TinySSH is a small SSH server using NaCl, TweetNaCl

Project scope and goals

  • TinySSH is a minimal SSH server focused on small size, static memory usage, and reduced attack surface.
  • It uses NaCl/TweetNaCl for cryptography and intentionally implements only a subset of SSH features.

Comparison with Dropbear and OpenSSH

  • Compared to Dropbear:
    • TinySSH is more restricted: only key-based auth, a single AEAD cipher, a single elliptic-curve KEX, no RSA, no password auth, no X11/agent/port forwarding, no key restrictions like in OpenSSH.
    • Dropbear aims to be small but still “featureful” and closer to RFC-compliant SSH.
    • TinySSH explicitly trades standards coverage and features for simplicity and a smaller attack surface.
  • Some argue OpenSSH can already meet most needs and that its extra size is negligible for modern systems, including initrd.

Security properties and design

  • TinySSH uses no dynamic memory allocation and has all memory statically allocated (<1 MB), which is claimed to lower risk.
  • It avoids “unsafe features” such as password or hostbased authentication by design.
  • There is skepticism about:
    • Whether ~60–100k “words of code” is truly “easily auditable”.
    • The project’s use of its “own crypto library”.

Use cases: initrd, remote unlocking, embedded

  • Several comments highlight TinySSH (and Dropbear/OpenSSH variants) for:
    • Remote unlocking of encrypted disks during early boot (initramfs/dracut/mkinitcpio hooks).
    • Small static userlands and embedded devices.
  • Multiple tools and approaches are mentioned for automated or remote unlock (Dropbear-based unlockers, Mandos, Clevis+Tang, TPM-based schemes), with debate over trust in the boot chain and threat models.
  • Missing port forwarding is seen as a downside for some embedded/remote scenarios.

Passwords and device enrollment

  • Lack of password auth raises practical questions for shared or constrained devices (printers, routers, cars).
  • Suggested workaround: device-generated keys shown via QR or similar, then user installs their own keys.

Licensing discussion

  • TinySSH is licensed under CC0 1.0.
  • Several comments say CC0 is not ideal for software due to explicit exclusion of patent/trademark rights.
  • Alternatives like very-permissive software licenses are suggested; some propose dual/multi-licensing.
  • The earlier Creative Commons “termination” issue is noted, but commenters state it does not apply to CC0 specifically.

Broader perspective

  • Some see TinySSH as an appealing “small and beautiful” tool for specific niches.
  • Others argue that replacing OpenSSH in general is unlikely, given its maturity, deployment scale, and security track record.