"Goran Hasse" gorhas@gmail.com writes:
but we could not find any simple "server side" libraries. We don't want X11-forwaring, and all other fantastic things. Just authentication and a secure channel. Nothing more!
What kind of channel do you want? An ordinary session channel (which belongs to the "connection" layer in the ssh stack, and which would let you connect using a plain ssh client), or something more primitive and minimalistic?
The development version of lsh tries to separate the different layers; on the server side, there's one server process that handles the transport protocol, i.e., encryption, message authentication and server authentication. It spawns separate processes for handling the user authentication and for the connection layer (the latter is responsible for the multiplexing multiple channels with flow control, as well as the spawning login shells, the various forwarding features, and connect this functionality to the channel machinery. The processes communicate with eachother over pipes, sending enencrypted ssh packets back and forth.
This makes it possible to use just the transport layer, or transport layer + user authentication, together with other types of services. Depending on what you need, that separation might be of some use for you.
Regards, /Niels