Commit | Line | Data |
---|---|---|
2fbf053b | 1 | ;;; GNU Guix --- Functional package management for GNU |
9478a252 | 2 | ;;; Copyright © 2012-2021 Ludovic Courtès <ludo@gnu.org> |
06ed5982 | 3 | ;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr> |
45f2ffb4 | 4 | ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> |
da4483f3 | 5 | ;;; Copyright © 2015, 2016, 2018, 2019, 2020, 2021 Efraim Flashner <efraim@flashner.co.il> |
af8f7eb4 | 6 | ;;; Copyright © 2016, 2019 Leo Famulari <leo@famulari.name> |
f43a652d | 7 | ;;; Copyright © 2016, 2021 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
94551439 | 8 | ;;; Copyright © 2016 Christine Lemmer-Webber <cwebber@dustycloud.org> |
98d223fd | 9 | ;;; Copyright © 2017–2021 Tobias Geerinckx-Rice <me@tobias.gr> |
c9a6a36f | 10 | ;;; Copyright © 2017 Stefan Reichör <stefan@xsteve.at> |
227dbd84 | 11 | ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> |
3c986a7d | 12 | ;;; Copyright © 2017 Nikita <nikita@n0.is> |
ae72b8f5 | 13 | ;;; Copyright © 2018 Manuel Graf <graf@init.at> |
618631f3 | 14 | ;;; Copyright © 2019 Gábor Boskovits <boskovits@gmail.com> |
b0966ba2 | 15 | ;;; Copyright © 2019, 2020 Mathieu Othacehe <m.othacehe@gmail.com> |
6a39cbe7 | 16 | ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org> |
96fe62d8 | 17 | ;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com> |
09d7f87a | 18 | ;;; Copyright © 2020, 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com> |
9e3b6820 | 19 | ;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re> |
2fbf053b AE |
20 | ;;; |
21 | ;;; This file is part of GNU Guix. | |
22 | ;;; | |
23 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
24 | ;;; under the terms of the GNU General Public License as published by | |
25 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
26 | ;;; your option) any later version. | |
27 | ;;; | |
28 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
29 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
30 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
31 | ;;; GNU General Public License for more details. | |
32 | ;;; | |
33 | ;;; You should have received a copy of the GNU General Public License | |
34 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
35 | ||
36 | (define-module (gnu packages ssh) | |
2102ae2e DC |
37 | #:use-module (gnu packages) |
38 | #:use-module (gnu packages autotools) | |
39 | #:use-module (gnu packages base) | |
6a7c4636 | 40 | #:use-module (gnu packages boost) |
2fbf053b | 41 | #:use-module (gnu packages compression) |
c9a6a36f | 42 | #:use-module (gnu packages crypto) |
2102ae2e | 43 | #:use-module (gnu packages elf) |
2fbf053b | 44 | #:use-module (gnu packages gnupg) |
2102ae2e | 45 | #:use-module (gnu packages gperf) |
fe0b8a78 | 46 | #:use-module (gnu packages groff) |
49d294e5 | 47 | #:use-module (gnu packages guile) |
da4483f3 | 48 | #:use-module (gnu packages hurd) |
618631f3 | 49 | #:use-module (gnu packages libedit) |
2102ae2e | 50 | #:use-module (gnu packages linux) |
c9a6a36f | 51 | #:use-module (gnu packages logging) |
2102ae2e DC |
52 | #:use-module (gnu packages m4) |
53 | #:use-module (gnu packages multiprecision) | |
87bf526b | 54 | #:use-module (gnu packages ncurses) |
2102ae2e | 55 | #:use-module (gnu packages nettle) |
89e34644 | 56 | #:use-module (gnu packages kerberos) |
2102ae2e DC |
57 | #:use-module (gnu packages perl) |
58 | #:use-module (gnu packages pkg-config) | |
c9a6a36f | 59 | #:use-module (gnu packages popt) |
6a7c4636 | 60 | #:use-module (gnu packages protobuf) |
ae72b8f5 | 61 | #:use-module (gnu packages python) |
3876ed32 OP |
62 | #:use-module (gnu packages python-crypto) |
63 | #:use-module (gnu packages python-web) | |
44d10b1f | 64 | #:use-module (gnu packages python-xyz) |
2102ae2e | 65 | #:use-module (gnu packages readline) |
8cc099b4 | 66 | #:use-module (gnu packages security-token) |
2102ae2e | 67 | #:use-module (gnu packages texinfo) |
cc2b77df | 68 | #:use-module (gnu packages tls) |
2102ae2e DC |
69 | #:use-module (gnu packages xorg) |
70 | #:use-module (guix build-system cmake) | |
71 | #:use-module (guix build-system gnu) | |
ae72b8f5 | 72 | #:use-module (guix build-system python) |
2fbf053b | 73 | #:use-module (guix download) |
817efe8b | 74 | #:use-module (guix git-download) |
2102ae2e | 75 | #:use-module ((guix licenses) #:prefix license:) |
befbaebf | 76 | #:use-module (guix packages) |
7e90eb98 | 77 | #:use-module (guix utils) |
befbaebf | 78 | #:use-module (srfi srfi-1)) |
1681cd4a | 79 | |
96fe62d8 TGR |
80 | (define-public hss |
81 | (package | |
82 | (name "hss") | |
83 | (version "1.8") | |
84 | (source (origin | |
85 | (method git-fetch) | |
86 | (uri (git-reference | |
b0e7b699 | 87 | (url "https://github.com/six-ddc/hss") |
96fe62d8 TGR |
88 | (commit (string-append "v" version)))) |
89 | (file-name (git-file-name name version)) | |
90 | (sha256 | |
91 | (base32 | |
92 | "1rpysj65j9ls30bf2c5k5hykzzjfknrihs58imp178bx1wqzw4jl")))) | |
93 | (inputs | |
8394619b | 94 | (list readline)) |
96fe62d8 | 95 | (arguments |
f718c0a0 | 96 | `(#:make-flags |
845f5a03 TGR |
97 | (list ,(string-append "CC=" (cc-for-target)) |
98 | (string-append "INSTALL_BIN=" (assoc-ref %outputs "out") "/bin")) | |
f718c0a0 | 99 | #:tests? #f ; no tests |
96fe62d8 TGR |
100 | #:phases |
101 | (modify-phases %standard-phases | |
