HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: facter: Update to 4.0.34.
[jackhill/guix/guix.git] / gnu / packages / ssh.scm
CommitLineData
2fbf053b 1;;; GNU Guix --- Functional package management for GNU
6a7c4636 2;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
06ed5982 3;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
45f2ffb4 4;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
87007947 5;;; Copyright © 2015, 2016, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
af8f7eb4 6;;; Copyright © 2016, 2019 Leo Famulari <leo@famulari.name>
c777570b 7;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
8caeb117 8;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
91815e8d 9;;; Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
c9a6a36f 10;;; Copyright © 2017 Stefan Reichör <stefan@xsteve.at>
227dbd84 11;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
3c986a7d 12;;; Copyright © 2017 Nikita <nikita@n0.is>
ae72b8f5 13;;; Copyright © 2018 Manuel Graf <graf@init.at>
618631f3 14;;; Copyright © 2019 Gábor Boskovits <boskovits@gmail.com>
b0966ba2 15;;; Copyright © 2019, 2020 Mathieu Othacehe <m.othacehe@gmail.com>
6a39cbe7 16;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
96fe62d8 17;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
2fbf053b
AE		 18;;;
19;;; This file is part of GNU Guix.
20;;;
21;;; GNU Guix is free software; you can redistribute it and/or modify it
22;;; under the terms of the GNU General Public License as published by
23;;; the Free Software Foundation; either version 3 of the License, or (at
24;;; your option) any later version.
25;;;
26;;; GNU Guix is distributed in the hope that it will be useful, but
27;;; WITHOUT ANY WARRANTY; without even the implied warranty of
28;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
29;;; GNU General Public License for more details.
30;;;
31;;; You should have received a copy of the GNU General Public License
32;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
33
34(define-module (gnu packages ssh)
2102ae2e
DC		 35 #:use-module (gnu packages)
36 #:use-module (gnu packages autotools)
37 #:use-module (gnu packages base)
6a7c4636 38 #:use-module (gnu packages boost)
2fbf053b 39 #:use-module (gnu packages compression)
c9a6a36f 40 #:use-module (gnu packages crypto)
2102ae2e 41 #:use-module (gnu packages elf)
2fbf053b 42 #:use-module (gnu packages gnupg)
2102ae2e 43 #:use-module (gnu packages gperf)
fe0b8a78 44 #:use-module (gnu packages groff)
49d294e5 45 #:use-module (gnu packages guile)
618631f3 46 #:use-module (gnu packages libedit)
2102ae2e 47 #:use-module (gnu packages linux)
c9a6a36f 48 #:use-module (gnu packages logging)
2102ae2e
DC		 49 #:use-module (gnu packages m4)
50 #:use-module (gnu packages multiprecision)
87bf526b 51 #:use-module (gnu packages ncurses)
2102ae2e 52 #:use-module (gnu packages nettle)
89e34644 53 #:use-module (gnu packages kerberos)
2102ae2e
DC		 54 #:use-module (gnu packages perl)
55 #:use-module (gnu packages pkg-config)
c9a6a36f 56 #:use-module (gnu packages popt)
6a7c4636 57 #:use-module (gnu packages protobuf)
ae72b8f5 58 #:use-module (gnu packages python)
44d10b1f 59 #:use-module (gnu packages python-xyz)
2102ae2e
DC		 60 #:use-module (gnu packages readline)
61 #:use-module (gnu packages texinfo)
cc2b77df 62 #:use-module (gnu packages tls)
2102ae2e
DC		 63 #:use-module (gnu packages xorg)
64 #:use-module (guix build-system cmake)
65 #:use-module (guix build-system gnu)
ae72b8f5 66 #:use-module (guix build-system python)
2fbf053b 67 #:use-module (guix download)
817efe8b 68 #:use-module (guix git-download)
2102ae2e 69 #:use-module ((guix licenses) #:prefix license:)
befbaebf 70 #:use-module (guix packages)
7e90eb98 71 #:use-module (guix utils)
befbaebf 72 #:use-module (srfi srfi-1))
1681cd4a 73
96fe62d8
TGR		 74(define-public hss
75 (package
76 (name "hss")
77 (version "1.8")
78 (source (origin
79 (method git-fetch)
80 (uri (git-reference
b0e7b699 81 (url "https://github.com/six-ddc/hss")
96fe62d8
TGR		 82 (commit (string-append "v" version))))
83 (file-name (git-file-name name version))
84 (sha256
85 (base32
86 "1rpysj65j9ls30bf2c5k5hykzzjfknrihs58imp178bx1wqzw4jl"))))
87 (inputs
88 `(("readline" ,readline)))
89 (arguments
f718c0a0 90 `(#:make-flags
845f5a03
TGR		 91 (list ,(string-append "CC=" (cc-for-target))
92 (string-append "INSTALL_BIN=" (assoc-ref %outputs "out") "/bin"))
f718c0a0 93 #:tests? #f ; no tests
96fe62d8
TGR		 94 #:phases
95 (modify-phases %standard-phases
f718c0a0 96 (add-after 'unpack 'patch-file-names
96fe62d8
TGR		 97 (lambda* (#:key inputs outputs #:allow-other-keys)
98 (substitute* "Makefile"
96fe62d8
TGR		 99 (("/usr/local/opt/readline")
100 (assoc-ref inputs "readline")))
3b6b337e
TGR		 101 #t))
102 (delete 'configure)))) ; no configure script
96fe62d8
TGR		 103 (build-system gnu-build-system)
104 (home-page "https://github.com/six-ddc/hss/")
105 (synopsis "Interactive SSH client for multiple servers")
16f6889b
TGR		 106 (description
107 "@command{hss} is an interactive SSH client for multiple servers. Commands
108are executed on all servers in parallel. Execution on one server does not need
109to wait for that on another server to finish before starting. One can run a
110command on hundreds of servers at the same time, with almost the same experience
111as a local Bash shell.
