X

ESP32 port of libssh

By Ewan
December 28, 2020

Finally an embedded SSH Server and Client is available.  After significant and long-standing demand, I am porting the libssh library to the ESP32 system-on-chip as an Arduino library.

Milestones

  • Compiles without errors.
  • Links without any symbols missing.
  • SSH Server example functional (create server key and run ssh server).
  • SSH Client example functional.
  • Updated to latest stable 0.10.4 release of libssh.

Further Work

  • Create a pull request for arduino-esp32 to make minor fixes and allow this library to compile (done, but needs to be re-done on the upstream esp-idf repository, no longer needed 9th November 2022).
  • Make the source tree release-clean (complete).
  • Push to GitHub (done, version 0.2.0 first pushed on 25th April 2020).
  • Publish on the Arduino library list (complete).

Bugs to be squashed

  • SSH server does not listen on IPv6 addresses, only IPv4 addresses (done, example listened on IPv4 address 0.0.0.0 by default (so supplied a parameter to permit both IPv4 and IPv6).
  • Timeout when SSH client attempts connection to server over a routed TCP/IP connection (no longer an issue). I believe this is due to a more generic issue with the ESP32 TCP/IP stack since I have witnessed it with other code the first time a large network packet is returned from the ESP32 to a client that is not on the ESP32's local network (done, fixed by new Espressif release).
  • If you use PuTTY as a client to the ESP32 running a server, then on the PuTTY bugs panel you may need to enable Chokes on PuTTY's SSH-2 ‘winadj’ requests.  This will prevent random disconnections that may occur after a few minutes have elapsed.

The library and source code are available on GitHub in the LibSSH-ESP32 project and have moved to a stable release now.

New for November 2021, major release 2.1.0 supporting ESP32-C3.

New for November 2022, major release 3.0.0 supporting ESP32-S3.

Observations

There is a bug in ESP32 Arduino code that causes a Guru Mediation if calling SHA256 functions concurrently.  If you are making/receiving multiple SSH sessions and see and error such as this:

assertion "uxSemaphoreGetCount(engine_state) == 0 && "SHA engine should be locked"" failed

then the solution is to disable the hardware-accelerated SHA256 routines.  This has little impact to performance.  Disable CONFIG_MBEDTLS_HARDWARE_SHA in the sdkconfig and recompile the ESP32 Arduino framework.

Classifications
Arduino
ESP32
C
Networking