX routines - [fork](https://en.wikipedia.org/wiki/Fork_(system_call)), [setuid](https://en.wikipedia.org/wiki/Setuid), [chroot](https://en.wikipedia.org/wiki/Chroot) routines. IPC is carried over [UNIX domain sockets](https://en.wikipedia.org/wiki/Unix_domain_socket).
OpenSSH and the portable version are single threaded applications, interacting with IO using POSIX based [File Descriptors](https://en.wikipedia.org/wiki/File_descriptor) and multiplexing IO operations using [select] (https://en.wikipedia.org/wiki/Select_%28Unix%29) calls. Session isolation and [privilege separation](http://www.citi.umich.edu/u/provos/ssh/privsep.html) are implemented using the standard UNIX routines - [fork](https://en.wikipedia.org/wiki/Fork_(system_call)), [setuid](https://en.wikipedia.org/wiki/Setuid), [chroot](https://en.wikipedia.org/wiki/Chroot). IPC is carried over [UNIX domain sockets](https://en.wikipedia.org/wiki/Unix_domain_socket).
Goals
@ -12,7 +12,7 @@ As stated earlier, the main goal is side by side Windows support in the portable
Guidelines
-----------
To prevent any regressions in main and to enable easier review of the changes coming from win32-fork, there will be no "main" code moving or refactoring. There are multiple places where platform abstraction makes sense (auth, console to name a few), but this wont be addressed in the fork as it would lead to significant code churn. This will be done post integration once we have stable Windows supported version with significant test coverage living in main repo. Crypto support using Windows [CNG](https://msdn.microsoft.com/en-us/library/windows/desktop/aa376210(v=vs.85).aspx) has been tested out in fork but since it needed reasonable modifications to "main" code, relevant changes will be reverted\undone. This means that the Windows supported version potentially available mid this year will rely on OpenSSL's crypto (exception is SSP for key-based authentication that will use CNG - more details later).
To prevent any regressions in main and to enable easier review of the changes coming from win32-fork, there will be no "main" code moving or refactoring in win32-fork. There are multiple places where platform abstraction makes sense (auth, console to name a few), but this wont be addressed in the fork as it would lead to significant code churn. This will be done post integration once we have stable Windows supported version with significant test coverage living in main repo. Crypto support using Windows [CNG](https://msdn.microsoft.com/en-us/library/windows/desktop/aa376210(v=vs.85).aspx) has been tested out in win32-fork but since it needed reasonable modifications to original code, relevant changes will be reverted\undone. This means that the Windows supported version potentially available mid this year will rely on OpenSSL's crypto (exception is SSP for key-based authentication that will use CNG - more details later).
Design details
-------------