96fe62d8 112
16f6889b 113It supports:
96fe62d8 114@itemize @bullet
16f6889b
TGR		 115@item interactive input: based on GNU readline.
116@item history: responding to the @kbd{C-r} key.
117@item auto-completion: @key{TAB}-completion from remote servers for commands and
118file names.
119@end itemize\n")
96fe62d8
TGR		 120 (license license:expat)))
121
1681cd4a 122(define-public libssh
eed00f93
LF		 123 (package
124 (name "libssh")
960abd58 125 (version "0.9.4")
eed00f93
LF		 126 (source (origin
127 (method git-fetch)
128 (uri (git-reference
d5401375 129 (url "https://git.libssh.org/projects/libssh.git")
12995856 130 (commit (string-append "libssh-" version))))
eed00f93
LF		 131 (sha256
132 (base32
960abd58 133 "0qr4vi3k1wv69c95d9j26fiv78pzyksaq8ccd76b8nxar5z1fbj6"))
eed00f93
LF		 134 (file-name (git-file-name name version))))
135 (build-system cmake-build-system)
136 (outputs '("out" "debug"))
137 (arguments
138 '(#:configure-flags '("-DWITH_GCRYPT=ON")
deed349b 139
eed00f93
LF		 140 ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
141 #:tests? #f))
142 (inputs `(("zlib" ,zlib)
ef30ddb2
LDB		 143 ("libgcrypt" ,libgcrypt)
144 ("mit-krb5" ,mit-krb5)))
eed00f93
LF		 145 (synopsis "SSH client library")
146 (description
147 "libssh is a C library implementing the SSHv2 and SSHv1 protocol for client
148and server implementations. With libssh, you can remotely execute programs,
149transfer files, and use a secure and transparent tunnel for your remote
150applications.")
151 (home-page "https://www.libssh.org")
152 (license license:lgpl2.1+)))
2fbf053b
AE		 153
154(define-public libssh2
155 (package
156 (name "libssh2")
61f34ae5 157 (version "1.9.0")
2fbf053b
AE		 158 (source (origin
159 (method url-fetch)
160 (uri (string-append
78d80c5c 161 "https://www.libssh2.org/download/libssh2-"
2fbf053b 162 version ".tar.gz"))
78d80c5c
LF		 163 (sha256
164 (base32
61f34ae5 165 "1zfsz9nldakfz61d2j70pk29zlmj7w2vv46s9l3x2prhcgaqpyym"))))
2fbf053b 166 (build-system gnu-build-system)
e9c14f37
EB		 167 ;; The installed libssh2.pc file does not include paths to libgcrypt and
168 ;; zlib libraries, so we need to propagate the inputs.
169 (propagated-inputs `(("libgcrypt" ,libgcrypt)
170 ("zlib" ,zlib)))
61f34ae5 171 (arguments `(#:configure-flags `("--with-libgcrypt")))
35b9e423 172 (synopsis "Client-side C library implementing the SSH2 protocol")
2fbf053b
AE		 173 (description
174 "libssh2 is a library intended to allow software developers access to
35b9e423 175the SSH-2 protocol in an easy-to-use self-contained package. It can be built
2fbf053b
AE		 176into an application to perform many different tasks when communicating with
177a server that supports the SSH-2 protocol.")
178 (license license:bsd-3)
18e627be 179 (home-page "https://www.libssh2.org/")))
fe0b8a78
AE		 180
181(define-public openssh
182 (package
183 (name "openssh")
7c5c21fd 184 (version "8.3p1")
fe0b8a78 185 (source (origin
644e5f17
TGR		 186 (method url-fetch)
187 (uri (string-append "mirror://openbsd/OpenSSH/portable/"
21f5de6d 188 "openssh-" version ".tar.gz"))
6a39cbe7 189 (patches (search-patches "openssh-hurd.patch"))
644e5f17
TGR		 190 (sha256
191 (base32
7c5c21fd 192 "1cl74ghi9y21dc3f4xa0qamb7dhwacbynh1ks9syprrg8zhgpgpj"))))
fe0b8a78 193 (build-system gnu-build-system)
618631f3
GB		 194 (native-inputs `(("groff" ,groff)
195 ("pkg-config" ,pkg-config)))
196 (inputs `(("libedit" ,libedit)
197 ("openssl" ,openssl)
39012aab 198 ("pam" ,linux-pam)
040b6299 199 ("mit-krb5" ,mit-krb5)
683a4a34 200 ("zlib" ,zlib)
4a697466 201 ("xauth" ,xauth))) ; for 'ssh -X' and 'ssh -Y'
fe0b8a78
AE		 202 (arguments
203 `(#:test-target "tests"
d3552450
LF		 204 ;; Otherwise, the test scripts try to use a nonexistent directory and
205 ;; fail.
