{"id":28130272,"url":"https://github.com/brainstorm/ssh-stamp","last_synced_at":"2025-05-14T12:25:53.910Z","repository":{"id":289824901,"uuid":"850509640","full_name":"brainstorm/ssh-stamp","owner":"brainstorm","description":"Your everyday SSH secured serial access","archived":false,"fork":false,"pushed_at":"2025-04-28T10:14:37.000Z","size":1505,"stargazers_count":13,"open_issues_count":22,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-05-11T09:50:03.399Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/brainstorm.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-09-01T01:24:45.000Z","updated_at":"2025-05-07T13:59:39.000Z","dependencies_parsed_at":"2025-04-25T09:34:24.055Z","dependency_job_id":null,"html_url":"https://github.com/brainstorm/ssh-stamp","commit_stats":null,"previous_names":["brainstorm/ssh-stamp"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainstorm%2Fssh-stamp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainstorm%2Fssh-stamp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainstorm%2Fssh-stamp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainstorm%2Fssh-stamp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/brainstorm","download_url":"https://codeload.github.com/brainstorm/ssh-stamp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254141008,"owners_count":22021261,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-05-14T12:25:52.933Z","updated_at":"2025-05-14T12:25:53.885Z","avatar_url":"https://github.com/brainstorm.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SSH Stamp\n\nSponsored by:\n\n![nlnet_zero_commons][nlnet_zero_commons]\n\n# ⚠️ WARNING: Pre-alpha PoC quality, DO NOT use in production. Currently contains highly unsafe business logic auth issues (both password and key management handlers need to be fixed). \n\n# ⚠️ WARNING: Do not file CVEs reports since deficiencies are very much known at this point in time and they'll be worked on soon as part of [this NLNet SSH-Stamp research and development grant][nlnet-grant] ;)\n\nExpect panics, lost bytes on the UART and other tricky UX issues, we are working on it, pull-requests are accepted too!\n\n## Description\n\nYour everyday SSH secured serial access.\n\nThe **SSH Stamp** is a secure wireless to UART bridge\nimplemented in Rust (no_std, no_alloc and no_unsafe whenever possible)\nwith simplicity and robustness as its main design tenets.\n\nThe firmware runs on a microcontroller running Secure SHell Protocol\n(RFC 4253 and related IETF standards series). This firmware can be\nused for multiple purposes, conveniently avoiding physical\ntethering and securely tunneling traffic via SSH by default: easily\nadd telemetry to a (moving) robot, monitor and operate any (domestic)\nappliance remotely, conduct remote cybersecurity audits on\nnetwork gear of a company, reverse engineer hardware and software for\nright to repair purposes, just to name a few examples.\n\nA \"low level to SSH Swiss army knife\".\n\n# Building\n\nRust versions are controlled via `rust-toolchain.toml` and the equivalent defined on the CI workflow.\n\nOn a fresh system the following should be enough to build and run on an ESP32-C6 dev board.\n\n```\nrustup toolchain install stable --component rust-src\nrustup target add riscv32imac-unknown-none-elf\ncargo build --release\n```\n\nRunning on the target:\n\n```\ncargo install espflash\ncargo run --release\n```\n\n# Example usecases\n\nThe following depicts a typical OpenWrt router with a (prototype) SSH Stamp connected to its UART. After ssh-ing into the SSH Stamp, one can interact with the router's UART \"off band\", to i.e:\n\n1. Recover from OpenWrt not booting without needing to open up the case and connect a wired TTL2USB converter. A simple SSH-based \u003cacronym title=\"Board Management Controller\"\u003eBMC\u003c/acronym\u003e.\n2. Capture kernel panics during your router's (ab)normal operation. I.e: [to debug a buggy wireless driver][openwrt_mediatek_no_monitor].\n3. Re-provision the whole OpenWrt installation without having to physically unmount the device from its place, all from your wireless SSH shell comfort.\n\nHere are some PoC shots:\n\n![physical_setup](./docs/img/ssh_stamp_openwrt_setup.png)\n![connection](./docs/img/connecting_to_ssh_stamp.png)\n![openwrt_hello](./docs/img/openwrt_ssh_helloworld.png)\n\n# Generate SBOM\n\n```\ncargo install cargo-cyclonedx\ncargo cyclonedx -f json --manifest-path ./docs/\n```\n\n[nlnet-grant]: https://nlnet.nl/project/SSH-Stamp/\n[openwrt_mediatek_no_monitor]: https://github.com/openwrt/openwrt/issues/16279\n[nlnet_zero_commons]: ./docs/nlnet/zero_commons_logo.svg\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrainstorm%2Fssh-stamp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbrainstorm%2Fssh-stamp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrainstorm%2Fssh-stamp/lists"}