Lixiao Wang wrote:
> Dear Sir/Madam,
>
> I am a Ph.D. student in Computer Science of the University of Waterloo,
> Canada. I'm currently taking a graduate level course, software
architecture,
> offered by Dr. Ric Holt. Our group is interested in OpenSSH and we are
> studying the evolution of OpenSSH. I'm wondering if it is possible that
you
> can provide us with some architectural information of OpenSSH, such as the
> design architecture, how many high-level components in the system and what
> are they, etc. It'll be great help on our project. Your warm-hearted
help is
> highly appreciated.
There is no high-level design documentation other than the protocol
description in the IETF secsh internet-draft. Like many free software
products, OpenSSH has evolved based on activities predominatly performed
by individuals (mainly Markus).
As far as architectural components, they are pretty much seperated by
file. Some the more important ones in ssh & sshd are:
- The logging routines
- The buffer code, implementing dynamic buffers which are used
extensively through OpenSSH
- The generic cipher/MAC code
- The packet code, used to build/parse packets to/from the wire
- The dispatch system, that implements a generic message handler
- The client/server loops (the main loop of both ssh and sshd)
- The authentication method system
- The KEX (key exchange) code
- The channels code, used for sessions and port-forwarding (a
state-machine lives here)
- The privsep architecture, best documented in Niels' paper (another
state-machine is used here)
- The session code, which handles shell/command session setup and
teardown
Because the protocol is the same, much code is reused between the client
and the server.
I may have missed a couple of bits, but this is the guts of ssh and
sshd. Most of these live in files with names similar to their functions.
What is the nature of your project? Would you be willing to share the
results when you are done?
Regards,
Damien Miller