206 #:make-flags '("REGRESSTMP=\"$${BUILDDIR}/regress\"")
040b6299 207 #:configure-flags `("--sysconfdir=/etc/ssh"
39012aab 208
040b6299 209 ;; Default value of 'PATH' used by sshd.
9af49832
LC		 210 "--with-default-path=/run/current-system/profile/bin"
211
6db6bcf7 212 ;; configure needs to find krb5-config.
040b6299
JD		 213 ,(string-append "--with-kerberos5="
214 (assoc-ref %build-inputs "mit-krb5")
215 "/bin")
216
6db6bcf7 217 ;; libedit is needed for sftp completion.
618631f3
GB		 218 "--with-libedit"
219
39012aab 220 ;; Enable PAM support in sshd.
3d8c7783
MO		 221 "--with-pam"
222
223 ;; "make install" runs "install -s" by default,
224 ;; which doesn't work for cross-compiled binaries
225 ;; because it invokes 'strip' instead of
226 ;; 'TRIPLET-strip'. Work around this.
227 ,,@(if (%current-target-system)
228 '("--disable-strip")
229 '()))
39012aab 230
fe0b8a78 231 #:phases
a9ee11d5
RW		 232 (modify-phases %standard-phases
233 (add-after 'configure 'reset-/var/empty
234 (lambda* (#:key outputs #:allow-other-keys)
235 (let ((out (assoc-ref outputs "out")))
236 (substitute* "Makefile"
237 (("PRIVSEP_PATH=/var/empty")
238 (string-append "PRIVSEP_PATH=" out "/var/empty")))
239 #t)))
240 (add-before 'check 'patch-tests
241 (lambda _
6db6bcf7
TGR		 242 (substitute* "regress/test-exec.sh"
243 (("/bin/sh") (which "sh")))
244
245 ;; Remove 't-exec' regress target which requires user 'sshd'.
246 (substitute* (list "Makefile"
247 "regress/Makefile")
248 (("^(tests:.*) t-exec(.*)" all pre post)
a9ee11d5
RW		 249 (string-append pre post)))
250 #t))
251 (replace 'install
36f26211 252 (lambda* (#:key outputs (make-flags '()) #:allow-other-keys)
6db6bcf7 253 ;; Install without host keys and system configuration files.
27b6adb7
MW		 254 (apply invoke "make" "install-nosysconf" make-flags)
255 (install-file "contrib/ssh-copy-id"
256 (string-append (assoc-ref outputs "out")
257 "/bin/"))
258 (chmod (string-append (assoc-ref outputs "out")
259 "/bin/ssh-copy-id") #o555)
260 (install-file "contrib/ssh-copy-id.1"
261 (string-append (assoc-ref outputs "out")
262 "/share/man/man1/"))
263 #t)))))
35b9e423 264 (synopsis "Client and server for the secure shell (ssh) protocol")
fe0b8a78
AE		 265 (description
266 "The SSH2 protocol implemented in OpenSSH is standardised by the
267IETF secsh working group and is specified in several RFCs and drafts.
268It is composed of three layered components:
269
270The transport layer provides algorithm negotiation and a key exchange.
271The key exchange includes server authentication and results in a
272cryptographically secured connection: it provides integrity, confidentiality
273and optional compression.
274
275The user authentication layer uses the established connection and relies on
35b9e423
EB		 276the services provided by the transport layer. It provides several mechanisms
277for user authentication. These include traditional password authentication
fe0b8a78
AE		 278as well as public-key or host-based authentication mechanisms.
279
280The connection layer multiplexes many different concurrent channels over the
281authenticated connection and allows tunneling of login sessions and
35b9e423 282TCP-forwarding. It provides a flow control service for these channels.
fe0b8a78 283Additionally, various channel-specific options can be negotiated.")
166191b3 284 (license (license:non-copyleft "file://LICENSE"
fe0b8a78 285 "See LICENSE in the distribution."))
1121a5c6 286 (home-page "https://www.openssh.com/")))
fe0b8a78 287
65c8512f
MO		 288;; OpenSSH without X support. This allows to use OpenSSH without dragging X
289;; libraries to the closure.
290(define-public openssh-sans-x
291 (package
292 (inherit openssh)
293 (name "openssh-sans-x")
294 (inputs (alist-delete "xauth" (package-inputs openssh)))
295 (synopsis "OpenSSH client and server without X11 support")))
296
49d294e5
LC		 297(define-public guile-ssh
298 (package
299 (name "guile-ssh")
6c451e16 300 (version "0.13.0")
6634180f 301 (home-page "https://github.com/artyom-poptsov/guile-ssh")
49d294e5 302 (source (origin
e98c354d
LC		 303 (method git-fetch)
304 (uri (git-reference
305 (url home-page)
306 (commit (string-append "v" version))))
6634180f 307 (file-name (string-append name "-" version ".tar.gz"))
49d294e5
LC		 308 (sha256
309 (base32
6c451e16 310 "1q96h98p6x7ah6nc0d2wfx503fmsj36riv9ka9s79z3lzwaf0k26"))
b0966ba2 311 (modules '((guix build utils)))))
49d294e5 312 (build-system gnu-build-system)
74460d11 313 (outputs '("out" "debug"))
49d294e5 314 (arguments
b0966ba2 315 `(;; It makes no sense to build libguile-ssh.a.
