Low-level Tokio SSH2 client and server implementation.
Examples: simple client, interactive PTY client, server, SFTP client, SFTP server.
This is a fork of Thrussh by Pierre-Étienne Meunier.
✨ = added in Russh
- More panic safety ✨
async_trait
support ✨direct-tcpip
(local port forwarding)forward-tcpip
(remote port forwarding) ✨direct-streamlocal
(local UNIX socket forwarding, client only) ✨forward-streamlocal
(remote UNIX socket forwarding) ✨- Ciphers:
chacha20-poly1305@openssh.com
aes256-gcm@openssh.com
✨aes256-ctr
✨aes192-ctr
✨aes128-ctr
✨aes256-cbc
✨aes192-cbc
✨aes128-cbc
✨3des-cbc
✨
- Key exchanges:
curve25519-sha256@libssh.org
diffie-hellman-group1-sha1
✨diffie-hellman-group14-sha1
✨diffie-hellman-group14-sha256
✨diffie-hellman-group16-sha512
✨ecdh-sha2-nistp256
✨ecdh-sha2-nistp384
✨ecdh-sha2-nistp521
✨
- MACs:
hmac-sha1
✨hmac-sha2-256
✨hmac-sha2-512
✨hmac-sha1-etm@openssh.com
✨hmac-sha2-256-etm@openssh.com
✨hmac-sha2-512-etm@openssh.com
✨
- Host keys and public key auth:
ssh-ed25519
rsa-sha2-256
rsa-sha2-512
ssh-rsa
✨ecdsa-sha2-nistp256
✨ecdsa-sha2-nistp384
✨ecdsa-sha2-nistp521
✨
- Authentication methods:
password
publickey
keyboard-interactive
none
- OpenSSH certificates ✨
- Dependency updates
- OpenSSH keepalive request handling ✨
- OpenSSH agent forwarding channels ✨
- OpenSSH
server-sig-algs
extension ✨
deny(clippy::unwrap_used)
deny(clippy::expect_used)
deny(clippy::indexing_slicing)
deny(clippy::panic)
- Exceptions are checked manually
- When the Rust allocator fails to allocate memory during a CryptoVec being resized.
- When
mlock
/munlock
fails to protect sensitive data in memory.
cryptovec
usesunsafe
for faster copying, initialization and binding to native API.
- russh-sftp - server-side and client-side SFTP subsystem support for
russh
- seerussh/examples/sftp_server.rs
orrussh/examples/sftp_client.rs
. - async-ssh2-tokio - simple high-level API for running commands over SSH.
- HexPatch - A binary patcher and editor written in Rust with terminal user interface (TUI).
- Uses
russh::client
andrussh_sftp::client
to allow remote editing of files.
- Uses
- kartoffels - A game where you're given a potato and your job is to implement a firmware for it
- Uses
russh:server
to deliver the game, usingratatui
as the rendering engine.
- Uses
- kty - The terminal for Kubernetes.
- Uses
russh::server
to deliver theratatui
based TUI andrussh_sftp::server
to providescp
based file management.
- Uses
- lapdev - Self-Hosted Remote Dev Environment
- Uses
russh::server
to construct a proxy into your development environment.
- Uses
- medusa - A fast and secure multi protocol honeypot.
- Uses
russh::server
to be the basis of the honyepot.
- Uses
- rebels-in-the-sky - P2P terminal game about spacepirates playing basketball across the galaxy
- Uses
russh::server
to deliver the game, usingratatui
as the rendering engine.
- Uses
- warpgate - Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software
- Uses
russh::server
in addition torussh::client
as part of the smart SSH functionality.
- Uses
- Devolutions Gateway - Establish a secure entry point for internal or external segmented networks that require authorized just-in-time (JIT) access.
- Uses
russh::client
for the web-based SSH client of the standalone web application.
- Uses
- Sandhole - Expose HTTP/SSH/TCP services through SSH port forwarding. A reverse proxy that just works with an OpenSSH client.
- Uses
russh::server
for reverse forwarding connections, local forwarding tunnels, and theratatui
based admin interface.
- Uses
Thanks goes to these wonderful people (emoji key):
This project follows the all-contributors specification. Contributions of any kind welcome!