f718c0a0 | 102 | (add-after 'unpack 'patch-file-names |
96fe62d8 TGR |
103 | (lambda* (#:key inputs outputs #:allow-other-keys) |
104 | (substitute* "Makefile" | |
96fe62d8 TGR |
105 | (("/usr/local/opt/readline") |
106 | (assoc-ref inputs "readline"))) | |
3b6b337e TGR |
107 | #t)) |
108 | (delete 'configure)))) ; no configure script | |
96fe62d8 TGR |
109 | (build-system gnu-build-system) |
110 | (home-page "https://github.com/six-ddc/hss/") | |
111 | (synopsis "Interactive SSH client for multiple servers") | |
16f6889b TGR |
112 | (description |
113 | "@command{hss} is an interactive SSH client for multiple servers. Commands | |
114 | are executed on all servers in parallel. Execution on one server does not need | |
115 | to wait for that on another server to finish before starting. One can run a | |
116 | command on hundreds of servers at the same time, with almost the same experience | |
117 | as a local Bash shell. | |
96fe62d8 | 118 | |
16f6889b | 119 | It supports: |
96fe62d8 | 120 | @itemize @bullet |
16f6889b TGR |
121 | @item interactive input: based on GNU readline. |
122 | @item history: responding to the @kbd{C-r} key. | |
123 | @item auto-completion: @key{TAB}-completion from remote servers for commands and | |
124 | file names. | |
125 | @end itemize\n") | |
96fe62d8 TGR |
126 | (license license:expat))) |
127 | ||
1681cd4a | 128 | (define-public libssh |
eed00f93 LF |
129 | (package |
130 | (name "libssh") | |
49bb544b | 131 | (version "0.9.6") |
eed00f93 | 132 | (source (origin |
49bb544b LF |
133 | (method url-fetch) |
134 | (uri (string-append "https://www.libssh.org/files/" | |
135 | (version-major+minor version) | |
136 | "/libssh-" version ".tar.xz")) | |
eed00f93 LF |
137 | (sha256 |
138 | (base32 | |
49bb544b | 139 | "16w2mc7pyv9mijjlgacbz8dgczc7ig2m6m70w1pld04vpn2zig46")))) |
eed00f93 LF |
140 | (build-system cmake-build-system) |
141 | (outputs '("out" "debug")) | |
142 | (arguments | |
143 | '(#:configure-flags '("-DWITH_GCRYPT=ON") | |
deed349b | 144 | |
eed00f93 LF |
145 | ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite. |
146 | #:tests? #f)) | |
8394619b | 147 | (inputs (list zlib libgcrypt mit-krb5)) |
eed00f93 LF |
148 | (synopsis "SSH client library") |
149 | (description | |
150 | "libssh is a C library implementing the SSHv2 and SSHv1 protocol for client | |
151 | and server implementations. With libssh, you can remotely execute programs, | |
152 | transfer files, and use a secure and transparent tunnel for your remote | |
153 | applications.") | |
154 | (home-page "https://www.libssh.org") | |
155 | (license license:lgpl2.1+))) | |
2fbf053b AE |
156 | |
157 | (define-public libssh2 | |
158 | (package | |
159 | (name "libssh2") | |
61f34ae5 | 160 | (version "1.9.0") |
2fbf053b AE |
161 | (source (origin |
162 | (method url-fetch) | |
163 | (uri (string-append | |
78d80c5c | 164 | "https://www.libssh2.org/download/libssh2-" |
2fbf053b | 165 | version ".tar.gz")) |
78d80c5c LF |
166 | (sha256 |
167 | (base32 | |
f04dca8e EF |
168 | "1zfsz9nldakfz61d2j70pk29zlmj7w2vv46s9l3x2prhcgaqpyym")) |
169 | (patches (search-patches "libssh2-CVE-2019-17498.patch")))) | |
2fbf053b | 170 | (build-system gnu-build-system) |
e9c14f37 EB |
171 | ;; The installed libssh2.pc file does not include paths to libgcrypt and |
172 | ;; zlib libraries, so we need to propagate the inputs. | |
8394619b | 173 | (propagated-inputs (list libgcrypt zlib)) |
61f34ae5 | 174 | (arguments `(#:configure-flags `("--with-libgcrypt"))) |
35b9e423 | 175 | (synopsis "Client-side C library implementing the SSH2 protocol") |
2fbf053b AE |
176 | (description |
177 | "libssh2 is a library intended to allow software developers access to | |
35b9e423 | 178 | the SSH-2 protocol in an easy-to-use self-contained package. It can be built |
2fbf053b AE |
179 | into an application to perform many different tasks when communicating with |
180 | a server that supports the SSH-2 protocol.") | |
181 | (license license:bsd-3) | |
18e627be | 182 | (home-page "https://www.libssh2.org/"))) |
fe0b8a78 AE |
183 | |
184 | (define-public openssh | |
185 | (package | |
186 | (name "openssh") | |
3235a54c | 187 | (version "8.8p1") |
fe0b8a78 | 188 | (source (origin |
644e5f17 TGR |
189 | (method url-fetch) |
190 | (uri (string-append "mirror://openbsd/OpenSSH/portable/" | |
21f5de6d | 191 | "openssh-" version ".tar.gz")) |
759a526f | 192 | (patches (search-patches "openssh-hurd.patch")) |
644e5f17 TGR |
193 | (sha256 |
194 | (base32 | |
3235a54c | 195 | "1s8z6f7mi1pwsl79cqai8cr350m5lf2ifcxff57wx6mvm478k425")))) |
fe0b8a78 | 196 | (build-system gnu-build-system) |
8394619b | 197 | (native-inputs (list groff pkg-config)) |
618631f3 GB |
198 | (inputs `(("libedit" ,libedit) |
199 | ("openssl" ,openssl) | |
da4483f3 | 200 | ,@(if (hurd-target?) |
9478a252 LC |
201 | '() |
202 | `(("pam" ,linux-pam) | |
203 | ("libfido2" ,libfido2))) ;fails to build on GNU/Hurd | |
040b6299 | 204 | ("mit-krb5" ,mit-krb5) |
683a4a34 | 205 | ("zlib" ,zlib) |
4a697466 | 206 | ("xauth" ,xauth))) ; for 'ssh -X' and 'ssh -Y' |
fe0b8a78 AE |
207 | (arguments |
208 | `(#:test-target "tests" | |
d3552450 LF |
209 | ;; Otherwise, the test scripts try to use a nonexistent directory and |
210 | ;; fail. | |
211 | #:make-flags '("REGRESSTMP=\"$${BUILDDIR}/regress\"") | |