c305ac30
LC		 316 #:configure-flags '("--disable-static")
317
318 #:phases (modify-phases %standard-phases
92b72582 319 (add-before 'build 'fix-libguile-ssh-file-name
8a8f6590 320 (lambda* (#:key outputs #:allow-other-keys)
92b72582
LC		 321 ;; Build and install libguile-ssh.so so that we can use
322 ;; its absolute file name in .scm files, before we build
323 ;; the .go files.
e7c37ed5
TGR		 324 (let* ((out (assoc-ref outputs "out"))
325 (lib (string-append out "/lib")))
326 (invoke "make" "install"
327 "-C" "libguile-ssh"
328 "-j" (number->string
329 (parallel-job-count)))
330 (substitute* (find-files "." "\\.scm$")
331 (("\"libguile-ssh\"")
332 (string-append "\"" lib "/libguile-ssh\"")))
333 #t)))
b0966ba2
MO		 334 ,@(if (%current-target-system)
335 '()
336 '((add-before 'check 'fix-guile-path
337 (lambda* (#:key inputs #:allow-other-keys)
338 (let ((guile (assoc-ref inputs "guile")))
339 (substitute* "tests/common.scm"
340 (("/usr/bin/guile")
341 (string-append guile "/bin/guile")))
342 #t)))))
d0002642
RJ		 343 (add-after 'install 'remove-bin-directory
344 (lambda* (#:key outputs #:allow-other-keys)
345 (let* ((out (assoc-ref outputs "out"))
346 (bin (string-append out "/bin"))
347 (examples (string-append
348 out "/share/guile-ssh/examples")))
349 (mkdir-p examples)
350 (rename-file (string-append bin "/ssshd.scm")
351 (string-append examples "/ssshd.scm"))
352 (rename-file (string-append bin "/sssh.scm")
353 (string-append examples "/sssh.scm"))
354 (delete-file-recursively bin)
355 #t))))
afde8da3
LC		 356 ;; Tests are not parallel-safe.
357 #:parallel-tests? #f))
49d294e5
LC		 358 (native-inputs `(("autoconf" ,autoconf)
359 ("automake" ,automake)
3246cc91 360 ("libtool" ,libtool)
00ee3a71 361 ("texinfo" ,texinfo)
49d294e5 362 ("pkg-config" ,pkg-config)
ce59688d 363 ("which" ,which)
b6bee63b
LC		 364 ("guile" ,guile-3.0))) ;needed when cross-compiling.
365 (inputs `(("guile" ,guile-3.0)
6f9d5b2e 366 ("libssh" ,libssh)
44fd0994 367 ("libgcrypt" ,libgcrypt)))
49d294e5
LC		 368 (synopsis "Guile bindings to libssh")
369 (description
370 "Guile-SSH is a library that provides access to the SSH protocol for
371programs written in GNU Guile interpreter. It is a wrapper to the underlying
372libssh library.")
49d294e5 373 (license license:gpl3+)))
513e1950 374
4d8806c3 375(define-public guile2.0-ssh
75c260ba
LC		 376 (package
377 (inherit guile-ssh)
4d8806c3 378 (name "guile2.0-ssh")
bbb219bd
MO		 379 (native-inputs
380 `(("guile" ,guile-2.0) ;needed when cross-compiling.
381 ,@(alist-delete "guile" (package-native-inputs guile-ssh))))
4d8806c3 382 (inputs `(("guile" ,guile-2.0)
75c260ba 383 ,@(alist-delete "guile" (package-inputs guile-ssh))))))
befbaebf 384
b6bee63b 385(define-public guile2.2-ssh
7e90eb98
LC		 386 (package
387 (inherit guile-ssh)
b6bee63b 388 (name "guile2.2-ssh")
bbb219bd 389 (native-inputs
b6bee63b 390 `(("guile" ,guile-2.2) ;needed when cross-compiling.
bbb219bd 391 ,@(alist-delete "guile" (package-native-inputs guile-ssh))))
b6bee63b 392 (inputs `(("guile" ,guile-2.2)
7e90eb98
LC		 393 ,@(alist-delete "guile" (package-inputs guile-ssh))))))
394
b6bee63b
LC		 395(define-public guile3.0-ssh
396 (deprecated-package "guile3.0-ssh" guile-ssh))
397
513e1950
SHT		 398(define-public corkscrew
399 (package
400 (name "corkscrew")
401 (version "2.0")
402 (source
403 (origin
33c154d6
TGR		 404 (method git-fetch)
405 (uri (git-reference
406 (url "https://github.com/patpadgett/corkscrew")
407 (commit (string-append "v" version))))
408 (sha256
409 (base32 "0g4pkczrc1zqpnxyyjwcjmyzdj5qqcpzwf1bm3965zdwp94bpppf"))
410 (file-name (git-file-name name version))))
513e1950
SHT		 411 (build-system gnu-build-system)
412 (arguments
d2656332 413 `(#:phases
91c52629
EF		 414 (modify-phases %standard-phases
415 (replace 'configure
5b34f56c 416 ;; Replace configure phase as the ./configure script does not like
33c154d6 417 ;; CONFIG_SHELL and SHELL passed as parameters.
