A few years ago, Finnish programmer Tatu Ylönen created a
terrifically useful application called the Secure Shell, or SSH.
SSH is a suite of tools that roughly
correspond to Sun's rsh,
rcp, and rlogin commands,
but with one very important difference: paranoia. SSH lets you do
everything rsh, rcp, and
rlogin do, using your choice of
libertarian-grade encryption and authentication methods.
But there was a catch: SSH Version 1 relied heavily on RSA — an
excellent but, until very recently, encumbered (patented) technology
whose owners required that any application that used it be licensed
unless used in noncommercial settings. (Even in noncommercial use,
SSH's legality was murky, especially in the U.S.).
But wait, RSA's U.S. patents expired in September
2000 — problem solved, right?
Almost: Tatu's got to earn a living, so by the time
RSA became less encumbered, SSH itself had become more so as his
company, SSH Communications Security, tightened
the licensing reins. In fact, beginning with SSH Version 2.0,
unlicensed/free commercial use (irrespective of RSA issues) was no
longer permitted. All this despite Tatu's sincere
desire that SSH become an Internet standard, one of the requirements
of which is that at least one free implementation be available.
SSH Communications Security eventually reloosened the licensing reins
with SSH v.2.3, making it free even for commercial use if run on
Linux, FreeBSD,
NetBSD, and
OpenBSD, and
returning the right to free use to all noncommercial users regardless
of the operating system.
But by this time, Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, Dug Song, and others on the OpenBSD team had
taken matters into their own hands. OpenBSD, of course, is the
secure-by-default offshoot of NetBSD, which, in turn, is a free
version of BSD Unix. Theo and our open source brethren in the OpenBSD
project wanted to include SSH in OpenBSD 2.6, but were wary of
SSH's various encumbrances. When they learned that
the Swedish programmer Björn Grönvall
had released an improved version of SSH 1.2.12 called
"OSSH" (1.2.12 was, at the time,
the last completely-free-except-for-RSA version of
Ylönen's SSH), the OpenBSD guys rapidly
got to work on updating and adapting
OSSH for a larger
audience. Their version,
OpenSSH, has been
part of OpenBSD ever since and is now portable to most Unices.