040b6299 | 212 | #:configure-flags `("--sysconfdir=/etc/ssh" |
39012aab | 213 | |
040b6299 | 214 | ;; Default value of 'PATH' used by sshd. |
9af49832 LC |
215 | "--with-default-path=/run/current-system/profile/bin" |
216 | ||
6db6bcf7 | 217 | ;; configure needs to find krb5-config. |
040b6299 JD |
218 | ,(string-append "--with-kerberos5=" |
219 | (assoc-ref %build-inputs "mit-krb5") | |
220 | "/bin") | |
221 | ||
6db6bcf7 | 222 | ;; libedit is needed for sftp completion. |
618631f3 GB |
223 | "--with-libedit" |
224 | ||
39012aab | 225 | ;; Enable PAM support in sshd. |
da4483f3 EF |
226 | ,,@(if (hurd-target?) |
227 | '() | |
9478a252 LC |
228 | '("--with-pam" |
229 | ||
230 | ;; Support creation and use of ecdsa-sk, | |
231 | ;; ed25519-sk keys. | |
232 | "--with-security-key-builtin")) | |
233 | ||
3d8c7783 | 234 | |
8cc099b4 | 235 | |
3d8c7783 MO |
236 | ;; "make install" runs "install -s" by default, |
237 | ;; which doesn't work for cross-compiled binaries | |
238 | ;; because it invokes 'strip' instead of | |
239 | ;; 'TRIPLET-strip'. Work around this. | |
240 | ,,@(if (%current-target-system) | |
241 | '("--disable-strip") | |
242 | '())) | |
39012aab | 243 | |
fe0b8a78 | 244 | #:phases |
a9ee11d5 RW |
245 | (modify-phases %standard-phases |
246 | (add-after 'configure 'reset-/var/empty | |
247 | (lambda* (#:key outputs #:allow-other-keys) | |
248 | (let ((out (assoc-ref outputs "out"))) | |
249 | (substitute* "Makefile" | |
250 | (("PRIVSEP_PATH=/var/empty") | |
3235a54c | 251 | (string-append "PRIVSEP_PATH=" out "/var/empty")))))) |
a9ee11d5 RW |
252 | (add-before 'check 'patch-tests |
253 | (lambda _ | |
6db6bcf7 TGR |
254 | (substitute* "regress/test-exec.sh" |
255 | (("/bin/sh") (which "sh"))) | |
256 | ||
257 | ;; Remove 't-exec' regress target which requires user 'sshd'. | |
258 | (substitute* (list "Makefile" | |
259 | "regress/Makefile") | |
260 | (("^(tests:.*) t-exec(.*)" all pre post) | |
3235a54c | 261 | (string-append pre post))))) |
a9ee11d5 | 262 | (replace 'install |
ec7bcdc3 TGR |
263 | (lambda* (#:key outputs (make-flags '()) #:allow-other-keys) |
264 | (let ((out (assoc-ref outputs "out"))) | |
265 | ;; Install without host keys and system configuration files. | |
a03562b4 TGR |
266 | ;; This will install /var/empty to the store, which is needed |
267 | ;; by the system openssh-service-type. | |
ec7bcdc3 | 268 | (apply invoke "make" "install-nosysconf" make-flags) |
ec7bcdc3 TGR |
269 | (with-directory-excursion "contrib" |
270 | (chmod "ssh-copy-id" #o555) | |
271 | (install-file "ssh-copy-id" | |
272 | (string-append out "/bin/")) | |
273 | (install-file "ssh-copy-id.1" | |
274 | (string-append out "/share/man/man1/"))))))))) | |
35b9e423 | 275 | (synopsis "Client and server for the secure shell (ssh) protocol") |
fe0b8a78 AE |
276 | (description |
277 | "The SSH2 protocol implemented in OpenSSH is standardised by the | |
278 | IETF secsh working group and is specified in several RFCs and drafts. | |
279 | It is composed of three layered components: | |
280 | ||
281 | The transport layer provides algorithm negotiation and a key exchange. | |
282 | The key exchange includes server authentication and results in a | |
283 | cryptographically secured connection: it provides integrity, confidentiality | |
284 | and optional compression. | |
285 | ||
286 | The user authentication layer uses the established connection and relies on | |
35b9e423 EB |
287 | the services provided by the transport layer. It provides several mechanisms |
288 | for user authentication. These include traditional password authentication | |
fe0b8a78 AE |
289 | as well as public-key or host-based authentication mechanisms. |
290 | ||
291 | The connection layer multiplexes many different concurrent channels over the | |
292 | authenticated connection and allows tunneling of login sessions and | |
35b9e423 | 293 | TCP-forwarding. It provides a flow control service for these channels. |
fe0b8a78 | 294 | Additionally, various channel-specific options can be negotiated.") |
166191b3 | 295 | (license (license:non-copyleft "file://LICENSE" |
fe0b8a78 | 296 | "See LICENSE in the distribution.")) |
1121a5c6 | 297 | (home-page "https://www.openssh.com/"))) |
fe0b8a78 | 298 | |
65c8512f MO |
299 | ;; OpenSSH without X support. This allows to use OpenSSH without dragging X |
300 | ;; libraries to the closure. | |
301 | (define-public openssh-sans-x | |
302 | (package | |
303 | (inherit openssh) | |
304 | (name "openssh-sans-x") | |
305 | (inputs (alist-delete "xauth" (package-inputs openssh))) | |
306 | (synopsis "OpenSSH client and server without X11 support"))) | |
307 | ||
49d294e5 | 308 | (define-public guile-ssh |
096f442d LC |
309 | (package |
310 | (name "guile-ssh") | |
311 | (version "0.13.1") | |
312 | (home-page "https://github.com/artyom-poptsov/guile-ssh") | |
313 | (source (origin | |
314 | (method git-fetch) | |
315 | (uri (git-reference | |
316 | (url home-page) | |
317 | (commit (string-append "v" version)))) | |
3299530c | 318 | (file-name (git-file-name name version)) |
096f442d LC |
319 | (sha256 |
320 | (base32 | |
321 | "1xpxkvgj7wgcl450djkcrmrf957mcy2f36hfs5g6kpla1gax2d1g")) | |
0fb80f34 LC |
322 | (patches (search-patches "guile-ssh-fix-test-suite.patch" |
323 | "guile-ssh-read-error.patch")))) | |
096f442d LC |
