It is what it is. You are what you it. There are no mistakes. ~ TR
November 10, 2009
i seem to come here to mainly write about the gsoc project which is no longer a gsoc project. anyway, i started working on sftp support, aim is to have it preliminarily done in 2 weeks or so.
the interesting thing about sftp is it never got standardized because the secsh working group felt it was more of a remote file system! there are like 13 internet drafts defining sftp versions 0 – 6, and for now i will be implementing version 3 because well, that is what openssh implements.
August 17, 2009
I will go out on a limb and say: as Java SSH libraries go, Commons-Net can lay claim to the best API.
Performance-wise, I am seeing speeds of upto 8mbps up/down with SCP, and double that with compression (but that’s cheating 
). Don’t know how that compares to the other libraries, but I think it’s quite decent.
The most important question is, does it “just work”? The code is young. Everything works well in my environment, and I’ve tried to do things the right way, but no doubt there will be bugs! I will work with Rory on getting a release out for wider testing. But if you’re curious, just checkout the commons-net-ssh trunk.
And well generally, GSOC’s been great experience. Learnt a lot. Major props to Rory and Chico for supporting me through the summer! Also: the Mina SSHD project, which provided a sound base and already took care of the most tricky bits.
The next 2 weeks will be quite busy, and after that, will continue making “commons-net-ssh” awesome 
August 4, 2009
Happy to say that I have made a lot of headway in the past weeks (except the last, where I had to take care of some things..). The connection layer is pretty much complete; can exec remote commands, start a shell or subsystem, and do local and remote port forwarding.
X11 forwarding works — if you ignore security implications of giving the remote host your real X11 cookie and making the X server listen on TCP. Implementing this right would require sending a fake cookie and replacing it with the real one when a connection comes in (implies delving into X protocol details) and using Unix domain sockets (from Java one would have to use a JNI-based library like juds). Anyway, not really a priority.
Currently, I am working on implementing SCP. SCP is an archaic protocol with no spec to speak off but this blog post saves the day. SFTP is a better choice anyday but SCP can be implemented in much lesser time. Once SCP is done and I expect it to be soon, the GSOC goals will be met feature-wise and for the remaining time I can write documentation and tests.
I started reading Martin Fowler’s Refactoring on the flight to Bremen and he describes refactoring as an alternative to upfront design. That is not to say no design to start with at all; just not a thorough specification that you stick to. I like that approach 
I’ve pretty much done that for this project; except Fowler emphasizes religious unit testing which I have been lax about. I am learning that there can be a methodology to refactoring, “code smells” that lead you to judgments about the need to refactor something. Fascinating, useful stuff that I am already applying. It is very satisfying to make code simpler and more elegant.
July 14, 2009
Just a quick GSOC update. I implemented publickey, password, and hostbased authentication; reading in OpenSSH key files (depends on BouncyCastle at the moment tho); and understanding OpenSSH “known_hosts” files.
Need to write a lot of tests, and seeing as how I find that not very exciting I’ve decided to spend at least an hour writing tests everyday before I allow myself to write new code!
Anyway, have started work on the SSH connection protocol (the highest layer), again by starting off with SSHD code.
June 19, 2009
I really don’t like titles, or at least having to think of one when the field stares at me in WP. Hopefully, the “hmm” I have started out with will turn more descriptive.
I have been reading a lot, and non-fiction at that, although I did buy Amit Verma’s My Friend Sancho. The book I really want to read was unfortunately not to be found. That book is B is for Beer, by Tom Robbins, my all-time favorite author. He describes it as a “children’s book for grownups, and a grownup book for children”. Who else writes such joy?! If I had a bookroll it would be filled with TR.
The non-fiction I mention is basically Java books — Java I/O, Java Threads, Effective Java. Just skimmed through the first 2 which didn’t prove of as much use as I would have thought, and I am finding the last one really good! It has great, reasoned (seasoned?) tips. I also bought Patterns in Network Architecture which should be an interesting read.
Anyway, it is fabulous to have time to read. I have compiled a whole list of software dev. books that I’ll make sure to get my hands on before my time at home is out, like the “Gang of Four’s” Design Patterns. Only problem would be when I have to decide which ones I can lug with me to Bremen.
As for GSOC, it goes well. The key exchange bit I said was a goal actually came pretty easy, and I must again mention how much Apache SSHD paves the way, otherwise I would have spent days and days coming to grips with intricacies. The point was not so much the actual key exchange but it working smoothly with all the changes I made, having gutted out its mina backend and put 2 threads in place instead. I call them input and output pumps, which is the best I could think of. I also did work on a lot of other transport layer stuff, like making sure re-exchange will happen smoothly.
Next, I implement host key verification and document what I got so far. I’d like to have the user authentication protocol on top of the SSH transport implemented by the end of the month. That’s as far as I would like to plan for now, but have to note that this is a more ambitious plan than what I had originally proposed, and that I think it is achievable is most definitely a good thing. I am a bit worried about implementing SCP since all the information I can find about it is that it is RCP over SSH, but what kind of formal description is that? Will probably have to rely on source code alone. Anyway, that bridge shall be crossed when it comes.
I see that I have taken on a more expansive writing style compared to my earlier posts, and this transition is I think an extension of my real life persona. I would elaborate, but I don’t feel that expansive quite yet.
June 15, 2009
Been a while since a status update. I started work just last week, since I had to wrap things up in Bremen.
I feel fairly confident navigating the Mina sshd codebase. It is (and will continue to..) prove invaluable as this develops. Right now, I am focussing on making it to the stage that SSH key exchange can be successfully completed — hopefully, in a couple of days! I will report back when that is done.
May 8, 2009
I have a pretty good handle on the SSH protocol by now. I am off again on another excursion, this time to the Harz mountains. This time it will be Apache sshd source code that travels with me, on an XO.
April 30, 2009
The next week is going to be quite insane. I have to finish work for my guided research and start writing the final report, besides a project and homeworks and a makeup midterm.
As for this weekend, I am off Friday-Sunday on a geoastro excursion to Helgoland… would have been nice if this was some other time. But anyway, I will be carrying with me a sheaf of SSH RFC’s, so some good shall come of it
Rory also put me in touch with Guillaume Nodet, who develops Mina sshd. It is incomplete and client support needs work, but there is great scope for code reuse. It is very well thought-out and of course, Apache-licensed
AFAICT right now, what can’t be reused would be Mina-specific bits like ‘futures’. The use of java.nio is wrapped with Mina abstractions; I will have to roll my own there.
Incidentally, programming with an async framework is something I’d really like to get acquainted with…
April 27, 2009
This is my first blog. I feel it’s a good time to start one, since I will actually have something to say, hopefully
I was accepted in Google Summer of Code 2009 with the Apache Software Foundation. My project is to add SSH and SCP support to Commons-Net. I like implementing API’s, and I like getting computers to talk to each other, so this summer should be fun
I am being mentored by Rory Winston with additional help from Chico Charlesworth, so I have great support for this project. It makes me a little less nervous about accomplishing the aims.
I think the nervousness is good. Some things will be new to me, like cryptography. I am getting my toes wet in using the java.security package already, due to a distributed systems course project. It’s also time to get to know the SSH RFC’s well.
The ASF has a lot of talented developers in its fold, and I expect this project will be a great learning experience for me. Despite the nervousness, I am excited! I will post soon about my plans for this project.