dswisher / swish-sftp

Tinkering with SFTP protocol in C#
MIT License
3 stars 0 forks source link

swish-sftp

An experiment with FTP over SSH (SFTP): how far can I get in a weekend towards having a minimalist working server?

The goal is a server that will accept a connection from the MacOS command-line SFTP client and provide a directory listing and/or file for download.

Note that I am not an expert in SSH - quote the contrary. One of my main goals is to learn more in depth about how SSH/SFTP work under the hood. Properly implementing SSH is hard. This code is probably riddled with security vulnerabilies, so please do not use it for anything other than experimentation/learning.

Client Setup

Right now, the server only supports limited encryption algorithms, none of which are offered by default by openssh. Until more algos are implemented, adding an entry to your ~/.ssh/config file can help:

Host localhost
    HostName localhost
    User foo
    Ciphers 3des-cbc
    LogLevel DEBUG3

Then, one can just do (assuming openssh):

sftp localhost

I have tested FileZilla, and it seems to work.

Server Setup

Requirements: the only requirement is that you have dotnet core 3.1 installed.

To make it easy to experiment, everything should be set up and ready to go. Simply run the code in the Swish.Sftp.Server directory:

cd src/Swish.Sftp.Server
dotnet run

The server should be up and running on port 22.

Setting the host key

The repo contains a host server key pre-installed, but you should change it. This process uses the ssh-keygen tool, available as part of openssh. Go to the Swish.Sftp.Server/keys directory and generate new keys:

cd Swish.Sftp.Server/keys
ssh-keygen -t rsa -f ./ssh_host_rsa_key -m PEM

When prompted for a passphrase, just hit enter twice.

The path to the keyfile is specified in the config file (appsettings.json), under sftp/hostKeyPaths/(protocol).

Developer Info

Project Structure

The bulk of the code should be in the class library: src/Swish.Sftp. A test server, src/Swish.Sftp.Server should be pretty minimalist - configure DI/logging/etc and start the server.

Notes

I used some existing code to help guide my implementation. Thanks to all the other open-source folks out there that gave me a head start.

Most of the code should live in a class library. My thought is that it should be netstandard2.0, but perhaps I'll need 2.2 at some point? I don't yet understand all the MSFT versioning, maybe I'm just being dense.

Logging is fun. I'm using Serilog in the Server program.

Links