LSHD(8)
NAME
lshd - secsh (SSH2) server
SYNOPSIS
lshd [OPTION...]
DESCRIPTION
CAUTION! The information in this manpage may be invalid or outdated.
For authorative information on lsh, please see it's Texinfo manual (see
the SEE ALSO section).
lshd is a server for the SSH-2 (secsh) protocol.
OPTIONS
Miscellaneous options:
- -h, --host-key=Key file
- Location of the server's private key.
- --interface=interface
- Listen on this network interface.
- -p, --port=Port
- Listen on this port.
- --debug
- Print huge amounts of debug information
- --log-file=File name
- Append messages to this file.
- -q, --quiet
- Suppress all warnings and diagnostic messages
- --trace
- Detailed trace
- -v, --verbose
- Verbose diagnostic messages
- Algorithm selection:
- -c, --crypto=Algorithm
- --hostkey-algorithm=Algorithm
- --list-algorithms
- List supported algorithms.
- -m, --mac=Algorithm
- -z, --compression[=Algorithm]
- Default is zlib.
- --banner-file=File name
- Banner file to send before handshake.
- Keyexchange options:
- --dh-keyexchange
- Enable DH support (default).
- --no-dh-keyexchange
- Disable DH support.
- --no-srp-keyexchange
- Disable experimental SRP support (default).
- --srp-keyexchange
- Enable experimental SRP support.
- User authentication options:
- --kerberos-passwords
- Recognize kerberos passwords, using the helper program "/usr/local/sbin/lsh-krb-checkpw". This option is experimental.
- --login-auth-mode
- Enable a telnet like mode (accept none-authentication and launch thelogin-shell, making it responsible for authenticating the user).
- --login-shell=Program
- Use this program as the login shell for all users. (Experimental)
- --no-kerberos-passwords
- Don't recognize kerberos passwords (default behaviour).
- --no-login-auth-mode
- Disable login-auth-mode (default).
- --no-password
- Disable password user authentication.
- --no-publickey
- Disable publickey user authentication.
- --no-root-login
- Don't allow root to login (default).
- --password
- Enable password user authentication (default).
- --password-helper=Program
- Use the named helper program for password verification. (Experimental).
- --publickey
- Enable publickey user authentication (default).
- --root-login
- Allow root to login.
- Offered services:
- --no-pty-support
- Disable pty allocation.
- --no-tcpip-forward
- Disable tcpip forwarding.
- --no-x11-forward
- Disable x11 forwarding.
- --pty-support
- Enable pty allocation (default).
- --subsystems=List of subsystem names and programs
- For example `sftp=/usr/sbin/sftp-server,foosystem=/usr/bin/foo' (experimental).
- --tcpip-forward
- Enable tcpip forwarding (default).
- --x11-forward
- Enable x11 forwarding (default).
- Options controlling daemonic mode and related options:
- --daemonic
- Run in the background, redirect stdio to /dev/null, and chdir to /.
- --enable-core
- Dump core on fatal errors (disabled by default).
- --no-daemonic
- Run in the foreground, with messages to stderr (default).
- --no-pid-file
- Don't use any pid file. Default in non-daemonic mode.
- --no-syslog
- Don't use syslog (by default, syslog is used when running in daemonic mode).
- --pid-file=file name
- Create a pid file. When running in daemonic mode, the default is /var/run/lshd.pid.
- -?, --help
- Give this help list
- --usage
- Give a short usage message
- -V, --version
- Print program version
- Mandatory or optional arguments to long options are also mandatory or optional for any corresponding short options.
FILES
lshd doesn't use any traditional configuration file, but must have a
random seed file and the server key. By default
/var/spool/lsh/yarrow-seed-file
is used as random seed file (see ENVIRONMENT for changing this) and
/etc/lsh_host_key
is the default key file.
/var/run/lshd.pid
is used to store the process id of the server by default.
Authorized keys are stored in the directory
$HOME/.lsh/authorized_keys_sha1/
DIAGNOSTICS
Log messages are normally sent to syslog(3) when running in daemonic
mode.
See the --verbose , --trace and --debug options.
REPORTING BUGS
Report bugs to <bug-lsh@gnu.org>.
ENVIRONMENT
LSH_YARROW_SEED_FILE may be used to specify the random seed file.
lshd mimics OpenSSH behaviour with respect to SSH_CLIENT and SSH_TTY
for processes it starts where applicable.
COPYING
The lsh suite of programs is distributed under the GNU General Public
License; see the COPYING and AUTHORS files in the source distribution
for details.
AUTHOR
The lsh program suite is written mainly by Niels Mller
<nisse@lysator.liu.se>.
This man-page was originally written by J.H.M. Dassen (Ray)
<jdassen@wi.LeidenUniv.nl>. It was modified and updated for lsh 2.0 by
Pontus Freyhult <pont_lsh@soua.net>
SEE ALSO
lsftp(1), lsh(1), lsh-authorize(1), lsh-keygen(1), lsh-make-seed(1),
lsh-upgrade(1), lsh-upgrade-key(1), lsh-writekey(1), secsh(5), sftpserver(8), syslogd(8)
- The full documentation for lsh is maintained as a Texinfo manual. If
the info and lsh programs are properly installed at your site, the command
- info lsh
- should give you access to the complete manual.