324 | (build-system gnu-build-system) |
325 | (outputs '("out" "debug")) | |
326 | (arguments | |
327 | `(;; It makes no sense to build libguile-ssh.a. | |
328 | #:configure-flags '("--disable-static") | |
329 | ||
330 | #:phases (modify-phases %standard-phases | |
331 | (add-before 'build 'fix-libguile-ssh-file-name | |
332 | (lambda* (#:key outputs #:allow-other-keys) | |
333 | ;; Build and install libguile-ssh.so so that we can use | |
334 | ;; its absolute file name in .scm files, before we build | |
335 | ;; the .go files. | |
336 | (let* ((out (assoc-ref outputs "out")) | |
337 | (lib (string-append out "/lib"))) | |
338 | (invoke "make" "install" | |
339 | "-C" "libguile-ssh" | |
340 | "-j" (number->string | |
341 | (parallel-job-count))) | |
342 | (substitute* (find-files "." "\\.scm$") | |
343 | (("\"libguile-ssh\"") | |
344 | (string-append "\"" lib "/libguile-ssh\""))) | |
345 | #t))) | |
346 | ,@(if (%current-target-system) | |
347 | '() | |
348 | '((add-before 'check 'fix-guile-path | |
349 | (lambda* (#:key inputs #:allow-other-keys) | |
350 | (let ((guile (assoc-ref inputs "guile"))) | |
351 | (substitute* "tests/common.scm" | |
352 | (("/usr/bin/guile") | |
353 | (string-append guile "/bin/guile"))) | |
354 | #t))))) | |
355 | (add-after 'install 'remove-bin-directory | |
356 | (lambda* (#:key outputs #:allow-other-keys) | |
357 | (let* ((out (assoc-ref outputs "out")) | |
358 | (bin (string-append out "/bin")) | |
359 | (examples (string-append | |
360 | out "/share/guile-ssh/examples"))) | |
361 | (mkdir-p examples) | |
362 | (rename-file (string-append bin "/ssshd.scm") | |
363 | (string-append examples "/ssshd.scm")) | |
364 | (rename-file (string-append bin "/sssh.scm") | |
365 | (string-append examples "/sssh.scm")) | |
366 | (delete-file-recursively bin) | |
367 | #t)))))) | |
8394619b LC |
368 | (native-inputs (list autoconf |
369 | automake | |
370 | libtool | |
371 | texinfo | |
372 | pkg-config | |
373 | which | |
374 | guile-3.0)) ;needed when cross-compiling. | |
375 | (inputs (list guile-3.0 libssh libgcrypt)) | |
096f442d LC |
376 | (synopsis "Guile bindings to libssh") |
377 | (description | |
378 | "Guile-SSH is a library that provides access to the SSH protocol for | |
379 | programs written in GNU Guile interpreter. It is a wrapper to the underlying | |
380 | libssh library.") | |
381 | (license license:gpl3+))) | |
513e1950 | 382 | |
4d8806c3 | 383 | (define-public guile2.0-ssh |
75c260ba LC |
384 | (package |
385 | (inherit guile-ssh) | |
4d8806c3 | 386 | (name "guile2.0-ssh") |
0fb80f34 LC |
387 | (source (origin |
388 | (inherit (package-source guile-ssh)) | |
389 | (patches (search-patches "guile-ssh-fix-test-suite.patch")))) | |
bbb219bd | 390 | (native-inputs |
8394619b LC |
391 | (modify-inputs (package-native-inputs guile-ssh) |
392 | (delete "guile") | |
393 | (prepend guile-2.0 ;needed when cross-compiling. | |
394 | ))) | |
395 | (inputs (modify-inputs (package-inputs guile-ssh) | |
396 | (replace "guile" guile-2.0))))) | |
befbaebf | 397 | |
b6bee63b | 398 | (define-public guile2.2-ssh |
7e90eb98 LC |
399 | (package |
400 | (inherit guile-ssh) | |
b6bee63b | 401 | (name "guile2.2-ssh") |
0fb80f34 LC |
402 | (source (origin |
403 | (inherit (package-source guile-ssh)) | |
404 | (patches (search-patches "guile-ssh-fix-test-suite.patch")))) | |
bbb219bd | 405 | (native-inputs |
8394619b LC |
406 | (modify-inputs (package-native-inputs guile-ssh) |
407 | (delete "guile") | |
408 | (prepend guile-2.2 ;needed when cross-compiling. | |
409 | ))) | |
410 | (inputs (modify-inputs (package-inputs guile-ssh) | |
411 | (replace "guile" guile-2.2))))) | |
7e90eb98 | 412 | |
513e1950 | 413 | (define-public corkscrew |
b692a1bb TGR |
414 | ;; The last 2.0 release hails from 2009. Use a fork (submitted upstream as |
415 | ;; <https://github.com/patpadgett/corkscrew/pull/5>) that adds now-essential | |
416 | ;; IPv6 and TLS support. | |
417 | (let ((revision "0") | |
418 | (commit "268b71e88ee51fddceab96d665b327394f1feb12")) | |
419 | (package | |
420 | (name "corkscrew") | |
421 | (version (git-version "2.0" revision commit)) | |
422 | (source | |
423 | (origin | |
424 | (method git-fetch) | |
425 | (uri (git-reference | |
426 | (url "https://github.com/rtgill82/corkscrew") | |
427 | (commit commit))) | |
428 | (sha256 | |
429 | (base32 "1rylbimlfig3ii4bqr4r058lkc43pqkxnxqpqdpm31blh3xs0dcw")) | |
430 | (file-name (git-file-name name version)))) | |
431 | (build-system gnu-build-system) | |
432 | (arguments | |
433 | `(#:configure-flags | |
434 | (list "--enable-ssl") | |
435 | #:phases | |
436 | (modify-phases %standard-phases | |
437 | (add-after 'unpack 'update-metadata | |
438 | (lambda _ | |
439 | (substitute* "configure.ac" | |
440 | ;; Our version differs significantly. | |
441 | (("2.0") (string-append ,version " (Guix)"))) | |
442 | (substitute* "corkscrew.c" | |
443 | ;; This domain's since been squat. | |
444 | (("\\(agroman@agroman\\.net\\)") | |
445 | (format #f "<~a>" ,(package-home-page this-package)))))) | |
446 | (add-after 'install 'install-documentation | |
447 | (lambda* (#:key outputs #:allow-other-keys) | |
448 | (let* ((out (assoc-ref outputs "out")) | |
449 | (doc (string-append out "/share/doc/" ,name "-" ,version))) | |
450 | (install-file "README.md" doc) | |
451 | #t)))))) | |
