OSNS is a set of tools providing various network services over a secure connection (based on SSH), like:

  • filesharing using SFTP and FUSE
  • backup on server of personal files (using SQLITE and BTRFS on server to provide access to previous versions)
  • network file change notify and notify diskquota
  • text- and video chat in public and private channels
  • remote dekstop using NX
  • store and edit your documents from server using an Open Document Network Protocol (to be done …)

SSH is a very versatile protocol, started early 1995, providing a secure connection between two hosts. See:

https://en.wikipedia.org/wiki/Secure_Shell

One of the qualities of this protocol is the ability to create a dedicated channel for any purpose, above are mentioned some examples.

Sharing a directory on server using SFTP and FUSE

To achieve this I’ve written my own FUSE and SFTP libraries. The reason not to use the default FUSE library (libfuse) is that I needed the different subsystems to integrate for special events like interrupting a FUSE request and network timeouts for example.

Mount a FUSE network filesystem for every user

After a usersession starts, OSNS_client mounts the FUSE network fs at /run/network/%USER%/fs, providing a browseable map of the domains and hosts found using DNS-SD like:

/run/network/sbon/fs/Open Secure Network/bononline.nl/admin/{sbon, public}

Connections are setup using custom SSH libraries, using the latest ciphers like chacha20-poly1305@openssh.com, keyexchange methods like curve25519-sha256@libssh.org and publickey alogorithms like ed25519 and rsa, rsa-sha2-256 and rsa-sha2-512.

The SFTP libraries support the Xfer protocol 3 to 6. Version 3 is the version openssh.com uses for their default SFTP subsystem, the OSNS sftp subsystem supports version 6.

A SSH server OSNS_ssh_server offers additional methods to enumerate the services available. By default SSH servers offer one subsystem: sftp. With OSNS more are available, like backup and file change and filesystem notify, so an extension is required to inform the clients which subsystems are supported by the server.

Using user- and hostpublickey authentication

TODO

The OSNS client and server are using the openssh.com framework for public key authentication. This works good for a small amount of computers, and not a lot of users switching computers. When there are hunderds of computers or more, and likewise users, this is very hard to maintain. The sollution here is using certificates, and certificate authorities (CA), and a shared UID database like OpenLDAP.

Access to GIT repositories using a FUSE fs would also be very nice, also with notifications enabled.

A OSNS user agent, providing fs change notify for the local computer at least, but also integration with supported file sharing methods for network fsnotify. This agent is required since the OSNS client runs as a system service.