Do More Research
Get in Touch
  • If you’re interested in a Wind River product, simply answer a few questions and we’ll get in touch right away.
  • If you’d like to speak with someone immediately, call our number for sales inquiries below.

    Toll-free: 800-545-WIND (800-545-9463)

Thank You

Thank you for taking the time to contact us while visiting our website.

A Wind River sales representative will contact you shortly.

Partner Directory

Partner Product

SSHield SSH  (617)
SSHield is a standards based secure shell (SSH / IETF SECSH) protocol implementation designed specifically for embedded and real-time operating systems such as VxWorks, pSOS and embedded variants of Linux. It includes client and server components, secure FTP (SFTP), secure copy (SCP) and multiple authentication methods. It is a member of the SSecure family of network security products offered by TeamF1.

Product Highlights


Customization flexibility:

Also available:

Product Description

SSHield is a robust, standards based, small-footprint Secure Shell (IETF SECSH) implementation for real-time and embedded operating systems such as VxWorks and embedded versions of Linux. Its unique, advanced features include a suite of secure applications such as secure copy (scp), secure FTP (sftp and sftpd), a built-in version of modular FIPS-certified crypto libraries, and support for multiple authentication mechanisms.

The SSHield implementation of the SSHv1 protocol uses RSA based authentication and encryption using public-key cryptography. Its SSHv2 implementation can use either RSA and DSA based authentication and provides additional methods for encryption, including the Advanced Encryption Standard (AES).

SSHield supports the following encryption ciphers and is further capable of supporting others from the included crypto library or new ones as they are developed:

- AES (FIPS certified)

- 3DES (FIPS certified)

- CAST128

- Arcfour

SSHield also provides hmac-sha1 (FIPS certified) and hmac-md5 hashing methods for message integrity protection.

Besides supporting RSA/DSA public-key, X.509 digital certificate, and password/passphrase authentication out of the box, SSHield also includes hooks for customizing the authentication to plug in to various authentication standards such as RADIUS, Kerberos, or other proprietary authentication schemes including hardware tokens and biometric-based methods.

SSHield's port forwarding feature is a powerful generic tunneling feature that allows the transparent and secure forwarding of TCP connections from one network node to another. Using this powerful mechanism, legacy insecure applications can be secured by redirecting traffic through the encrypted tunnel provided by SSHield.

SSHield includes flexible APIs to access the functionality of SFTP secure ftp (client and server) as well as SCP secure copy enables the use of secure file transfer functionality in embedded applications without tedious command line processing.

For applications needing a new command-line interface (CLI) layer, SSHield includes an optional utility function library to generate commands and hook them up to internal application management functionality with ease. For applications that need to secure an existing CLI, the CLI utility library can be scaled easily to reduce resource requirements. SSHield also integrates well with existing CLI based device management frameworks that may already be in place. It has pre-defined interfaces for Rapid Control® CLI and WIND® Manage for CLI allowing for drop-in integration with these products, and can work with other CLI libraries including proprietary ones.

SSHield is compliant with the IETF definition of the SECSH protocol, and is interoperable with freely available and commercial implementations of this protocol. It is also compliant with the T1 Standard on Management Plane Security, a requirement for many OEMs in the telecommunication industry. It has been extensively validated against various SSH clients and servers, SFTP clients and servers, and SCP implementations on embedded and non-embedded platforms including those on Windows®, Solaris®, UNIX®, and Linux. SSHield-enabled connected embedded devices can easily work with other SECSH implementations on a local network or across the Internet.

Web Links

More Information

If you are interested in more information on how Wind River partners with this company, click here.

Subscribe to Wind River

Thank You

Wind River, a wholly owned subsidiary of Intel Corporation (NASDAQ: INTC), is a world leader in embedded and mobile software. Wind River has been pioneering computing inside embedded devices since 1981 and its technology is found in more than 500 million products