It is Christmas in July! The summer release of wolfSSH is here, version 1.4.18! Version 1.4.18 brings with it bug fixes, new features, and some enhancements as well! New features in this release include new algorithms and a memory configuration option. We also have a nice round of enhancements which range from channel setup callbacks, […]
Read MoreMore TagCategory: wolfSSH
Vulnerability Disclosure: wolfSSH (CVE-2024-2873)
Affected Users: Anyone using wolfSSH server versions prior to release v1.4.17. Summary: It is possible for a malicious client to bypass user authentication when logging into a wolfSSH server. The wolfSSH server was not rigorous about checking the current state of the key exchange when handling channel open messages. wolfSSH’s example echoserver and the wolfSSHd […]
Read MoreMore TagwolfSSH, SHA-1, and Configuration
wolfSSH is following the industry common practice of removing SHA-1 as a default configuration option. SHA-1 has been considered broken for a while now and shouldn’t be used for security purposes. [RFC 8332](https://datatracker.ietf.org/doc/html/rfc8332) recognizes this for the SSH protocol and offers new RSA-based algorithms for signing authentication messages. In the wolfSSH v1.4.15 release, we were […]
Read MoreMore TagwolfSSH v1.4.17 Improvements and Fixes
wolfSSH has several useful features that were introduced in this most recent release. We have made wolfSSH builds for various systems better and easier. This includes changes to configuration scripts and modifying code to work with various compiler quirks. We’ve made building wolfSSH for Nucleus, QNX, Windows, and ESP32 builds better. And we’ve fixed an […]
Read MoreMore TagwolfSSH Now Includes Curve25519 Support
wolfSSH now has Curve25519 support as of version 1.4.17! Go ahead and download it today. You’ll need both wolfSSL and wolfSSH. Here are instructions to get this up and running to try out yourself. Compile wolfSSL with support for wolfSSH and Curve25519. $ cd wolfssl $ ./configure –enable-wolfssh –enable-curve25519 $ make all $ sudo make […]
Read MoreMore TagwolfSSH Adds Support for Zephyr RTOS
The wolfSSH 1.4.15 release includes brand new support for the Zephyr RTOS. wolfSSH is a lightweight SSH library designed for embedded systems. It is a performant and low footprint solution, making it an ideal choice for IoT devices. The Zephyr RTOS is an open-source, scalable, and flexible real-time operating system tailored for resource-constrained devices. Its […]
Read MoreMore TagwolfSSH – Now Available as an Espressif Managed Component Includes SSH Echo Server Example
Not long ago, we announced preview support for new Espressif Managed Components. This is in addition to the core wolfssl managed component. Today you can add SSH capabilities to your toolbox by visiting this link: https://components.espressif.com/components/wolfssl/wolfssh If the ESP Registry page does not fully load with all the text, try holding down the “ctrl” key […]
Read MoreMore TagProtecting wolfSSH from Passive SSH Key Compromise
About the Compromise Recently, a team led by Keegan Ryan from UCSD discovered that several implementations of the SSH protocol have been potentially leaking information about their keys and they came up with a way of exploiting it. Every now and then, an RSA signature is made with a combination of padding and data that […]
Read MoreMore Tag