Skip to main content

Build NanoSSH server example code

NanoSSH server implementation tasks

The following are the basic tasks for building any of the NanoSSH server example code implementations.

  1. Add the NanoSSH server software to the application development environment. Ensure to include the example code that most closely matches that of the intended application.

  2. If there is no pre-configured TrustCore SDK port for the operating system, edit the appropriate abstraction files to port the code to the operating system.

  3. Specify which features (such as debugging and examples) to be included in the TrustCore SDK executable by setting the appropriate compilation flags. Initially, define only the minimal set of flags to limit functionality to basic communications. After confirming that a basic example application is executable (see step 5), this step may be repeated to add more features one at a time.

  4. Create the object files and the executable.

  5. Verify that the NanoSSH server example code is executable on the operating system.

  6. Repeat steps 3 to 5 as needed to add features one at a time.

Note

Steps differ between NanoSSH Standard Edition (commercial) and Community Edition (open-source). Follow the steps for the edition you are using.

Quick build server sample code

A sample version of a NanoSSH server may be quickly built to demonstrate its features using the provided makefile.ssh.

Run NanoSSH server quick build

To run the NanoSSH server quick build, run the following command:

./bin/ssh_server <options>

Options

  • ?: Displays the help.

  • -port <port>: Sets the listening port.

  • -ssh_server_cert <cert>: Sets the server certificate path.

  • -ssh_server_blob <key>: Sets the server blob path.

  • -ssh_ca_cert <ca_cert>: Sets the CA certificate.

  • -ocsp_responder_url <url>: Sets the OCSP Responder URL.

  • -ocsp_timeout <timeout>: Sets the OCSP wait timeout (in milliseconds).

Example code

To help with integration of NanoSSH server into devices, a suite of example code is included in the source distribution (in the src/examples directory).

The example code should be used as-is to validate SSH client-server communication. After verifying that the TrustCore SDK code works as expected on the intended system, the example code may be customized or used as a model for other implementations:

  • Customizing an Asynchronous NanoSSH server Implementation

  • Customizing a Synchronous NanoSSH server Implementation

  • Customizing a NanoSSH SFTP server Implementation

The following table shows which example files correspond to which NanoSSH product, as well as which flags to define to fully enable the example file’s code.

Table 3. Example Files and Configuration

File

Flags(s)

Sync server

Asynch server

SFTP server

sftp_example.c

Configures NanoSSH callbacks for SSH File Transfer Protocol (FTP) communication.

x

sftp_example_filesys.c

Provides an example SFTP file system descriptor.

x

sftp_example_wince.c

SFTP server for Windows CE.

x

ssh_example.c

Simple, synchronous SSH server with shell login.

x

ssh_example_async1.c

Simple, asynchronous SSH server with shell login.

x

ssh_example_async.c

Asynchronous SSH server with optional port forwarding.

x

ssh_example_pf.c

Synchronous SSH server with port forwarding.

x

ssh_linux_pty.c

Based on ssh_pipe.c; this Linux example demonstrates one way to communicate to an upper layer CLI, where the upper layer is the Bash shell.

x

x

ssh_pipe.c

Synchronous SSH server implemented as a proxy using pipes.

x

x

ssh_sock.c

Communicate to an upper-layer CLI.

x

x


Verify Communication between the client Shell and the NanoSSH server

After building the NanoSSH code, verify that it is executable in the operating environment. Assuming that NanoSSH client and NanoSSH server (and the example code) have been enabled, the loopback interface may be used to confirm that the client and server are able to communicate within the operating environment.

To verify communication between the client shell and NanoSSH server:

  1. If necessary, open a command shell on the NanoSSH server (e.g., Cygwin).

  2. Change to the mss directory.

  3. Start NanoSSH server (messages are displayed as processes and methods start up and run):

    bin/sshs.exe
    
  4. Open a second shell (the client), and enter the following command to request a connection for the admin user:

    ssh admin@127.0.0.1
    
  5. When prompted for the corresponding password, enter secure.

  6. When prompted to enter a new password, type one (e.g., new).

  7. When prompted to confirm the new password, enter it again. The client echoes Password changed and Password successfully changed.

  8. In the client window, press any keys. If they are echoed to the client window (that is, if you can see what you’re typing), asynchronous client-server communication is successful.

  9. Perform a graceful shutdown by entering the following command in the client window:

    Bye!
    

The client and server session end, and both command shells are closed.