452 | (native-inputs | |
8394619b | 453 | (list autoconf automake pkg-config)) |
b692a1bb | 454 | (inputs |
8394619b | 455 | (list openssl)) |
b692a1bb TGR |
456 | (home-page "https://github.com/patpadgett/corkscrew") |
457 | (synopsis "SSH tunneling through HTTP(S) proxies") | |
458 | (description | |
459 | "Corkscrew tunnels SSH connections through most HTTP and HTTPS proxies. | |
460 | It supports proxy authentication through the HTTP basic authentication scheme | |
461 | with optional @acronym{TLS, Transport-Level Security} to protect credentials.") | |
462 | (license license:gpl2+)))) | |
87bf526b LC |
463 | |
464 | (define-public mosh | |
465 | (package | |
466 | (name "mosh") | |
4b8b245b | 467 | (version "1.3.2") |
87bf526b LC |
468 | (source (origin |
469 | (method url-fetch) | |
c3671282 | 470 | (uri (string-append "https://mosh.org/mosh-" version ".tar.gz")) |
87bf526b LC |
471 | (sha256 |
472 | (base32 | |
4b8b245b | 473 | "05hjhlp6lk8yjcy59zywpf0r6s0h0b9zxq0lw66dh9x8vxrhaq6s")))) |
87bf526b LC |
474 | (build-system gnu-build-system) |
475 | (arguments | |
11379192 EF |
476 | '(#:phases |
477 | (modify-phases %standard-phases | |
2b504cc3 TGR |
478 | (add-after 'unpack 'patch-FHS-file-names |
479 | (lambda _ | |
480 | (substitute* "scripts/mosh.pl" | |
481 | (("/bin/sh") | |
482 | (which "sh"))) | |
483 | #t)) | |
11379192 EF |
484 | (add-after 'install 'wrap |
485 | (lambda* (#:key outputs #:allow-other-keys) | |
486 | ;; Make sure 'mosh' can find 'mosh-client' and | |
487 | ;; 'mosh-server'. | |
488 | (let* ((out (assoc-ref outputs "out")) | |
489 | (bin (string-append out "/bin"))) | |
490 | (wrap-program (string-append bin "/mosh") | |
491 | `("PATH" ":" prefix (,bin))))))))) | |
87bf526b | 492 | (native-inputs |
8394619b | 493 | (list pkg-config)) |
87bf526b LC |
494 | (inputs |
495 | `(("openssl" ,openssl) | |
496 | ("perl" ,perl) | |
497 | ("perl-io-tty" ,perl-io-tty) | |
498 | ("zlib" ,zlib) | |
499 | ("ncurses" ,ncurses) | |
500 | ("protobuf" ,protobuf) | |
501 | ("boost-headers" ,boost))) | |
c3671282 | 502 | (home-page "https://mosh.org/") |
87bf526b LC |
503 | (synopsis "Remote shell tolerant to intermittent connectivity") |
504 | (description | |
2ca12aee TGR |
505 | "Mosh is a remote terminal application that allows client roaming, supports |
506 | intermittent connectivity, and provides intelligent local echo and line editing | |
507 | of user keystrokes. It's a replacement for SSH that's more robust and | |
508 | responsive, especially over Wi-Fi, cellular, and long-distance links.") | |
87bf526b | 509 | (license license:gpl3+))) |
8c6cfd55 JD |
510 | |
511 | (define-public dropbear | |
512 | (package | |
513 | (name "dropbear") | |
bc34183e | 514 | (version "2020.81") |
e190d12e TGR |
515 | (source |
516 | (origin | |
517 | (method url-fetch) | |
518 | (uri (string-append | |
519 | "https://matt.ucc.asn.au/dropbear/releases/" | |
520 | "dropbear-" version ".tar.bz2")) | |
521 | (sha256 | |
f72ff06e EF |
522 | (base32 "0fy5ma4cfc2pk25mcccc67b2mf1rnb2c06ilb7ddnxbpnc85s8s8")) |
523 | (modules '((guix build utils))) | |
524 | (snippet | |
525 | '(begin | |
526 | (delete-file-recursively "libtommath") | |
527 | (delete-file-recursively "libtomcrypt") | |
528 | (substitute* "configure" | |
529 | (("-ltomcrypt") "-ltomcrypt -ltommath")) | |
530 | #t)))) | |
8c6cfd55 | 531 | (build-system gnu-build-system) |
f72ff06e EF |
532 | (arguments |
533 | `(#:configure-flags '("--disable-bundled-libtom") | |
534 | #:tests? #f)) ; there is no "make check" or anything similar | |
535 | (inputs | |
8394619b | 536 | (list libtomcrypt libtommath zlib)) |
8c6cfd55 JD |
537 | (synopsis "Small SSH server and client") |
538 | (description "Dropbear is a relatively small SSH server and | |
35b9e423 EB |
539 | client. It runs on a variety of POSIX-based platforms. Dropbear is |
540 | particularly useful for embedded systems, such as wireless routers.") | |
8c6cfd55 JD |
541 | (home-page "https://matt.ucc.asn.au/dropbear/dropbear.html") |
542 | (license (license:x11-style "" "See file LICENSE.")))) | |
2102ae2e DC |
543 | |
544 | (define-public liboop | |
545 | (package | |
546 | (name "liboop") | |
506737f1 | 547 | (version "1.0.1") |
2102ae2e DC |
548 | (source |
549 | (origin | |
550 | (method url-fetch) | |
506737f1 TGR |
551 | (uri (string-append "http://ftp.lysator.liu.se/pub/liboop/" |
552 | name "-" version ".tar.gz")) | |
2102ae2e DC |
553 | (sha256 |
554 | (base32 | |
506737f1 | 555 | "1q0p1l72pq9k3bi7a366j2rishv7dzzkg3i6r2npsfg7cnnidbsn")))) |
2102ae2e | 556 | (build-system gnu-build-system) |
359b137c | 557 | (home-page "https://www.lysator.liu.se/liboop/") |
2102ae2e DC |
558 | (synopsis "Event loop library") |
559 | (description "Liboop is a low-level event loop management library for | |
560 | POSIX-based operating systems. It supports the development of modular, | |
561 | multiplexed applications which may respond to events from several sources. It | |
562 | replaces the \"select() loop\" and allows the registration of event handlers | |
563 | for file and network I/O, timers and signals. Since processes use these | |
564 | mechanisms for almost all external communication, liboop can be used as the | |
565 | basis for almost any application.") | |
566 | (license license:lgpl2.1+))) | |
567 | ||
568 | (define-public lsh | |