5b34f56c
TGR		 418 (lambda* (#:key outputs build target #:allow-other-keys)
419 (let* ((out (assoc-ref outputs "out"))
420 (bash (which "bash"))
91c52629 421 ;; Set --build and --host flags as the provided config.guess
33c154d6 422 ;; is not able to detect them.
5b34f56c 423 (flags `(,(string-append "--prefix=" out)
91c52629
EF		 424 ,(string-append "--build=" build)
425 ,(string-append "--host=" (or target build)))))
426 (setenv "CONFIG_SHELL" bash)
5b34f56c 427 (apply invoke bash "./configure" flags))))
81d95a12
TGR		 428 (add-after 'install 'install-documentation
429 (lambda* (#:key outputs #:allow-other-keys)
430 (let* ((out (assoc-ref outputs "out"))
d2656332 431 (doc (string-append out "/share/doc/" ,name "-" ,version)))
33c154d6 432 (install-file "README.markdown" doc)
81d95a12 433 #t))))))
33c154d6 434 (home-page "https://github.com/patpadgett/corkscrew")
10c95711 435 (synopsis "SSH tunneling through HTTP(S) proxies")
513e1950 436 (description
10c95711
TGR		 437 "Corkscrew tunnels SSH connections through most HTTP and HTTPS proxies.
438Proxy authentication is only supported through the plain-text HTTP basic
439authentication scheme.")
513e1950 440 (license license:gpl2+)))
87bf526b
LC		 441
442(define-public mosh
443 (package
444 (name "mosh")
4b8b245b 445 (version "1.3.2")
87bf526b
LC		 446 (source (origin
447 (method url-fetch)
c3671282 448 (uri (string-append "https://mosh.org/mosh-" version ".tar.gz"))
87bf526b
LC		 449 (sha256
450 (base32
4b8b245b 451 "05hjhlp6lk8yjcy59zywpf0r6s0h0b9zxq0lw66dh9x8vxrhaq6s"))))
87bf526b
LC		 452 (build-system gnu-build-system)
453 (arguments
11379192
EF		 454 '(#:phases
455 (modify-phases %standard-phases
2b504cc3
TGR		 456 (add-after 'unpack 'patch-FHS-file-names
457 (lambda _
458 (substitute* "scripts/mosh.pl"
459 (("/bin/sh")
460 (which "sh")))
461 #t))
11379192
EF		 462 (add-after 'install 'wrap
463 (lambda* (#:key outputs #:allow-other-keys)
464 ;; Make sure 'mosh' can find 'mosh-client' and
465 ;; 'mosh-server'.
466 (let* ((out (assoc-ref outputs "out"))
467 (bin (string-append out "/bin")))
468 (wrap-program (string-append bin "/mosh")
469 `("PATH" ":" prefix (,bin)))))))))
87bf526b
LC		 470 (native-inputs
471 `(("pkg-config" ,pkg-config)))
472 (inputs
473 `(("openssl" ,openssl)
474 ("perl" ,perl)
475 ("perl-io-tty" ,perl-io-tty)
476 ("zlib" ,zlib)
477 ("ncurses" ,ncurses)
478 ("protobuf" ,protobuf)
479 ("boost-headers" ,boost)))
c3671282 480 (home-page "https://mosh.org/")
87bf526b
LC		 481 (synopsis "Remote shell tolerant to intermittent connectivity")
482 (description
2ca12aee
TGR		 483 "Mosh is a remote terminal application that allows client roaming, supports
484intermittent connectivity, and provides intelligent local echo and line editing
485of user keystrokes. It's a replacement for SSH that's more robust and
486responsive, especially over Wi-Fi, cellular, and long-distance links.")
87bf526b 487 (license license:gpl3+)))
8c6cfd55 488
c9a6a36f
SR		 489(define-public et
490 (package
491 (name "et")
492 (version "3.1.0")
493 (source
494 (origin
1be06dda
TGR		 495 (method git-fetch)
496 (uri (git-reference
b0e7b699 497 (url "https://github.com/MisterTea/EternalTCP")
1be06dda 498 (commit (string-append "et-v" version))))
fc32bc45 499 (file-name (git-file-name name version))
c9a6a36f 500 (sha256
1be06dda 501 (base32 "1m5caxckn2ihwp9s2pbyh5amxlpwr7yc54q8s0kb10fr52w2vfnm"))))
c9a6a36f
SR		 502 (build-system cmake-build-system)
503 (arguments `(#:tests? #f))
504 (native-inputs
505 `(("pkg-config" ,pkg-config)))
506 (inputs `(("glog" ,glog)
507 ("gflags" ,gflags)
508 ("libsodium" ,libsodium)
509 ("protobuf" ,protobuf)))
510 (synopsis "Remote shell that automatically reconnects")
511 (description
512 "Eternal Terminal (ET) is a remote shell that automatically reconnects
513without interrupting the session. Unlike SSH sessions, ET sessions will
839ee8d5
TGR		 514survive even network outages and IP changes. ET uses a custom protocol over
515TCP, not the SSH protocol.")
