Hello OpenSSH Developers and Community, wolfSSL (formerly known as CyaSSL) is a dual licensed SSL/TLS implementation specializing in the embedded space. As we have grown we are being used in larger systems due to our reduced resource consumption on a per-session basis. Many have found that their servers are able to service more connections by replacing OpenSSL with wolfSSL. Our engineers have recently completed a port to OpenSSH. This port rips OpenSSL out of OpenSSH and inserts wolfSSL in its place. So why would you care about OpenSSL or wolfSSL, what does it really matter anyway? 1. wolfSSL offers a pluggable Federal Information Processing Standard (FIPS 140-2) certified crypto library. a. Read more about FIPS in wolfSSL <https://wolfssl.com/wolfSSL/fips.html>. b. See our FIPS certification. <http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2425> 2. OpenSSL has suffered over the past few years with too many contributions from a variety of sources. The lack of testing and verification of each submission to OpenSSL has resulted in numerous security vulnerabilities. 3. We are very selective about who can submit code to our libraries and each commit is tested extensively to ensure the best security is always provided for our customers. 4. We would like to provide consumers of OpenSSH with an alternate crypto solution. We have actively been testing our port on Linux and Mac OS X. If this is something that interests you, we would like to formally extend an invitation to test our port on the OS you use, and provide feedback/suggestions on your results. Thank you for your time. Details on getting a copy of our port, the wolfSSL libraries, and feedback channels can be found below. OpenSSH port Location: https://github.com/kaleb-himes/openssh-portable.git wolfSSL Location: https://github.com/wolfSSL/wolfssl.git or download from our website: https://wolfssl.com/wolfSSL/download/downloadForm.php >From your terminal: git clone https://github.com/kaleb-himes/openssh-portable.git git clone https://github.com/kaleb-himes/wolfssl.git cd wolfssl ./autogen.sh ./configure --prefix=/usr/local/lib --enable-openssh && make && sudo make install cd .. cd openssh-portable autoreconf ./configure --with-wolfssl=/usr/local/lib --with-pam && make && make tests Our Jenkins server is now using this port to actively checkout changes from github and is also running all slave nodes using SSH with this port. This provides us with some real-world testing in addition to the unit tests. Feedback can be sent to: info@xxxxxxxxxxx or support@xxxxxxxxxxx Additional Feedback Avenue: http://www.wolfssl.com/forums/ Sources: "Portable OpenSSH." www.openssh.com. Accessed December 31, 2015. http://www.openssh.com/portable.html. Kaleb Himes www.wolfssl.com kaleb@xxxxxxxxxxx Skype: kaleb.himes +1 406 381 9556 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
