On 12/03/2015 10:39 PM, Damien Miller wrote:> On Thu, 3 Dec 2015, Marcos Dione wrote:
>
>>
>> Hi everybody. First of all, I'm not subscribed to the list, so
please
>> CC me in answers.
>>
>> Second, please don't kill me :)
>>
>> I'm suffering the fact that if I, as a developer, want to
connect to
>> another machine via SSH, I must use a third party library[1]. Because
>> this is a reimplemetation of the protocol, it's always lagging
behind,
>> which only makes sense. Personally, it also looks like a waste of
>> resources.
>>
>> This reimplementation comes, I think, from the fact that openssh
does
>> not provide a library with a public API as an interface for developers.
>> So my question is: do you think it would make sense to provide such a
>> thing directly from the openssh project?
>
> We're slowly moving towards making parts of OpenSSH available as a
library,
> but progress has been slow and we've mostly been focusing on cleanups
and
> improving testability.
>
> In the meantime, I suggest you check out https://www.libssh.org/
Marcos,
You can also use OpenSSH client as a slave process. I have been able to
come quite far doing that on my Perl module Net::OpenSSH
(https://metacpan.org/pod/Net::OpenSSH) (ab)using the connection
multiplexing feature.
There are some rough edges when doing that, especially on the hand-shake
stages of SSH, as "ssh" is completely opaque then and for instance it
is
impossible to retrieve the specific error when some connection fails.
But on the other hand, presenting the SSH channels as regular file
descriptors in the API, instead of some custom abstraction, has allowed
me to integrate external tools such as rsync or sshfs and other Perl
modules as Expect or Net::Telnet quite easily.
I am also currently the de-facto maintainer for Net::SSH2, the Perl
wrapper for libssh2. I have tried to replicate the high level API of
Net::OpenSSH on top of Net::SSH2 (in Net::SSH::Any) and it has been
quite challenging. There are even several things that I have just not
been able to do in a reasonable simple and reliable way (i.e. running an
external command over a channel).