wolfSSH now has Curve25519 support as of version 1.4.17! Go ahead and download it today. You’ll need both wolfSSL and wolfSSH. Here are instructions to get this up and running to try out yourself.
Compile wolfSSL with support for wolfSSH and Curve25519.
$ cd wolfssl $ ./configure --enable-wolfssh --enable-curve25519 $ make all $ sudo make install $ sudo ldconfig
After building and installing wolfSSL, you can simply configure wolfSSH with no options and build:
$ cd wolfssh $ ./configure $ make all
The wolfSSH client and server will automatically negotiate the use of Curve25519 for key exchange.
Run the server:
$ ./examples/echoserver/echoserver -f In a separate terminal, run the client: $ ./examples/client/client -u jill -P upthehill
Congratulations! You’ve just made an SSH connection where the key exchange was done with Curve25519.
Our next natural step is to add support for hybrid Curve25519 and Kyber/ML-KEM at NIST security level 1. Want to see this work at a higher priority and accelerated? Let our management know. Simply send a message saying you support our efforts in developing this implementation to facts@wolfSSL.com.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now