Create SSH Client and Server Functionality

  • Supported Platforms

  • .NET.NET

    Pure managed and integrated components, carefully optimized to achieve maximum performance comparable to native processor code. The .NET edition can be used on .NET and Mono Server and Desktop platforms, in ASP.NET applications, and on Mobile Devices.

  • .NETJava

    Highly integrated Java security library including numerous classes to enable support for a wide range of application-level protocols, security algorithms, and standards. You can use Java security libraries to develop software for desktop and server platforms, mobile devices, and Web applications.

  • .NETC++

    A shared library (.dll on Windows and .so on Linux / macOS) and set of C++ classes. Used in C++ applications for Windows, Linux, macOS, and iOS platforms. Supported compilers include Visual C++, MinGW, gcc, and Xcode.


    Highly integrated and blazingly fast native Delphi (Pascal) components for building native Windows, Linux, and macOS applications. All components are native Delphi, have no third-party binaries or references, and no reliance on Windows CryptoAPI. Also includes Delphi components for building Android and iOS apps.


    Integrated components for PHP scripts running on Linux and Windows servers.


Use SSHBlackbox to either connect to remote servers using SSH client components and classes, or, to create your own SSH server. You will be able to access remote shell, execute remote commands, use secure port forwarding functionality (including dynamic port forwarding, and create custom data exchange.

Flexible Authentication

Supports various authentication schemes such as password-based, public key, or keyboard-interactive, allowing the client authorize itself using several schemes at the same time. SSHBlackbox also supports PKI infrastructure for server and client authentication based on X.509 certificates.

Strong Security

Supports strong encryption with keys up to 16384 bits.

No External Dependencies

SSHBlackbox includes its own implementation of SSH/SFTP protocol family and doesn't include external code such as OpenSSL, OpenSSH, etc.

Full Feature List

SSH Protocol Implementation

  • Support for SSH2 protocol in client and server components
  • Support for SSH1 protocol in client components
  • All possible authentication methods supported: public-key, host-based, password-based, keyboard-interactive, GSS-API (Kerberos, NTLM, custom schemes), OpenPGP key, and X.509 certificate
  • (optional) Public-key authentication using Pageant (part of PuTTY) and ssh-agent (part of OpenSSH)
  • Support of multiple authentication types at the same time lets you build multifactor authentication schemes easily
  • You control SSH key validation of server and client keys
  • (optional) Obfuscated SSH handshake (client side only), if supported by the remote server
  • Support for RSA and DSA public key algorithms
  • Data encryption with AES (128 to 256 bit), Triple DES (3DES), DES, Blowfish, Twofish, Serpent (128 to 256 bit), CAST128 algorithms, or NONE encryption for debugging purposes
  • (optional) ZLib compression to reduce network load and increase security
  • Asynchronous operation mode which helps you easily build synchronous and asynchronous applications
  • Data transfer using events/callbacks, i.e. possibility to secure not only socket-based, but also other types of data exchange
  • FIPS-compliant operation mode

SSH Tunnels

  • Support for shell, command, port forwarding (local and remote), X11, and custom subsystem tunnels
  • Dynamic port forwarding (using built-in SOCKS server functionality) lets you build secure tunnels for your socket applications
  • Support for SFTP subsystem (SFTPBlackbox is required)
  • Support for dynamic tunnels (SSH2 only). With dynamic tunnels, one can create and close logical connections within single SSH connection
  • Support for custom subsystem handlers for custom data exchange over SSH

SSH Key Management

  • Generation of RSA and DSA (DSS) keys
  • Saving and loading of SSH keys in OpenSSH, IETF, and PuTTY formats
  • Import of SSH key material from X.509 certificates
  • Cryptocard and USB Crypto Token support further protects secret information (private and secret keys)
  • Support for key length from 512 to 16384 bits


  • Easy access to remote shell via shell tunnel
  • Execution of commands or groups of commands using shell or command tunnel
  • Convenient synchronous API (you call a method and get result when execution returns)
  • Built-in TCP socket with support for SOCKS and HTTP CONNECT (Web tunneling) proxies with various authentication mechanisms
  • Bandwidth control to avoid overloading of slow networks
  • IPv6 and International Domain Names (IDN) support for maximum network connectivity
  • Port knocking support for advanced security
  • Support for custom DNS servers and DNSSEC for even more security and network stability
  • The ability to use application-provided low-level transports allows you to perform communication over any carrier and not just TCP sockets