mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: Regarding MINA Project
Date Thu, 21 Sep 2017 09:28:23 GMT


Le 20/09/2017 à 22:32, harmeet singh a écrit :
> Hi,I was just exploring sshd project, could you provide me documentation of this project.

I would say all you can get is on the web site
(http://mina.apache.org/sshd-project/index.html and
http://mina.apache.org/sshd-project/documentation.html)

If you want to see some samples on how to use it, check the samples :
https://git-wip-us.apache.org/repos/asf?p=mina-sshd.git;a=tree;f=sshd-core/src/test/java/org/apache/sshd;h=f6e0e89724bc188797d39c53c61e61dd342a6ad1;hb=b737b07d251479dd186ce877cad5b0d13b9bb054
> I wanted to check dual authentication feature, looks like it support only single authentication.

I can't tell, but Lyor or Guillaume could answer.

> Also could you please let me know if it can be used for production and is it being patched
regularly for security vulnerabilities, PCI compliance etc.
We just released 1.6.0 two weeks ago. Patches are being applied
regularly. Of course, this is OpenSource code, so if you find something
wrong, feel free to participate. I'm pretty sure it's used in
production, but again, we are just providing source code and packages
(for convenience), people using it are not necesseraly coming back to us
about what they use it for.

FTR, Apache SSHD packages are being downloaded around 70 000 times per
month, and growing (source : https://repository.apache.org/#central-stat)

Regarding PCI compliance, I would say it's on you : due diligence is
required on your side, as we have no idea what you are going to do with
the project. Add to that it would require a huge amount of time if we
were to check all teh aspects of PCI, time we don't have being volunteers.

Again, I'll stress out the fact this is Open Source, we are not paid to
write this code, we offer it to the community, up to the people using it
to either participate or use it at will, but we aren't responsible for
anything else.

Hope it helps !

-- 
Emmanuel Lecharny

Symas.com
directory.apache.org


Mime
View raw message