Skip to content

Eugeny/russh

Repository files navigation

Russh

Rust All Contributors

Low-level Tokio SSH2 client and server implementation.

Examples: simple client, interactive PTY client, server, SFTP client, SFTP server.

This is a fork of Thrussh by Pierre-Étienne Meunier.

✨ = added in Russh

  • More panic safety
  • async_trait support ✨
  • direct-tcpip (local port forwarding)
  • forward-tcpip (remote port forwarding) ✨
  • direct-streamlocal (local UNIX socket forwarding, client only) ✨
  • forward-streamlocal (remote UNIX socket forwarding) ✨
  • Ciphers:
    • chacha20-poly1305@openssh.com
    • aes256-gcm@openssh.com
    • aes256-ctr
    • aes192-ctr
    • aes128-ctr
    • aes256-cbc
    • aes192-cbc
    • aes128-cbc
    • 3des-cbc
  • Key exchanges:
    • curve25519-sha256@libssh.org
    • diffie-hellman-group1-sha1
    • diffie-hellman-group14-sha1
    • diffie-hellman-group14-sha256
    • diffie-hellman-group16-sha512
    • ecdh-sha2-nistp256
    • ecdh-sha2-nistp384
    • ecdh-sha2-nistp521
  • MACs:
    • hmac-sha1
    • hmac-sha2-256
    • hmac-sha2-512
    • hmac-sha1-etm@openssh.com
    • hmac-sha2-256-etm@openssh.com
    • hmac-sha2-512-etm@openssh.com
  • Host keys and public key auth:
    • ssh-ed25519
    • rsa-sha2-256
    • rsa-sha2-512
    • ssh-rsa
    • ecdsa-sha2-nistp256
    • ecdsa-sha2-nistp384
    • ecdsa-sha2-nistp521
  • Authentication methods:
    • password
    • publickey
    • keyboard-interactive
    • none
    • OpenSSH certificates ✨
  • Dependency updates
  • OpenSSH keepalive request handling ✨
  • OpenSSH agent forwarding channels ✨
  • OpenSSH server-sig-algs extension ✨

Safety

  • deny(clippy::unwrap_used)
  • deny(clippy::expect_used)
  • deny(clippy::indexing_slicing)
  • deny(clippy::panic)
  • Exceptions are checked manually

Panics

  • When the Rust allocator fails to allocate memory during a CryptoVec being resized.
  • When mlock/munlock fails to protect sensitive data in memory.

Unsafe code

  • cryptovec uses unsafe for faster copying, initialization and binding to native API.

Ecosystem

  • russh-sftp - server-side and client-side SFTP subsystem support for russh - see russh/examples/sftp_server.rs or russh/examples/sftp_client.rs.
  • async-ssh2-tokio - simple high-level API for running commands over SSH.

Adopters

  • HexPatch - A binary patcher and editor written in Rust with terminal user interface (TUI).
    • Uses russh::client and russh_sftp::client to allow remote editing of files.
  • kartoffels - A game where you're given a potato and your job is to implement a firmware for it
    • Uses russh:server to deliver the game, using ratatui as the rendering engine.
  • kty - The terminal for Kubernetes.
    • Uses russh::server to deliver the ratatui based TUI and russh_sftp::server to provide scp based file management.
  • lapdev - Self-Hosted Remote Dev Environment
    • Uses russh::server to construct a proxy into your development environment.
  • medusa - A fast and secure multi protocol honeypot.
    • Uses russh::server to be the basis of the honyepot.
  • rebels-in-the-sky - P2P terminal game about spacepirates playing basketball across the galaxy
    • Uses russh::server to deliver the game, using ratatui as the rendering engine.
  • warpgate - Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software
    • Uses russh::server in addition to russh::client as part of the smart SSH functionality.
  • Devolutions Gateway - Establish a secure entry point for internal or external segmented networks that require authorized just-in-time (JIT) access.
    • Uses russh::client for the web-based SSH client of the standalone web application.
  • Sandhole - Expose HTTP/SSH/TCP services through SSH port forwarding. A reverse proxy that just works with an OpenSSH client.
    • Uses russh::server for reverse forwarding connections, local forwarding tunnels, and the ratatui based admin interface.

Contributors ✨

Thanks goes to these wonderful people (emoji key):

Mihir Samdarshi
Mihir Samdarshi

📖
Connor Peet
Connor Peet

💻
KVZN
KVZN

💻
Adrian Müller (DTT)
Adrian Müller (DTT)

💻
Simone Margaritelli
Simone Margaritelli

💻
Joe Grund
Joe Grund

💻
AspectUnk
AspectUnk

💻
Simão Mata
Simão Mata

💻
Mariotaku
Mariotaku

💻
yorkz1994
yorkz1994

💻
Ciprian Dorin Craciun
Ciprian Dorin Craciun

💻
Eric Milliken
Eric Milliken

💻
Swelio
Swelio

💻
Joshua Benz
Joshua Benz

💻
Jan Holthuis
Jan Holthuis

🛡️
mateuszkj
mateuszkj

💻
Saksham Mittal
Saksham Mittal

💻
Lucas Kent
Lucas Kent

💻
Raphael Druon
Raphael Druon

💻
Maya the bee
Maya the bee

💻
Milo Mirate
Milo Mirate

💻
George Hopkins
George Hopkins

💻
Åke Amcoff
Åke Amcoff

💻
Brendon Ho
Brendon Ho

💻
Samuel Ainsworth
Samuel Ainsworth

💻
Sherlock Holo
Sherlock Holo

💻
Alessandro Ricottone
Alessandro Ricottone

💻
T0b1-iOS
T0b1-iOS

💻
Shoaib Merchant
Shoaib Merchant

💻
Michael Gleason
Michael Gleason

💻
Ana Gelez
Ana Gelez

💻
Tom König
Tom König

💻
Pierre Barre
Pierre Barre

💻
Jean-Baptiste Skutnik
Jean-Baptiste Skutnik

💻
Adam Chappell
Adam Chappell

💻
Yaroslav Bolyukin
Yaroslav Bolyukin

💻
Julian
Julian

💻
Thomas Rampelberg
Thomas Rampelberg

💻
Kaleb Elwert
Kaleb Elwert

📖
Gary Guo
Gary Guo

💻
irvingouj @ Devolutions
irvingouj @ Devolutions

💻
Toni Peter
Toni Peter

💻
Nathaniel Bajo
Nathaniel Bajo

💻
Eric Rodrigues Pires
Eric Rodrigues Pires

💻
Jerome Gravel-Niquet
Jerome Gravel-Niquet

💻
Quentin Santos
Quentin Santos

📖
André Almeida
André Almeida

💻
Mattias Eriksson
Mattias Eriksson

💻
Josh McKinney
Josh McKinney

💻
citorva
citorva

💻
Eric Seppanen
Eric Seppanen

💻
Eric Seppanen
Eric Seppanen

💻

This project follows the all-contributors specification. Contributions of any kind welcome!