russh icon indicating copy to clipboard operation
russh copied to clipboard

Published 20 hours ago verified publisher icon warp-tech

Is Fork a four letter word?

Open stappersg opened this issue 3 years ago • 6 comments

Screenshot of https://www.reddit.com/r/rust/comments/u3s3m1/i_wrote_a_smarter_ssh_bastion_in_rust/

afbeelding

Idea behind this issue is to decide on the long term future of russh. There is no rush to do so.

stappersg avatar Apr 16 '22 12:04 stappersg

I'm sorry, what?

Eugeny avatar Apr 16 '22 13:04 Eugeny

On Sat, Apr 16, 2022 at 06:19:08AM -0700, Eugeny wrote:

I'm sorry, what?

Express what the long term plans of russh are.

Merging with thrussh or staying independent?

This issue should prevent that the "reddit question" is here raised again.

Having this issue open indicates "pending", closing this issue without answering the question is OK.

stappersg avatar Apr 16 '22 15:04 stappersg

(Disclaimer, I am darleyb on that image)

This issue was a bit confusing at first, but then the author explained their intent, which is similar to what I want to discuss. I have contributed to a Pijul repo in the past (zstd-seekable ) and I also tried to do some work on thrussh, but I didn't manage to find time.

@Eugeny would you have any spare time to report the errors during pijul compilation on your setup? So you could build Pijul and possibly upstream your changes. If you don't, we can discuss the nature of your patches on top of thrussh, e.g. bug fixes, so I can try to upstream them.

One thing I was trying to do a while back was adding experimental feature-gate to use a Rust Crypto crypto primitives instead of libsodium for portability reasons. Since you clearly have more experience with thrussh code, what do you think?

darleybarreto avatar Apr 17 '22 15:04 darleybarreto

@stappersg I'd be happy if thrussh could merge my changes and

@darleybarreto

Hey! Regarding Pijul, on my machine, it's seeing "changes" in a freshly cloned repo:

timestamp = '2022-04-17T19:15:20.303638Z'
authors = []

# Dependencies
[2] NLPZS76WC64DN5RQEOB45KWXUSEP4VJOVEBR6OMCMFX4MYIOMKSAC
[3] FT67GGO45RNEBZZXT5RRIQOOQKZ5IW2CJXORMCCGITC7VOBGKDJAC
[4]+7FRJYUI62VW257VVFQXND6OKSAILVTHGEJCXFE6CG6FIOIUTDVYAC
[*] 7FRJYUI62VW257VVFQXND6OKSAILVTHGEJCXFE6CG6FIOIUTDVYAC
[*] BITIYBKMLSCLMMR7W6NSVFN2NCURLFBSGHSRGRBUMLZDXYF5HJWAC
[*] HDEDMPBT6TKIKQ67T2UYC7QEKF7PG5I6Y4CMRPBDACFY4S3XEWZQC
[*] F4WG4OHQTGJXBASXG57FXX3DB33GY2TMXWCPL4BMPTX6D4HN2ZGQC
[*] 7S7FHFDVSSRB4DCBZINHNWM3QJS6KYAR2L2HADDBDN4IHKN6KGLAC

# Hunks

1. Root add
  up 1.0, new 1:1

2. Moved: "thrussh-libsodium" "thrussh-libsodium"  +dx 1.0
BF:BFD 1.0 -> 2.0:19/2, BF:BF 2.19 -> 4.20:20/2
up 0.2, down 4.20

3. Moved: "thrussh-keys" "thrussh-keys"  +dx 1.0
BF:BFD 1.0 -> 2.48:62/2, BF:BF 2.62 -> 4.5798:5798/2
up 0.2, down 4.5798

4. Moved: "thrussh-config" "thrussh-config"  +dx 1.0
BF:BFD 1.0 -> 3.293:309/3, BF:BF 3.309 -> 4.158258:158258/3
up 0.2, down 4.158258

5. Moved: "thrussh" "thrussh"  +dx 1.0
BF:BFD 1.0 -> 3.368:377/3, BF:BF 3.377 -> 4.165397:165397/3
up 0.2, down 4.165397

6. Moved: "shell.nix" "shell.nix"  1.0
BF:BFD 1.0 -> 3.831:842/3, BF:BF 3.842 -> 4.427539:427539/3
up 0.2, down 4.427539

7. Moved: "cryptovec" "cryptovec"  +dx 1.0
BF:BFD 1.0 -> 3.843:854/3, BF:BF 3.854 -> 4.427973:427973/3
up 0.2, down 4.427973

8. Moved: "README.md" "README.md"  1.0
BF:BFD 1.0 -> 3.883:894/3, BF:BF 3.894 -> 4.441125:441125/3
up 0.2, down 4.441125

9. Moved: "LICENSE-2.0.txt" "LICENSE-2.0.txt"  +x 1.0
BF:BFD 1.0 -> 3.895:912/3, BF:BF 3.912 -> 4.442368:442368/3
up 0.2, down 4.442368

10. Moved: "Cargo.toml" "Cargo.toml"  1.0
BF:BFD 1.0 -> 3.913:925/3, BF:BF 3.925 -> 4.453741:453741/3
up 0.2, down 4.453741

and it's not possible to record anything while excluding these "changes" (pijul record my-changed-file-path still records everythings despite what --help says). At some point I just had to cut my losses :D

While contributing directly to thrussh would be nice, I don't strictly need to, and Pijul makes it impossible anyway, not without working from a Linux box anyway.

I've documented some of my changes as PRs, but not the unwrap removals and clippy warning fixes.

I'm not up to date on how well tested and reviewed the crypto primitives lib is, but if it is, sure, why not. I've only went with libsodium for AES-GCM because it was already there.

Eugeny avatar Apr 17 '22 19:04 Eugeny

I did these steps:

  1. installed using cargo install pijul --version "~1.0.0-beta"
  2. cloned the repo pijul clone https://nest.pijul.com/pijul/thrussh
  3. changed a random file
  4. recorded usingpijul record -m "Adding a test."

It seemed to work.

darleybarreto avatar Apr 18 '22 23:04 darleybarreto

I also found this review of Rust crypto crates (unfortunately from 2021, so probably those crates need to be audited again). But for a experimental feature gate, seems reasonable.

darleybarreto avatar Apr 18 '22 23:04 darleybarreto