Closed NobodyXu closed 1 year ago
I would actually recommend against this — the reason I made this crate go via ssh in the first place was specifically so that callers don't have to audit another crypto implementation. Getting crypto right is super hard, and being able to say "all the crypto here is in OpenSSH, which you're likely already using elsewhere" is a feature.
I would actually recommend against this — the reason I made this crate go via ssh in the first place was specifically so that callers don't have to audit another crypto implementation. Getting crypto right is super hard, and being able to say "all the crypto here is in OpenSSH, which you're likely already using elsewhere" is a feature.
Yeah it makes sense, perhaps we can have another crate doing this and integrate with other parts, such as openssh-sftp-client.
russh
is a rust implementation ofssh
. It's much better than using externalssh
to remove dependency on havingssh
in environment andssh
also contains a lot of terrible coding practices (global states for arguments and program states) and written in C, so having a Rust implementation is preferred.I think we could support this by having a feature and a new set of
Session(Builder)::new_russh
for this.To keep backwards compatibility, I think we should make
openssh::Error
opaque and instead have an opaque type withError::kind()
for inspecting the error kind.