23335e8d 516 (home-page "https://eternalterminal.dev/")
c9a6a36f
SR		 517 (license license:asl2.0)))
518
8c6cfd55
JD		 519(define-public dropbear
520 (package
521 (name "dropbear")
4a498d00 522 (version "2020.80")
e190d12e
TGR		 523 (source
524 (origin
525 (method url-fetch)
526 (uri (string-append
527 "https://matt.ucc.asn.au/dropbear/releases/"
528 "dropbear-" version ".tar.bz2"))
529 (sha256
4a498d00 530 (base32 "0jbrbpdzyv11x5rkljdimzq9p6a7da5siw9k405ibnpjj4dr89yr"))))
8c6cfd55 531 (build-system gnu-build-system)
e190d12e 532 (arguments `(#:tests? #f)) ; there is no "make check" or anything similar
d5612439
LF		 533 ;; TODO: Investigate unbundling libtommath and libtomcrypt or at least
534 ;; cherry-picking important bug fixes from them. See <bugs.gnu.org/24674>
535 ;; for more information.
8c6cfd55
JD		 536 (inputs `(("zlib" ,zlib)))
537 (synopsis "Small SSH server and client")
538 (description "Dropbear is a relatively small SSH server and
35b9e423
EB		 539client. It runs on a variety of POSIX-based platforms. Dropbear is
540particularly useful for embedded systems, such as wireless routers.")
8c6cfd55
JD		 541 (home-page "https://matt.ucc.asn.au/dropbear/dropbear.html")
542 (license (license:x11-style "" "See file LICENSE."))))
2102ae2e
DC		 543
544(define-public liboop
545 (package
546 (name "liboop")
506737f1 547 (version "1.0.1")
2102ae2e
DC		 548 (source
549 (origin
550 (method url-fetch)
506737f1
TGR		 551 (uri (string-append "http://ftp.lysator.liu.se/pub/liboop/"
552 name "-" version ".tar.gz"))
2102ae2e
DC		 553 (sha256
554 (base32
506737f1 555 "1q0p1l72pq9k3bi7a366j2rishv7dzzkg3i6r2npsfg7cnnidbsn"))))
2102ae2e 556 (build-system gnu-build-system)
359b137c 557 (home-page "https://www.lysator.liu.se/liboop/")
2102ae2e
DC		 558 (synopsis "Event loop library")
559 (description "Liboop is a low-level event loop management library for
560POSIX-based operating systems. It supports the development of modular,
561multiplexed applications which may respond to events from several sources. It
562replaces the \"select() loop\" and allows the registration of event handlers
563for file and network I/O, timers and signals. Since processes use these
564mechanisms for almost all external communication, liboop can be used as the
565basis for almost any application.")
566 (license license:lgpl2.1+)))
567
568(define-public lsh
569 (package
570 (name "lsh")
571 (version "2.1")
572 (source (origin
573 (method url-fetch)
574 (uri (string-append "mirror://gnu/lsh/lsh-"
575 version ".tar.gz"))
576 (sha256
577 (base32
578 "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
579 (modules '((guix build utils)))
580 (snippet
581 '(begin
582 (substitute* "src/testsuite/functions.sh"
583 (("localhost")
584 ;; Avoid host name lookups since they don't work in
585 ;; chroot builds.
586 "127.0.0.1")
587 (("set -e")
588 ;; Make tests more verbose.
589 "set -e\nset -x"))
590
591 (substitute* (find-files "src/testsuite" "-test$")
592 (("localhost") "127.0.0.1"))
593
594 (substitute* "src/testsuite/login-auth-test"
6cbee49d
MW		 595 (("/bin/cat") "cat"))
596 #t))))
2102ae2e
DC		 597 (build-system gnu-build-system)
598 (native-inputs
599 `(("m4" ,m4)
600 ("guile" ,guile-2.0)
601 ("gperf" ,gperf)
602 ("psmisc" ,psmisc))) ; for `killall'
603 (inputs
604 `(("nettle" ,nettle-2)
605 ("linux-pam" ,linux-pam)
606
607 ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
608 ;; Readline 6.3.
609 ("readline" ,readline-6.2)
610
611 ("liboop" ,liboop)
612 ("zlib" ,zlib)
613 ("gmp" ,gmp)
614
615 ;; The server (lshd) invokes xauth when X11 forwarding is requested.
616 ;; This adds 24 MiB (or 27%) to the closure of lsh.
617 ("xauth" ,xauth)))
618 (arguments
619 '(;; Skip the `configure' test that checks whether /dev/ptmx &
620 ;; co. work as expected, because it relies on impurities (for
621 ;; instance, /dev/pts may be unavailable in chroots.)
d5c969ce
LC		 622 #:configure-flags '("lsh_cv_sys_unix98_ptys=yes"
623
624 ;; Use glibc's argp rather than the bundled one.
625 "--with-system-argp"
626
627 ;; 'lsh_argp.h' checks HAVE_ARGP_PARSE but nothing
628 ;; defines it.
629 "CPPFLAGS=-DHAVE_ARGP_PARSE")
2102ae2e
DC		 630
631 ;; FIXME: Tests won't run in a chroot, presumably because
632 ;; /etc/profile is missing, and thus clients get an empty $PATH
633 ;; and nothing works.