569 | (package | |
570 | (name "lsh") | |
571 | (version "2.1") | |
572 | (source (origin | |
573 | (method url-fetch) | |
574 | (uri (string-append "mirror://gnu/lsh/lsh-" | |
575 | version ".tar.gz")) | |
576 | (sha256 | |
577 | (base32 | |
578 | "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb")) | |
579 | (modules '((guix build utils))) | |
580 | (snippet | |
581 | '(begin | |
582 | (substitute* "src/testsuite/functions.sh" | |
583 | (("localhost") | |
584 | ;; Avoid host name lookups since they don't work in | |
585 | ;; chroot builds. | |
586 | "127.0.0.1") | |
587 | (("set -e") | |
588 | ;; Make tests more verbose. | |
589 | "set -e\nset -x")) | |
590 | ||
591 | (substitute* (find-files "src/testsuite" "-test$") | |
592 | (("localhost") "127.0.0.1")) | |
593 | ||
594 | (substitute* "src/testsuite/login-auth-test" | |
6cbee49d | 595 | (("/bin/cat") "cat")) |
0ec195ff MC |
596 | #t)) |
597 | (patches (search-patches "lsh-fix-x11-forwarding.patch")))) | |
2102ae2e DC |
598 | (build-system gnu-build-system) |
599 | (native-inputs | |
8394619b LC |
600 | (list autoconf |
601 | automake | |
602 | m4 | |
603 | guile-2.0 | |
604 | gperf | |
605 | psmisc)) ; for `killall' | |
2102ae2e | 606 | (inputs |
8394619b LC |
607 | (list nettle-2 |
608 | linux-pam | |
609 | ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in | |
610 | ;; Readline 6.3. | |
611 | readline-6.2 | |
612 | liboop | |
613 | zlib | |
614 | gmp | |
615 | ;; The server (lshd) invokes xauth when X11 forwarding is requested. | |
616 | ;; This adds 24 MiB (or 27%) to the closure of lsh. | |
617 | xauth | |
618 | libxau)) ;also required for x11-forwarding | |
2102ae2e DC |
619 | (arguments |
620 | '(;; Skip the `configure' test that checks whether /dev/ptmx & | |
621 | ;; co. work as expected, because it relies on impurities (for | |
622 | ;; instance, /dev/pts may be unavailable in chroots.) | |
d5c969ce LC |
623 | #:configure-flags '("lsh_cv_sys_unix98_ptys=yes" |
624 | ||
625 | ;; Use glibc's argp rather than the bundled one. | |
626 | "--with-system-argp" | |
627 | ||
628 | ;; 'lsh_argp.h' checks HAVE_ARGP_PARSE but nothing | |
629 | ;; defines it. | |
630 | "CPPFLAGS=-DHAVE_ARGP_PARSE") | |
2102ae2e DC |
631 | #:phases |
632 | (modify-phases %standard-phases | |
3e34f899 MC |
633 | (add-after 'unpack 'disable-failing-tests |
634 | (lambda _ | |
635 | ;; FIXME: Most tests won't run in a chroot, presumably because | |
636 | ;; /etc/profile is missing, and thus clients get an empty $PATH | |
637 | ;; and nothing works. Run only the subset that passes. | |
638 | (delete-file "configure") ;force rebootstrap | |
639 | (substitute* "src/testsuite/Makefile.am" | |
640 | (("seed-test \\\\") ;prevent trailing slash | |
641 | "seed-test") | |
642 | (("^\t(lsh|daemon|tcpip|socks|lshg|lcp|rapid7|lshd).*test.*") | |
643 | "")) | |
644 | #t)) | |
2102ae2e DC |
645 | (add-before 'configure 'pre-configure |
646 | (lambda* (#:key inputs #:allow-other-keys) | |
647 | (let* ((nettle (assoc-ref inputs "nettle")) | |
648 | (sexp-conv (string-append nettle "/bin/sexp-conv"))) | |
d5c969ce LC |
649 | ;; Remove argp from the list of sub-directories; we don't want |
650 | ;; to build it, really. | |
651 | (substitute* "src/Makefile.in" | |
652 | (("^SUBDIRS = argp") | |
653 | "SUBDIRS =")) | |
654 | ||
2102ae2e DC |
655 | ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place |
656 | ;; by default. | |
657 | (substitute* "src/environ.h.in" | |
658 | (("^#define PATH_SEXP_CONV.*") | |
659 | (string-append "#define PATH_SEXP_CONV \"" | |
660 | sexp-conv "\"\n"))) | |
661 | ||
662 | ;; Same for the 'lsh-authorize' script. | |
663 | (substitute* "src/lsh-authorize" | |
664 | (("=sexp-conv") | |
665 | (string-append "=" sexp-conv))) | |
666 | ||
667 | ;; Tell lshd where 'xauth' lives. Another option would be to | |
668 | ;; hardcode "/run/current-system/profile/bin/xauth", thereby | |
669 | ;; reducing the closure size, but that wouldn't work on foreign | |
670 | ;; distros. | |
671 | (with-fluids ((%default-port-encoding "ISO-8859-1")) | |
672 | (substitute* "src/server_x11.c" | |
673 | (("define XAUTH_PROGRAM.*") | |
674 | (string-append "define XAUTH_PROGRAM \"" | |
675 | (assoc-ref inputs "xauth") | |
676 | "/bin/xauth\"\n"))))) | |
677 | ||
678 | ;; Tests rely on $USER being set. | |
679 | (setenv "USER" "guix")))))) | |
21de4160 | 680 | (home-page "https://www.lysator.liu.se/~nisse/lsh/") |
2102ae2e DC |
681 | (synopsis "GNU implementation of the Secure Shell (ssh) protocols") |
682 | (description | |
683 | "GNU lsh is a free implementation of the SSH version 2 protocol. It is | |
684 | used to create a secure line of communication between two computers, | |
685 | providing shell access to the server system from the client. It provides | |
686 | both the server daemon and the client application, as well as tools for | |
687 | manipulating key files.") | |
688 | (license license:gpl2+))) | |
c777570b NG |
689 | |
690 | (define-public sshpass | |
691 | (package | |
692 | (name "sshpass") | |
f43a652d | 693 | (version "1.09") |
c777570b NG |
694 | (source |
695 | (origin | |
696 | (method url-fetch) | |
697 | (uri (string-append "mirror://sourceforge/sshpass/sshpass/" | |
698 | version "/sshpass-" version ".tar.gz")) | |
699 | (sha256 | |
