Technology news and Jobs 
Our Blogs Open Sauce Life in the trenches: an OpenSSH developer speaks
Our Blogs Open Sauce Life in the trenches: an OpenSSH developer speaks | Life in the trenches: an OpenSSH developer speaks |
|
| by Sam Varghese | |
| Friday, 24 October 2008 | |
|
Page 2 of 6 His father, a doctor, encouraged the interest in computers but that apart there is nothing in his family circumstances that led him to this field. "I think my first computer was a BBC Micro which was made by Acorn, a company in the UK which went on to develop the ARM processor which is in many mobile phones these days," says Miller. Featured Whitepaper
5 Best Practices for Smartphone Support
"They made one computer under the aegis of the BBC as an educational tool for schools. It was quite a fun machine on which to learn to program; it had a BASIC interpreter as most machines of the time did but it also had a built-in assembler. You very quickly realised that programming it in BASIC was an exercise in frustration and you'd very quickly have to learn to program it in assembly language which is probably the first introduction I got to how a computer really works." Once the interest in programming was rekindled, Miller taught himself to program in C and that led to his first real job, helping a friend in Singapore set up a web hosting company. in about 1995-96, the time when the web was beginning to be exploited as a commercial medium. From there he switched to the Melbourne company, IBS. Once Miller heard of what the OpenBSD project had done with SSH, he decided that this would be a great thing for IBS to use. The OpenBSD developers had taken the code from Ylonen's SSH with the least restrictions and cleaned it up. "Initially that meant fixing a lot of security bugs that had been found in the intervening years between the last free version and the time the OpenSSH guys picked it up. It also included porting it over to OpenSSL, adding some features and making it a part of a BSD system. They were a couple of months into this process when I heard about it and decided that this would be a great thing for us in our company if we could run it on our Linux products as well." There were quite a few people involved in OpenSSH from the OpenBSD side. "There were Theo de Raadt, Niels Provos, Markus Friedl, Dug Song, Aaron Campbell, and possibly Todd Miller," he recalls. "I wasn't an OpenBSD developer or user, certainly not back then." He released his patchset to make OpenSSH run on Linux. "Then I probably got an email from Theo saying 'you're doing it all wrong'," he says. "And buried among all the constructive criticism, was one suggestion: 'you're basically re-implementing things which we've solved in our implementation. Why don't you take our implementation and use that?' They were talking about some safe string handling functions that they had implemented well and I had implemented badly for my Linux port of OpenSSH. "The standard C library defines some functions for copying and concatenating strings; and the standard ones, some of them have got flaws, and some of them lend themselves to unsafe use from a security perspective. Fairly early in the OpenBSD project, Todd Miller devised some variants of these which had an API that is much more conducive to safe use. One of the first things which the OpenSSH developers did was convert over the code to use these safe functions. Most operating systems back then didn't have these as part of their standard C library. These days apart from Linux, most others have them." |
| < Next story in category | Previous story in the category > |
|---|