634 #:tests? #f
635
636 #:phases
637 (modify-phases %standard-phases
638 (add-before 'configure 'pre-configure
639 (lambda* (#:key inputs #:allow-other-keys)
640 (let* ((nettle (assoc-ref inputs "nettle"))
641 (sexp-conv (string-append nettle "/bin/sexp-conv")))
d5c969ce
LC		 642 ;; Remove argp from the list of sub-directories; we don't want
643 ;; to build it, really.
644 (substitute* "src/Makefile.in"
645 (("^SUBDIRS = argp")
646 "SUBDIRS ="))
647
2102ae2e
DC		 648 ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
649 ;; by default.
650 (substitute* "src/environ.h.in"
651 (("^#define PATH_SEXP_CONV.*")
652 (string-append "#define PATH_SEXP_CONV \""
653 sexp-conv "\"\n")))
654
655 ;; Same for the 'lsh-authorize' script.
656 (substitute* "src/lsh-authorize"
657 (("=sexp-conv")
658 (string-append "=" sexp-conv)))
659
660 ;; Tell lshd where 'xauth' lives. Another option would be to
661 ;; hardcode "/run/current-system/profile/bin/xauth", thereby
662 ;; reducing the closure size, but that wouldn't work on foreign
663 ;; distros.
664 (with-fluids ((%default-port-encoding "ISO-8859-1"))
665 (substitute* "src/server_x11.c"
666 (("define XAUTH_PROGRAM.*")
667 (string-append "define XAUTH_PROGRAM \""
668 (assoc-ref inputs "xauth")
669 "/bin/xauth\"\n")))))
670
671 ;; Tests rely on $USER being set.
672 (setenv "USER" "guix"))))))
21de4160 673 (home-page "https://www.lysator.liu.se/~nisse/lsh/")
2102ae2e
DC		 674 (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
675 (description
676 "GNU lsh is a free implementation of the SSH version 2 protocol. It is
677used to create a secure line of communication between two computers,
678providing shell access to the server system from the client. It provides
679both the server daemon and the client application, as well as tools for
680manipulating key files.")
681 (license license:gpl2+)))
c777570b
NG		 682
683(define-public sshpass
684 (package
685 (name "sshpass")
686 (version "1.06")
687 (synopsis "Non-interactive password authentication with SSH")
688 (home-page "https://sourceforge.net/projects/sshpass/")
689 (source
690 (origin
691 (method url-fetch)
692 (uri (string-append "mirror://sourceforge/sshpass/sshpass/"
693 version "/sshpass-" version ".tar.gz"))
694 (sha256
695 (base32
696 "0q7fblaczb7kwbsz0gdy9267z0sllzgmf0c7z5c9mf88wv74ycn6"))))
697 (build-system gnu-build-system)
698 (description "sshpass is a tool for non-interactivly performing password
699authentication with SSH's so-called @dfn{interactive keyboard password
700authentication}.")
701 (license license:gpl2+)))
8caeb117
CAW		 702
703(define-public autossh
704 (package
705 (name "autossh")
d6bbb7e5 706 (version "1.4g")
8caeb117
CAW		 707 (source
708 (origin
709 (method url-fetch)
710 (uri (string-append
26045af9 711 "https://www.harding.motd.ca/autossh/autossh-"
8caeb117
CAW		 712 version ".tgz"))
713 (sha256
d6bbb7e5 714 (base32 "0xqjw8df68f4kzkns5gcah61s5wk0m44qdk2z1d6388w6viwxhsz"))))
8caeb117
CAW		 715 (build-system gnu-build-system)
716 (arguments `(#:tests? #f)) ; There is no "make check" or anything similar
717 (inputs `(("openssh" ,openssh)))
718 (synopsis "Automatically restart SSH sessions and tunnels")
719 (description "autossh is a program to start a copy of @command{ssh} and
720monitor it, restarting it as necessary should it die or stop passing traffic.")
26045af9 721 (home-page "https://www.harding.motd.ca/autossh/")
8caeb117
CAW		 722 (license
723 ;; Why point to a source file? Well, all the individual files have a
724 ;; copy of this license in their headers, but there's no separate file
725 ;; with that information.
