[OpenSSH]

Project History and Credits


OpenSSH is a derivative of the original free ssh 1.2.12 release from Tatu Ylönen. This version was the last one which was free enough for reuse by our project. Parts of OpenSSH still bear Tatu's license which was contained in that release. This version, and earlier ones, used mathematical functions from the libgmp library. That library was also included with these early ssh versions. The libgmp library is made available under the (LGPL) Lesser GNU Public Licence, although versions of that era were under the regular (GPL) GNU Public Licence.

A combined licence for all the pieces is available at http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/LICENCE.

Rapidly after the 1.2.12 release, newer versions bore successively more restrictive licenses, even though libgmp was still included and necessary for using the software. Earlier restrictive licenses forbade people from making a Windows or DOS version. Later licenses restricted the use of ssh in a commercial environment, instead requiring companies to buy an expensive version from Datafellows.

Early in 1999, Björn Grönvall re-discovered this particular release and started fixing bugs. His version of ssh is called OSSH and had only support for SSH 1.3 protocol. Word of mouth has it that OSSH has been integrated into some commercial products in Sweden. As of today, OSSH still does not have SSH 2 protocol support.

OpenBSD project members became aware of Björn's work less than two months before the OpenBSD 2.6 release. We wanted to include support for the ssh protocol in the 2.6 release, but we had to make sure that it was perfect. Therefore, we decided to immediately fork from the OSSH release, and pursue rapid development in the same way as the original OpenBSD security auditing process had happened. As a result of this, at the time of release many of the source code files were already at RCS revision 1.34, some as high as 1.66. Development went very fast indeed, since we had a deadline to meet.

The following team members participated:

Therefore, the version of OpenSSH was based on these older versions of ssh 1.2.12, but with many bugs removed and newer features re-added:

That marked the OpenSSH 1.2.2 release, which was shipped with OpenBSD 2.6 in December 1, 1999. As of that time, most OpenSSH development had been done by Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. We thank the many people who have found bugs and reported them.

Porting OpenSSH

Almost immediately after we shipped our protocol 1 implementation, various non-OpenBSD groups got very, very interested. Damien Miller, Philip Hands, and handful of others started porting OpenSSH to Linux and various other Unix operating systems. From the start of our own efforts, we have felt that even the original ssh code was too complicated, it simply had too many operating system dependencies to deal with. Our approach to writing completely secure and rock solid code avoids dealing with excessive differences like that. Thus, to make the entire development process easier on us all, we decided to split our core development efforts from portability developments. This has worked out very well for us. (As a case in point, compare the number of lines of code between the baseline and portable versions).

SSH 2 Protocol Support

With the OpenBSD 2.6 release out of the way, Markus Friedl decided to pursue SSH 2 protocol support. Slaving away for months, he managed to keep OpenSSH slim and lean, while at the same time managing to turn it into a single piece of software that could do both the SSH 1 and SSH 2 protocols. This version, called OpenSSH 2.0, shipped with OpenBSD 2.7 on June 15, 2000. Most of the checking of Markus' changes were done by Niels Provos and Theo de Raadt. Bob Beck is to be thanked for updating OpenSSL to a newer version.

SFTP Support

Support for the server side of the SFTP sub-protocol was written by Markus Friedl and released in the 2.3.0 release, in November 2000. Soon after, Damien Miller started work on an sftp client, which first shipped in 2.5.0.

Scanning SSH Server Versions

To facilitate the monitoring of deployed SSH servers, e.g. for a company network, Niels Provos wrote the scanssh tool. scanssh scans a list of addresses and networks for running SSH servers and their version numbers. It supports random selection of IP addresses from large network ranges and is useful for gathering statistics on the use of SSH servers in a company or the Internet as whole. The statistics include the SSH protocol supported, and the software versions that are being used.

scanssh is being used to gather statistics about the deployment and use of the SSH protocol on the Internet. The measurements allow insights into the distribution of the different SSH protocols and the market penetration of particular server versions.


SSH: Completely free at last.

SSH... Don't Tell Anyone It's Free
OpenSSH www@openbsd.org
$OpenBSD: history.html,v 1.36 2014/08/13 18:20:33 nick Exp $