Lib.rs

›

#ssh-client #client-server #ssh #sftp-client #remote #unix-socket #channel

russh

A client and server SSH library

by Eugene, Pierre-Etienne Meunier and 55 contributors

59 releases (13 breaking)

new 0.47.0-beta.3	Nov 24, 2024
0.46.0	Nov 3, 2024
0.44.0	Jul 18, 2024
0.43.0	Mar 21, 2024
0.34.0-beta.2	Mar 19, 2022

#40 in Cryptography

42,503 downloads per month
Used in 28 crates (24 directly)

Apache-2.0

635KB
14K SLoC

Russh

Low-level Tokio SSH2 client and server implementation.

Examples: simple client, interactive PTY client, server, SFTP client, SFTP server.

This is a fork of Thrussh by Pierre-Étienne Meunier.

✨ = added in Russh

More panic safety ✨
async_trait support ✨
direct-tcpip (local port forwarding)
forward-tcpip (remote port forwarding) ✨
direct-streamlocal (local UNIX socket forwarding, client only) ✨
forward-streamlocal (remote UNIX socket forwarding) ✨
Ciphers:
- chacha20-poly1305@openssh.com
- aes256-gcm@openssh.com ✨
- aes256-ctr ✨
- aes192-ctr ✨
- aes128-ctr ✨
- aes256-cbc ✨
- aes192-cbc ✨
- aes128-cbc ✨
- 3des-cbc ✨
Key exchanges:
- curve25519-sha256@libssh.org
- diffie-hellman-group1-sha1 ✨
- diffie-hellman-group14-sha1 ✨
- diffie-hellman-group14-sha256 ✨
- diffie-hellman-group16-sha512 ✨
- ecdh-sha2-nistp256 ✨
- ecdh-sha2-nistp384 ✨
- ecdh-sha2-nistp521 ✨
MACs:
- hmac-sha1 ✨
- hmac-sha2-256 ✨
- hmac-sha2-512 ✨
- hmac-sha1-etm@openssh.com ✨
- hmac-sha2-256-etm@openssh.com ✨
- hmac-sha2-512-etm@openssh.com ✨
Host keys and public key auth:
- ssh-ed25519
- rsa-sha2-256
- rsa-sha2-512
- ssh-rsa ✨
- ecdsa-sha2-nistp256 ✨
- ecdsa-sha2-nistp384 ✨
- ecdsa-sha2-nistp521 ✨
Authentication methods:
- password
- publickey
- keyboard-interactive
- none
- OpenSSH certificates ✨
Dependency updates
OpenSSH keepalive request handling ✨
OpenSSH agent forwarding channels ✨
OpenSSH server-sig-algs extension ✨

Safety

deny(clippy::unwrap_used)
deny(clippy::expect_used)
deny(clippy::indexing_slicing)
deny(clippy::panic)
Exceptions are checked manually

Panics

When the Rust allocator fails to allocate memory during a CryptoVec being resized.
When mlock/munlock fails to protect sensitive data in memory.

Unsafe code

cryptovec uses unsafe for faster copying, initialization and binding to native API.

Ecosystem

russh-sftp - server-side and client-side SFTP subsystem support for russh - see russh/examples/sftp_server.rs or russh/examples/sftp_client.rs.
async-ssh2-tokio - simple high-level API for running commands over SSH.

Adopters

HexPatch - A binary patcher and editor written in Rust with terminal user interface (TUI).
- Uses russh::client and russh_sftp::client to allow remote editing of files.
kartoffels - A game where you're given a potato and your job is to implement a firmware for it
- Uses russh:server to deliver the game, using ratatui as the rendering engine.
kty - The terminal for Kubernetes.
- Uses russh::server to deliver the ratatui based TUI and russh_sftp::server to provide scp based file management.
lapdev - Self-Hosted Remote Dev Environment
- Uses russh::server to construct a proxy into your development environment.
medusa - A fast and secure multi protocol honeypot.
- Uses russh::server to be the basis of the honyepot.
rebels-in-the-sky - P2P terminal game about spacepirates playing basketball across the galaxy
- Uses russh::server to deliver the game, using ratatui as the rendering engine.
warpgate - Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software
- Uses russh::server in addition to russh::client as part of the smart SSH functionality.
Devolutions Gateway - Establish a secure entry point for internal or external segmented networks that require authorized just-in-time (JIT) access.
- Uses russh::client for the web-based SSH client of the standalone web application.

Contributors ✨

Thanks goes to these wonderful people (emoji key):

_{Mihir Samdarshi} 📖	_{Connor Peet} 💻	_KVZN 💻	_{Adrian Müller (DTT)} 💻	_{Simone Margaritelli} 💻	_{Joe Grund} 💻	_AspectUnk 💻
_{Simão Mata} 💻	_Mariotaku 💻	_yorkz1994 💻	_{Ciprian Dorin Craciun} 💻	_{Eric Milliken} 💻	_Swelio 💻	_{Joshua Benz} 💻
_{Jan Holthuis} 🛡️	_mateuszkj 💻	_{Saksham Mittal} 💻	_{Lucas Kent} 💻	_{Raphael Druon} 💻	_{Maya the bee} 💻	_{Milo Mirate} 💻
_{George Hopkins} 💻	_{Åke Amcoff} 💻	_{Brendon Ho} 💻	_{Samuel Ainsworth} 💻	_{Sherlock Holo} 💻	_{Alessandro Ricottone} 💻	_T0b1-iOS 💻
_{Shoaib Merchant} 💻	_{Michael Gleason} 💻	_{Ana Gelez} 💻	_{Tom König} 💻	_{Pierre Barre} 💻	_{Jean-Baptiste Skutnik} 💻	_{Adam Chappell} 💻
_{Yaroslav Bolyukin} 💻	_Julian 💻	_{Thomas Rampelberg} 💻	_{Kaleb Elwert} 📖	_{Gary Guo} 💻	_{irvingouj @ Devolutions} 💻	_{Toni Peter} 💻
_{Nathaniel Bajo} 💻	_{Eric Rodrigues Pires} 💻	_{Jerome Gravel-Niquet} 💻	_{Quentin Santos} 📖	_{André Almeida} 💻	_{Mattias Eriksson} 💻	_{Josh McKinney} 💻

This project follows the all-contributors specification. Contributions of any kind welcome!

Dependencies

~14–44MB
~699K SLoC