f43a652d | 700 | (base32 "1dwzqknpswa8vjlbwsx9rcq1j2a7px9h9i2anh09pzkz0mg6wx3i")))) |
c777570b | 701 | (build-system gnu-build-system) |
f43a652d NG |
702 | (home-page "https://sourceforge.net/projects/sshpass/") |
703 | (synopsis "Non-interactive password authentication with SSH") | |
7230f6d5 | 704 | (description "sshpass is a tool for non-interactively performing password |
c777570b NG |
705 | authentication with SSH's so-called @dfn{interactive keyboard password |
706 | authentication}.") | |
707 | (license license:gpl2+))) | |
8caeb117 CAW |
708 | |
709 | (define-public autossh | |
710 | (package | |
711 | (name "autossh") | |
d6bbb7e5 | 712 | (version "1.4g") |
8caeb117 CAW |
713 | (source |
714 | (origin | |
715 | (method url-fetch) | |
716 | (uri (string-append | |
26045af9 | 717 | "https://www.harding.motd.ca/autossh/autossh-" |
8caeb117 CAW |
718 | version ".tgz")) |
719 | (sha256 | |
d6bbb7e5 | 720 | (base32 "0xqjw8df68f4kzkns5gcah61s5wk0m44qdk2z1d6388w6viwxhsz")))) |
8caeb117 CAW |
721 | (build-system gnu-build-system) |
722 | (arguments `(#:tests? #f)) ; There is no "make check" or anything similar | |
8394619b | 723 | (inputs (list openssh)) |
8caeb117 CAW |
724 | (synopsis "Automatically restart SSH sessions and tunnels") |
725 | (description "autossh is a program to start a copy of @command{ssh} and | |
726 | monitor it, restarting it as necessary should it die or stop passing traffic.") | |
26045af9 | 727 | (home-page "https://www.harding.motd.ca/autossh/") |
8caeb117 CAW |
728 | (license |
729 | ;; Why point to a source file? Well, all the individual files have a | |
730 | ;; copy of this license in their headers, but there's no separate file | |
731 | ;; with that information. | |
732 | (license:non-copyleft "file://autossh.c")))) | |
227dbd84 RW |
733 | |
734 | (define-public pdsh | |
735 | (package | |
736 | (name "pdsh") | |
91815e8d | 737 | (version "2.34") |
227dbd84 RW |
738 | (source |
739 | (origin | |
740 | (method url-fetch) | |
b982fb1c | 741 | (uri (string-append "https://github.com/chaos/pdsh/" |
742 | "releases/download/pdsh-" version | |
743 | "/pdsh-" version ".tar.gz")) | |
227dbd84 | 744 | (sha256 |
91815e8d | 745 | (base32 "1s91hmhrz7rfb6h3l5k97s393rcm1ww3svp8dx5z8vkkc933wyxl")))) |
227dbd84 RW |
746 | (build-system gnu-build-system) |
747 | (arguments | |
748 | `(#:configure-flags | |
749 | (list "--with-ssh") | |
750 | #:phases | |
751 | (modify-phases %standard-phases | |
752 | (add-after 'unpack 'patch-/bin/sh | |
753 | (lambda _ | |
b982fb1c | 754 | (substitute* '("tests/t0006-pdcp.sh" |
755 | "tests/t0004-module-loading.sh" | |
756 | "tests/t2001-ssh.sh" | |
757 | "tests/t1003-slurm.sh" | |
758 | "tests/t6036-long-output-lines.sh" | |
759 | "tests/aggregate-results.sh" | |
760 | "tests/t2000-exec.sh" | |
761 | "tests/t0002-internal.sh" | |
762 | "tests/t1002-dshgroup.sh" | |
763 | "tests/t5000-dshbak.sh" | |
764 | "tests/t0001-basic.sh" | |
765 | "tests/t0005-rcmd_type-and-user.sh" | |
227dbd84 | 766 | "tests/test-lib.sh" |
b982fb1c | 767 | "tests/t2002-mrsh.sh" |
768 | "tests/t0003-wcoll.sh" | |
227dbd84 RW |
769 | "tests/test-modules/pcptest.c") |
770 | (("/bin/sh") (which "bash"))) | |
b982fb1c | 771 | #t)) |
772 | (add-after 'unpack 'patch-tests | |
773 | (lambda _ | |
774 | (substitute* "tests/t6036-long-output-lines.sh" | |
775 | (("which") (which "which"))) | |
227dbd84 RW |
776 | #t))))) |
777 | (inputs | |
8394619b | 778 | (list openssh mit-krb5 perl)) |
b982fb1c | 779 | (native-inputs |
8394619b | 780 | (list which)) |
b982fb1c | 781 | (home-page "https://github.com/chaos/pdsh") |
227dbd84 RW |
782 | (synopsis "Parallel distributed shell") |
783 | (description "Pdsh is a an efficient, multithreaded remote shell client | |
784 | which executes commands on multiple remote hosts in parallel. Pdsh implements | |
785 | dynamically loadable modules for extended functionality such as new remote | |
786 | shell services and remote host selection.") | |
787 | (license license:gpl2+))) | |
ae72b8f5 | 788 | |
48dec2e0 LDB |
789 | (define-public python-asyncssh |
790 | (package | |
791 | (name "python-asyncssh") | |
f440ccd2 | 792 | (version "2.7.1") |
48dec2e0 LDB |
793 | (source |
794 | (origin | |
795 | (method url-fetch) | |
796 | (uri (pypi-uri "asyncssh" version)) | |
797 | (sha256 | |
798 | (base32 | |
f440ccd2 | 799 | "0lnhh2h1mj79j66ni883s9f3xldnbjb10vh80g24b7m003mm524c")))) |
48dec2e0 LDB |
800 | (build-system python-build-system) |
801 | (propagated-inputs | |
8394619b LC |
802 | (list python-cryptography python-pyopenssl python-gssapi |
803 | python-bcrypt)) | |
48dec2e0 | 804 | (native-inputs |
8394619b | 805 | (list openssh openssl)) |
48dec2e0 LDB |
806 | (arguments |
807 | `(#:phases | |
808 | (modify-phases %standard-phases | |
809 | (add-after 'unpack 'disable-tests | |
810 | (lambda* _ | |
811 | (substitute* "tests/test_agent.py" | |
812 | ;; TODO Test fails for unknown reason | |
813 | (("(.+)async def test_confirm" all indent) | |
814 | (string-append indent "@unittest.skip('disabled by guix')\n" | |
815 | indent "async def test_confirm"))) | |
816 | #t))))) | |
817 | (home-page "https://asyncssh.readthedocs.io/") | |
818 | (synopsis "Asynchronous SSHv2 client and server library for Python") | |
819 | (description | |
820 | "AsyncSSH is a Python package which provides an asynchronous client and | |
