emSSH
For trusted access
The secure shell software library emSSH is designed to ensure secure login into an embedded system. It shares the cryptography library, emCrypt, with emSSL, emSecure-RSA, and emSecure-ECDSA, which reduces ROM requirements.
Overview
SEGGER’s emSSH is a secure shell login enabling protected access to any server application in a product. It can be used target-independent in native computer applications and in embedded targets. A wide range of options means maximum compatibility. It can be configured for a minimal memory footprint, ideal for small memory systems.
emSSH is portable – a complete software written in ANSI C, and is compiler and target independent. It can be implemented in PC applications and in embedded designs. Thanks to its configurability, emSSH is high-performance yet with a low memory footprint. Developers can configure the library to fit any speed or size requirements. Unused features can be excluded and needed features added with ease.
Key features
- Compatible with popular SSHv2 clients
- Easy to understand documentation and API
- Secure Copy (SCP) add-on
- Simple to integrate into your environment
- Extensive and detailed manual
- Supports popular hardware cryptography accelerators
- Shares a common cryptography library, emCrypt, with emSSL, emSecure-RSA, and emSecure-ECDSA to reduce ROM requirements
Complete package — Everything needed to secure communication
emSSH is a complete package with everything needed for secure communication. It includes all modules for implementing SSH functionality. Provided in source code, these modules enable complete control of code used in the product, creating transparency and easing the concern of possible backdoors/weaknesses in code, which cannot be checked in precompiled libraries. It offers transparency for all included modules and allows for inspection from auditors.
A simple, yet powerful, API makes the use of emSSH within a product easy. Included are also sample applications in binary and source code, demonstrating how emSSH can be integrated into real-life scenarios.
Example applications
emSSH is shipped with examples to demonstrate command shells using SSH and how to integrate the secure shell login library into an application.
For evaluation, a demo that implements a simple shell based on emSSH is available as a precompiled executable.
Running an emSSH demo on Windows
Open a command line window on Windows and navigate to the directory that contains the SSH_Shell5.exe application. Once there, runSSH_Shell5.exe and you should see something similar to this:
C:> SSH_Shell5.exe
(c) 2015-2017 SEGGER Microcontroller GmbH & Co. KG www.segger.com
emSSH V2.40 - Shell5 compiled Jun 5 2017 11:52:46
Once run, Windows Firewall will present a dialog asking whether to grant network access to the shell application. Proceed and grant access otherwise login to the shell won’t be possible.
Once the shell starts waiting for a connection, it can be connected using the preferred client. In this example we will use Putty. Run Putty and select a new connection to the local PC:
login as: admin
*************************************************************
* This server is powered by SEGGER emSSH. It simply works! *
*************************************************************
admin@127.0.0.1's password:
Welcome to the emSSH command line! Type Ctrl+D to exit.
emSSH> Hello
...Hello
emSSH>
Putty then opens up a terminal window. The server requires authentication of the user. Enter the user name “admin” with password “secret” to log on. After successful login, a shell prompt is displayed. The shell will simply echo everything typed in.
Licensing
emSSH is available under various Embedded Software License models and delivered in source code packages. With a wide range of licensing options, emSSH can fulfill commercial requirements as well as technical requirements. All licenses are one-time payments. emSSH is royalty-free and not subscription-based. This makes the software a part of the equipment expenses, keeping the costs static.
* Applies to second seat/product and all additional seats/products of the Single Product License and Single Developer License.
FAQ
Q: Can I use emSSH with my product?
A: Yes. emSSH can be included in nearly every product — independent from target as well as in native computer applications.
Q: What’s the difference between SSH and SSL?
A: SSH and SSL are completely separate protocols which have very little in common beyond using cryptography to secure a connection. SSH is targeted to secure log in whereas SSL is targeted to secure connection (typically between a web server and a browser).
Q: Do SSL and SSH share any code?
A: SSL and SSH are completely independent source bases. However, they do share the SEGGER Cryptography Toolkit which provides cryptographic algorithm support for both. Since they both rely on a shared component, a system with both emSSL and emSSH built into it will not pay twice for cryptographic algorithm support.
Q: My question is not listed here. What can I do?
A: For any further questions, please feel free to contact us.