First, I want to say a really big "thanks!" for the nice comments several
of you have made (both on and off list) concerning the telnet/pty/xterm
stuff.  Its motivation enough for me to continue to improve it.

On Wed, 10 Jul 2002, Patrick Curtain wrote:
> Agreed!  I'm surprised at how much of my day's effort I can complete 
> staying in squeak.  On my end, though, the terminal app will need secure 
> shell support, ssh, to be useful.
> 
> Is this on anyone's radar?  Anyone already working on it?

I did try rsh/rlogin.  The protocol took about 10 minutes to implement
(seriously: read RFC 1282 [it's 4 pages long] to see how utterly *trivial*
it is compared to telnet) but the server _refuses_ the connections because
it insists that the client be connecting from a privileged port.  Short of
inciting peole to run Squeak as root (ha ha!) I gave it up as a waste of
time.

I notice that ssh is suid root (just like rsh) so I assume sshd also
requires the client connection to be coming from a privileged port.

OTOH, the pty stuff doesn't care in the slightest what you choose run as a
"shell".  Setting the shell command to "/usr/bin/ssh login at machine" works
just fine.  (I've been doing just that to connect through a firewall to
read my mail from within Squeak, without having a local shell in the way.)

Of course this doesn't address the case of using Squeak as "the" (only) OS
on the machine, a situation in which you could legitimately expect to be
able to allocate priviliged ports.  But then you've got a sacred task on
your hands: implementing the ssl layer in the (Squeak) SshProtocol.  (Not
to mention the rest of the TCP stack underneath it. ;-)

I guess an OpenSSL plugin wouldn't be too difficult (but that would be
cheating! ;), but there would still be the problem of allocating the
privileged port.  Plus, if you've got libssl lying around then you've
almost certainly got /usr/bin/ssh lying aroud too -- and we're kind of
back to where we started.

Ian