726 (license:non-copyleft "file://autossh.c"))))
227dbd84
RW		 727
728(define-public pdsh
729 (package
730 (name "pdsh")
91815e8d 731 (version "2.34")
227dbd84
RW		 732 (source
733 (origin
734 (method url-fetch)
b982fb1c 735 (uri (string-append "https://github.com/chaos/pdsh/"
736 "releases/download/pdsh-" version
737 "/pdsh-" version ".tar.gz"))
227dbd84 738 (sha256
91815e8d 739 (base32 "1s91hmhrz7rfb6h3l5k97s393rcm1ww3svp8dx5z8vkkc933wyxl"))))
227dbd84
RW		 740 (build-system gnu-build-system)
741 (arguments
742 `(#:configure-flags
743 (list "--with-ssh")
744 #:phases
745 (modify-phases %standard-phases
746 (add-after 'unpack 'patch-/bin/sh
747 (lambda _
b982fb1c 748 (substitute* '("tests/t0006-pdcp.sh"
749 "tests/t0004-module-loading.sh"
750 "tests/t2001-ssh.sh"
751 "tests/t1003-slurm.sh"
752 "tests/t6036-long-output-lines.sh"
753 "tests/aggregate-results.sh"
754 "tests/t2000-exec.sh"
755 "tests/t0002-internal.sh"
756 "tests/t1002-dshgroup.sh"
757 "tests/t5000-dshbak.sh"
758 "tests/t0001-basic.sh"
759 "tests/t0005-rcmd_type-and-user.sh"
227dbd84 760 "tests/test-lib.sh"
b982fb1c 761 "tests/t2002-mrsh.sh"
762 "tests/t0003-wcoll.sh"
227dbd84
RW		 763 "tests/test-modules/pcptest.c")
764 (("/bin/sh") (which "bash")))
b982fb1c 765 #t))
766 (add-after 'unpack 'patch-tests
767 (lambda _
768 (substitute* "tests/t6036-long-output-lines.sh"
769 (("which") (which "which")))
227dbd84
RW		 770 #t)))))
771 (inputs
772 `(("openssh" ,openssh)
773 ("mit-krb5" ,mit-krb5)
774 ("perl" ,perl)))
b982fb1c 775 (native-inputs
776 `(("which" ,which)))
777 (home-page "https://github.com/chaos/pdsh")
227dbd84
RW		 778 (synopsis "Parallel distributed shell")
779 (description "Pdsh is a an efficient, multithreaded remote shell client
780which executes commands on multiple remote hosts in parallel. Pdsh implements
781dynamically loadable modules for extended functionality such as new remote
782shell services and remote host selection.")
783 (license license:gpl2+)))
ae72b8f5
MG		 784
785(define-public clustershell
786 (package
787 (name "clustershell")
7b2f99cd 788 (version "1.8.3")
ae72b8f5
MG		 789 (source
790 (origin
791 (method url-fetch)
40f24301
EF		 792 (uri (string-append "https://github.com/cea-hpc/clustershell/releases"
793 "/download/v" version
794 "/ClusterShell-" version ".tar.gz"))
ae72b8f5 795 (sha256
7b2f99cd 796 (base32 "1qdcgh733szwj9r1gambrgfkizvbjci0bnnkds9a8mnyb3sasnan"))))
ae72b8f5
MG		 797 (build-system python-build-system)
798 (inputs `(("openssh" ,openssh)))
799 (propagated-inputs `(("python-pyyaml" ,python-pyyaml)))
800 (arguments
801 `(#:phases (modify-phases %standard-phases
802 (add-before 'build 'record-openssh-file-name
803 (lambda* (#:key inputs #:allow-other-keys)
804 (let ((ssh (assoc-ref inputs "openssh")))
805 (substitute* "lib/ClusterShell/Worker/Ssh.py"
806 (("info\\(\"ssh_path\"\\) or \"ssh\"")
807 (string-append "info(\"ssh_path\") or \""
808 ssh "/bin/ssh\"")))
809 #t))))))
810 (home-page "https://cea-hpc.github.io/clustershell/")
811 (synopsis "Scalable event-driven Python framework for cluster administration")
812 (description
813 "ClusterShell is an event-driven Python framework, designed to run local
814or distant commands in parallel on server farms or on large GNU/Linux
815clusters. It will take care of common issues encountered on HPC clusters,
816such as operating on groups of nodes, running distributed commands using
817optimized execution algorithms, as well as gathering results and merging
818identical outputs, or retrieving return codes. ClusterShell takes advantage
819of existing remote shell facilities such as SSH.")
820 (license license:lgpl2.1+)))
87007947
EF		 821
822(define-public endlessh
823 (package
824 (name "endlessh")
63b148f7 825 (version "1.1")
87007947
EF		 826 (source
827 (origin
63b148f7
TGR		 828 (method git-fetch)
829 (uri (git-reference
b0e7b699 830 (url "https://github.com/skeeto/endlessh")
63b148f7
TGR		 831 (commit version)))
832 (file-name (git-file-name name version))
87007947 833 (sha256
63b148f7 834 (base32 "0ziwr8j1frsp3dajr8h5glkm1dn5cci404kazz5w1jfrp0736x68"))))
87007947
EF		 835 (build-system gnu-build-system)
836 (arguments
837 '(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
838 "CC=gcc")
63b148f7 839 #:tests? #f ; no test target
87007947
EF		 840 #:phases
841 (modify-phases %standard-phases
63b148f7 842 (delete 'configure)))) ; no configure script
87007947
EF		 843 (home-page "https://github.com/skeeto/endlessh")
844 (synopsis "SSH tarpit that slowly sends an endless banner")
845 (description
846 "Endlessh is an SSH tarpit that very slowly sends an endless, random SSH
847banner. It keeps SSH clients locked up for hours or even days at a time. The
848purpose is to put your real SSH server on another port and then let the script
849kiddies get stuck in this tarpit instead of bothering a real server.
850
851Since the tarpit is in the banner before any cryptographic exchange occurs, this
852program doesn't depend on any cryptographic libraries. It's a simple,
853single-threaded, standalone C program. It uses @code{poll()} to trap multiple
854clients at a time.")
855 (license license:unlicense)))
jackhill's copy of GNU Guix: https://guix.gnu.org/