Skip to content
A low security shell for those who are in it for the thrill
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

LSSH - A less secure SSH


This is highly WIP library for a C program for executing commands on a remote computer.

Note that the crypto that this uses is not secure, use at your own risk.

Install Dependencies


This is primarily being developed on MacOS, and OpenSSL needs to be installed in order for this to work.

$ brew install openssl


$ apt-get install openssl

Build Steps

  • Building everything: make all
  • Building the server: make server
  • Building the client: make client

Running the server: ./server PORT Running the client: ./client HOST PORT

Implementation Notes


crypto.h contains a few functions that are wrappers around OpenSSL functionality for generating keys and performing encryption for Elliptic Curve Diffie Hellman.

Check out crypto_test_2.c for specific details on how to use these functions.

  • encrypt_data accepts plaintext, a key, initialization vector, and an allocated buffer for the ciphertext, and writes the ciphertext to the buffer. Does not allocate any memory.

  • decrypt accepts ciphertext, a key, initialization vector, and an allocated buffer for the plaintext, and writes the plaintext to the buffer. Does not allocate any memory.

  • gen accepts no arguments, but returns an allocated EVP_PKEY*, which needs to be freed later using the function EVP_PKEY_free.

  • derive is the function that given an EVP_KEY object returns the secret key. The trick here is that it takes the EVP_PKEY, along with the public key of the peer, and returns a secret. This allocates memory, and you should be careful to free it using OPENSSL_FREE.


An important note is that the function i2d_PUBKEY from openssl is used for extracting public keys from the EVP_PKEY objects. There is example usage of this in crypto_test_2.c.


  • Implement RSA authentication
You can’t perform that action at this time.