diff --git a/net-misc/tinyssh/metadata.xml b/net-misc/tinyssh/metadata.xml index bf058f0aa1..69a03d868c 100644 --- a/net-misc/tinyssh/metadata.xml +++ b/net-misc/tinyssh/metadata.xml @@ -1,19 +1,40 @@ - - contact@hacktivis.me - Haelwenn (lanodan) Monnier - - - janmojzis/tinyssh - https://github.com/janmojzis/tinyssh/issues - - - TinySSH is a minimalistic and secure SSH server which - implements only a subset of SSHv2 features. - - - Use dev-libs/libsodium for cryptography - + + contact@hacktivis.me + Haelwenn (lanodan) Monnier + + + janmojzis/tinyssh + https://github.com/janmojzis/tinyssh/issues + + +Features + + easy auditable - TinySSH has less than 100000 words of code + no dynamic memory allocation - TinySSH has all memory statically allocated (less than 1MB) + simple configuration - TinySSH can’t be misconfigured + reusing code - TinySSH is reusing libraries from CurveCP implementation + reusing software - TinySSH is using tcpserver/systemd socket/inetd for TCP connection + limited amount of features - TinySSH doesn’t have features such: SSH1 protocol, compression, … + no older cryptographic primitives - rsa, dsa, classic diffie-hellman, hmac-md5, hmac-sha1, 3des, arcfour, … + no copyright restrictions - TinySSH is in the public domain (see the licence) + no dependency on OpenSSL - TinySSH has its own crypto library compatible with NaCl, Libsodium + speed - TinySSH can be also compiled using high-speed NaCl library instead of internal. + +Security features + + cryptographic library (minimum 128-bit security, side-channel attack resistant, state-of-the-art crypto, …) + public-key authentication only (no password or hostbased authentication) + +Crypto primitives + + State-of-the-art crypto: ssh-ed25519, curve25519-sha256@libssh.org, chacha20-poly1305@openssh.com + Older standard: ecdsa-sha2-nistp256, ecdh-sha2-nistp256, aes256-ctr, hmac-sha2-256 removed in version 20190101 + Postquantum crypto: sntrup4591761x25519-sha512@tinyssh.org, chacha20-poly1305@openssh.com + + + Use dev-libs/libsodium for cryptography +