| wolfSSH | |
|---|---|
| Developer | John Safranek |
| Initial release | July 20, 2016[1] |
| Stable release | 1.5.0[2] 
/ 20 April 2026 |
| Written in | C language |
| Operating system | Multi-platform |
| Type | Security library |
| License | GPL-3.0-or-later or proprietary license |
| Website | www |
| Repository | |
wolfSSH is a small, portable, embedded SSH library targeted for use by embedded systems developers. It is an open-source implementation of SSH written in the C language. It includes SSH client libraries and an SSH server implementation. It allows for password and public key authentication.
Platforms
editwolfSSH is currently available for Win32/64, Linux, macOS, Solaris, Threadx, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, WinCE, Haiku, OpenWrt, iPhone (iOS), Android, Wii and GameCube through DevKitPro support, QNX, MontaVista, TRON variants (TRON/ITRON/μITRON), NonStop OS, OpenCL, Micrium's MicroC/OS-II, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, TI-RTOS, HP-UX, uTasker, embOS, PIC32, PikeOS, Green Hills INTEGRITY, and Zephyr.
Protocols
editThe wolfSSH SSH library implements the SSHv2 protocol for both client and server. It also includes support for Secure Copy (SCP), SSH File Transfer Protocol (SFTP), remote command execution, and port forwarding. X509 certificate support RFC 6187.[3]
Algorithms
editwolfSSH uses the cryptographic services provided by wolfCrypt.[4] wolfCrypt Provides RSA, ECC, Diffie–Hellman, AES (CBC, GCM), Random Number Generation, Large Integer support, and base 16/64 encoding/decoding, and SHA-1, SHA-2, AES (GCM, CTR, CBC), X25519 and Ed25519, X448 and Ed448.
Key exchange
edit- diffie-hellman-group1-sha1
- diffie-hellman-group14-sha1
- diffie-hellman-group-exchange-sha256
- ecdh-sha2-nistp256
- ecdh-sha2-nistp384
- ecdh-sha2-nistp521
- diffie-hellman-group14-sha256
- curve25519-sha256
Public key
edit- ssh-rsa
- ecdsa-sha2-nistp256
- ecdsa-sha2-nistp384
- ecdsa-sha2-nistp521
- ssh-ed25519
- x509v3-ssh-rsa
- x509v3-ecdsa-sha2-nistp256
- x509v3-ecdsa-sha2-nistp384
- x509v3-ecdsa-sha2-nistp521
Integrity
edit- hmac-sha1
- hmac-sha1-96
- hmac-sha2-256
Encryption
edit- aes128-cbc
- aes192-cbc
- aes256-cbc
- aes128-ctr
- aes192-ctr
- aes256-ctr
- aes128-gcm (OpenSSH compatible)
Post-Quantum
edit- Supports hybrid post-quantum use with ML-KEM
Licensing
editwolfSSH is open source and dual licensed under both the GNU GPL-3.0-or-later[5] and commercial licensing.
See also
edit
- Secure Shell
- OpenSSH
- DropBear
- Comparison of SSH clients
- Comparison of SSH servers
- Comparison of cryptography libraries
References
edit- ^ "wolfSSH ChangeLog". 8 August 2017.
- ^ "Release 1.5.0". 20 April 2026. Retrieved 22 April 2026.
- ^ Igoe, Kevin; Stebila, Douglas (March 2011). "X.509v3 Certificates for Secure Shell Authentication".
- ^ wolfCrypt Usage Reference
- ^ "Licensing Information". 27 June 2017. Archived from the original on 2021-08-18.
