License:
The software was released under GNU GPL. You may view the full copyright text at
http://www.opensource.org/licenses/gpl-license.html
Description:
SharedSecret is a program used to negotiate a shared secret (password) between
two hosts in secure way over the Internet. It is written in C, based on
client/server architecture with initial intention to run on POSIX-Compliant Operating Systems.
Client application is provided, so it could be used to agree on password
between two users or create preshared-key for VPN. It could also be used from
other applications; possibly simple API will be provided to hide communication
details. The 1st version of protocol is going to support digitally signed requests/responses.
Signature can be calculated with pre-shared key as HMAC-SHA1 digest or MD5 hash values
with RSA encryption.
Functionality Overview:
Functionality is quite simple. A daemon is running on each side (no root
privileges required) which accepts requests from peer and initiates key exchange
upon client request. It uses Diffie-Hellman key agreement algorithm and very
simple protocol based on TCP to exchange payloads. See
Detail Design Description,
shsec(1),
shsecd(8),
shsecd.conf(5)
for further details.
Download and Install:
Project Summary contains links to
download page, just take the latest source code, unpack, read
INSTALL
file and follow instructions there.
Future Plans:
I have some plans to release a stable and fully functional version of daemon and client
according to design for the 1st version. If you have some thoughts how to improve
usability of the program or have some notes, please, just let me know.
News:
| Date | Version | Changes |
|---|---|---|
| 2005-01-19 | 0.3.4 |
Default setting for VIM editor to all source files were added. Bugfix in installation, variable DESTDIR was ignored in makefile. |
| 2005-01-16 | 0.3.3 |
ACLs implementation. Port to *BSD system. It vas tested on FreeBSD 4.10 only. Several bug fixes, including shsecd crash in daemon mode. Updates to shsecd.conf(5) with details on ACL. |
| 2005-01-05 | 0.3.2 |
Compilation/installation process is moved to autoconf/automake. |
| 2005-01-01 | 0.3.1 |
Authentication with pre-shared key - HMAC-SHA1 signatures. |
| 2004-12-29 | 0.3.0 |
Data payloads in communication replaced by DER-encoded messages. Several small bugfixes. |
| 2004-12-16 | 0.2.2 |
More infomtative messages sent to output. Version number assignment was automated. Bug related to listen() is fixed. Signal handling. |
| 2004-12-16 | 0.2.1 |
Documentation, user manuals, installation support were added. Minor changes in configuration. Client program was renamed into 'shsec'. |
| 2004-12-12 | 0.2.0 |
Configuration file was added. Some command line options were moved to shsecd.conf. |
| 2004-12-10 | 0.1.2 |
Ability to run several instancies on the same system. |
| 2004-12-06 | 0.1.1 |
I added some instructions how to install. |
| 2004-12-05 | 0.1.0 |
Initial release - source code was released for the first time. |