Support for OpenSSH certificates project created as a part of GSoC 2024

My role : MENTOR

After Google Summer of Code (GSoC), 2023

In the summer of 2023, I participated in the GSoC program with libssh, which was a great experience. After the completion of program, I continued working on the pending tasks related to my GSoC 2023 project and created merge requests to add new features in libssh. Also, based on the code suggestions given by my mentors (Jakub Jelen, Norbert Pocs and Sahana Prasad) during GSoC 2023, I tried to provide code reviews for merge requests created by other contributors for libssh.


My GSoC 2024 mentorship experience

On December 21, 2023, I requested Jakub and Sahana to give me an chance to mentor for GSoC 2024, and I am very grateful that they provided me an opportunity to do so. I had a great time as a mentor during GSoC 2024. A major factor behind that was the backing and support that Jakub and Sahana provided me during the entire period. Also, due to GSoC 2024, I was able to interact with many contributors and review their merge requests. This helped me get familiar with parts of libssh that I didn't explore during GSoC 2023 (specifically the ssh subsystem code).

For GSoC 2024, we collaborated with two contributors, namely Francesco Rollo and Gaurav Singh Sidodiya.


About the collaboration with Francesco

During the GSoC period, I devoted most of my time to Francesco's project that aimed to enhance support for OpenSSH format certificates in libssh. Francesco initially added support for certificate parsing, followed by adding code for host authentication and then user authentication. I would like to mention that before GSoC, during the contributor selection period, we got many proposals for this project. But Francesco's proposal stood out the most due to its great attention to detail. The proposal clearly showed his research and seriousness about the project, while delineating how he would complete each task that his proposal mentioned. This attention to detail also reflected in Francesco's work during the GSoC period, where he didn't compromise on the quality of work even when he was short of time initially due to his university exams.

Francesco's has written a detailed description of his experience in his blog
https://medium.com/@eferollo/my-google-summer-of-code-2024-journey-with-libssh-802e72f935e3

Links to the merge requests that Francesco authored before and during GSoC, 2024:

  1. [GSoC 2024 Project] Add support for OpenSSH format certificates: MR
  2. Move server session options in a new structure and refactor all dependencies: MR
  3. Add support for "-o" option argument in the server and client example: MR
  4. Add support for 'match localnetwork' predicate: MR
  5. Solve issue with freeBSD on match localnetwork feature: MR
  6. Add IPv4/IPv6 loopback fallback for match localnetwork unit-tests: MR

About the collaboration with Gaurav

In case of Gaurav, I helped with the review of the merge request to add support for ProxyJump in libssh in its late stage (after Gaurav and Jakub made the major design decisions and resolved various roadblocks). This was a merge request unrelated to his GSoC project that aimed to add tests for GSSAPI authentication and add support for GSSAPI key exchange. Before GSOC 2024, Gaurav had made multiple contributions to libssh and some of them were fairly complex (in my opinion). These contributions along with his detailed GSoC proposal provided us (the mentors for GSoC 2024) confidence in his abilities and convinced us that he could undertake the proposed project successfully (ultimately leading to his selection for GSoC). I agree with Sahana's observation that Gaurav operates in a very calm and composed manner, which I feel is a desirable quality to have in a programmer.

You can read about Gaurav's experience via his blog
https://xaerru.github.io/gsoc24/

Links to the merge requests that Gaurav authored before and during GSoC, 2024:

  1. [GSoC 2024 project] Testing for GSSAPI Authentication: MR
  2. [GSoC 2024 project] Implementing GSSAPI Key Exchange: MR
  3. Implement proxy jump using libssh: MR
  4. Handle hostkeys like OpenSSH: MR
  5. Fix example server, check for all keys in authorized_keys file: MR
Conclusion

To conclude, this was my first time collaborating with other students/contributors for GSoC. Both the students were sincere with their work and showcased a proactive approach before and during the GSoC period. It was a joy to work with them and I hope they too enjoyed working on libssh. I wish them best of luck for their future.


Acknowledgements
  • I thank God.
  • I thank Google for conducting GSoC.
  • I thank Jakub Jelen and Sahana Prasad for accepting me as a mentor and for their help during the entire GSoC program.
  • I thank Francesco Rollo and Gaurav Singh Sisodiya for their excellent work with libssh for GSoC 2024.
  • I thank my parents, relatives and friends. (Specially, my father for persuading me to contact Jakub and Sahana for the mentorship opportunity)
  • I thank all the libssh contributors for their work and the great environment they maintain at libssh.