821 | server implementation of the SSHv2 protocol on top of the Python 3.6+ asyncio | |
822 | framework.") | |
823 | (license license:epl2.0))) | |
824 | ||
ae72b8f5 MG |
825 | (define-public clustershell |
826 | (package | |
827 | (name "clustershell") | |
f43a7838 | 828 | (version "1.8.4") |
ae72b8f5 MG |
829 | (source |
830 | (origin | |
511a8f8d TGR |
831 | (method git-fetch) |
832 | (uri (git-reference | |
833 | (url "https://github.com/cea-hpc/clustershell") | |
834 | (commit (string-append "v" version)))) | |
835 | (file-name (git-file-name name version)) | |
ae72b8f5 | 836 | (sha256 |
f43a7838 | 837 | (base32 "11b87vyamcw4rvgxz74jxwkr9ly0h9ldp2wqsi5wc19p0r06la5j")))) |
ae72b8f5 | 838 | (build-system python-build-system) |
8394619b LC |
839 | (inputs (list openssh)) |
840 | (propagated-inputs (list python-pyyaml)) | |
ae72b8f5 MG |
841 | (arguments |
842 | `(#:phases (modify-phases %standard-phases | |
843 | (add-before 'build 'record-openssh-file-name | |
844 | (lambda* (#:key inputs #:allow-other-keys) | |
845 | (let ((ssh (assoc-ref inputs "openssh"))) | |
846 | (substitute* "lib/ClusterShell/Worker/Ssh.py" | |
847 | (("info\\(\"ssh_path\"\\) or \"ssh\"") | |
848 | (string-append "info(\"ssh_path\") or \"" | |
f43a7838 | 849 | ssh "/bin/ssh\""))))))))) |
ae72b8f5 MG |
850 | (home-page "https://cea-hpc.github.io/clustershell/") |
851 | (synopsis "Scalable event-driven Python framework for cluster administration") | |
852 | (description | |
853 | "ClusterShell is an event-driven Python framework, designed to run local | |
854 | or distant commands in parallel on server farms or on large GNU/Linux | |
855 | clusters. It will take care of common issues encountered on HPC clusters, | |
856 | such as operating on groups of nodes, running distributed commands using | |
857 | optimized execution algorithms, as well as gathering results and merging | |
858 | identical outputs, or retrieving return codes. ClusterShell takes advantage | |
859 | of existing remote shell facilities such as SSH.") | |
860 | (license license:lgpl2.1+))) | |
87007947 EF |
861 | |
862 | (define-public endlessh | |
863 | (package | |
864 | (name "endlessh") | |
63b148f7 | 865 | (version "1.1") |
87007947 EF |
866 | (source |
867 | (origin | |
63b148f7 TGR |
868 | (method git-fetch) |
869 | (uri (git-reference | |
b0e7b699 | 870 | (url "https://github.com/skeeto/endlessh") |
63b148f7 TGR |
871 | (commit version))) |
872 | (file-name (git-file-name name version)) | |
87007947 | 873 | (sha256 |
63b148f7 | 874 | (base32 "0ziwr8j1frsp3dajr8h5glkm1dn5cci404kazz5w1jfrp0736x68")))) |
87007947 EF |
875 | (build-system gnu-build-system) |
876 | (arguments | |
9c44af6b MD |
877 | `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")) |
878 | ,(string-append "CC=" (cc-for-target))) | |
63b148f7 | 879 | #:tests? #f ; no test target |
87007947 EF |
880 | #:phases |
881 | (modify-phases %standard-phases | |
63b148f7 | 882 | (delete 'configure)))) ; no configure script |
87007947 EF |
883 | (home-page "https://github.com/skeeto/endlessh") |
884 | (synopsis "SSH tarpit that slowly sends an endless banner") | |
885 | (description | |
886 | "Endlessh is an SSH tarpit that very slowly sends an endless, random SSH | |
887 | banner. It keeps SSH clients locked up for hours or even days at a time. The | |
888 | purpose is to put your real SSH server on another port and then let the script | |
889 | kiddies get stuck in this tarpit instead of bothering a real server. | |
890 | ||
891 | Since the tarpit is in the banner before any cryptographic exchange occurs, this | |
892 | program doesn't depend on any cryptographic libraries. It's a simple, | |
893 | single-threaded, standalone C program. It uses @code{poll()} to trap multiple | |
894 | clients at a time.") | |
895 | (license license:unlicense))) | |
3876ed32 OP |
896 | |
897 | (define-public webssh | |
898 | (package | |
899 | (name "webssh") | |
5fb3be0e | 900 | (version "1.5.3") |
3876ed32 OP |
901 | (source (origin |
902 | (method git-fetch) | |
903 | (uri (git-reference | |
904 | (url "https://github.com/huashengdun/webssh") | |
905 | (commit (string-append "v" version)))) | |
906 | (file-name (git-file-name name version)) | |
907 | (sha256 | |
908 | (base32 | |
5fb3be0e | 909 | "1bcy9flrzbvams5p77swwiygv54ac58ia7hpic1bvg30b3wpvv7b")))) |
3876ed32 OP |
910 | (build-system python-build-system) |
911 | (propagated-inputs | |
8394619b | 912 | (list python-paramiko python-tornado)) |
3876ed32 OP |
913 | (home-page "https://webssh.huashengdun.org/") |
914 | (synopsis "Web application to be used as an SSH client") | |
915 | (description "This package provides a web application to be used as an SSH | |
916 | client. | |
917 | ||
918 | Features: | |
919 | @itemize @bullet | |
920 | @item SSH password authentication supported, including empty password. | |
921 | @item SSH public-key authentication supported, including DSA RSA ECDSA | |
922 | Ed25519 keys. | |
923 | @item Encrypted keys supported. | |
924 | @item Two-Factor Authentication (time-based one-time password) supported. | |
925 | @item Fullscreen terminal supported. | |
926 | @item Terminal window resizable. | |
927 | @item Auto detect the ssh server's default encoding. | |
928 | @item Modern browsers are supported. | |
929 | @end itemize") | |
930 | (license license:expat))) |