Secsh (ssh2) server
lshd [OPTION...]
CAUTION! The information in this manpage may be invalid or outdated. For authorative information on lsh, please see it's Texinfo manual (see the SEE ALSO section).
lshd is a server for the SSH-2 (secsh) protocol.
Miscellaneous options:
-h, --host-key=Key file
Location of the server's private key.
--interface=interface
Listen on this network interface.
-p, --port=Port
Listen on this port.
--debug
Print huge amounts of debug information
--log-file=File name
Append messages to this file.
-q, --quiet
Suppress all warnings and diagnostic messages
--trace
Detailed trace
-v, --verbose
Verbose diagnostic messages
Algorithm selection:
-c, --crypto=Algorithm --hostkey-algorithm=Algorithm
--list-algorithms
List supported algorithms. -m, --mac=Algorithm
-z, --compression[=Algorithm]
Default is zlib.
--banner-file=File name
Banner file to send before handshake.
Keyexchange options:
--dh-keyexchange
Enable DH support (default).
--no-dh-keyexchange
Disable DH support.
--no-srp-keyexchange
Disable experimental SRP support (default).
--srp-keyexchange
Enable experimental SRP support.
User authentication options:
--kerberos-passwords
Recognize kerberos passwords, using the helper program "/usr/local/sbin/lsh-krb-checkpw". This option is experimental.
--login-auth-mode
Enable a telnet like mode (accept none-authentication and launch thelogin-shell, making it responsible for authenticating the user).
--login-shell=Program
Use this program as the login shell for all users. (Experimental)
--no-kerberos-passwords
Don't recognize kerberos passwords (default behaviour).
--no-login-auth-mode
Disable login-auth-mode (default).
--no-password
Disable password user authentication.
--no-publickey
Disable publickey user authentication.
--no-root-login
Don't allow root to login (default).
--password
Enable password user authentication (default).
--password-helper=Program
Use the named helper program for password verification. (Experimental).
--publickey
Enable publickey user authentication (default).
--root-login
Allow root to login.
Offered services:
--no-pty-support
Disable pty allocation.
--no-tcpip-forward
Disable tcpip forwarding.
--no-x11-forward
Disable x11 forwarding.
--pty-support
Enable pty allocation (default).
--subsystems=List of subsystem names and programs
For example `sftp=/usr/sbin/sftp-server,foosystem=/usr/bin/foo' (experimental).
--tcpip-forward
Enable tcpip forwarding (default).
--x11-forward
Enable x11 forwarding (default).
Options controlling daemonic mode and related options:
--daemonic
Run in the background, redirect stdio to /dev/null, and chdir to /.
--enable-core
Dump core on fatal errors (disabled by default).
--no-daemonic
Run in the foreground, with messages to stderr (default).
--no-pid-file
Don't use any pid file. Default in non-daemonic mode.
--no-syslog
Don't use syslog (by default, syslog is used when running in daemonic mode).
--pid-file=file name
Create a pid file. When running in daemonic mode, the default is /var/run/lshd.pid.
-?, --help
Give this help list
--usage
Give a short usage message
-V, --version
Print program version
Mandatory or optional arguments to long options are also mandatory or optional for any corresponding short options.
lshd doesn't use any traditional configuration file, but must have a random seed file and the server key. By default
/var/spool/lsh/yarrow-seed-file
is used as random seed file (see ENVIRONMENT for changing this) and
/etc/lsh_host_key
is the default key file.
/var/run/lshd.pid
is used to store the process id of the server by default.
Authorized keys are stored in the directory
$HOME/.lsh/authorized_keys_sha1/
Log messages are normally sent to syslog(3) when running in daemonic mode.
See the --verbose , --trace and --debug options.
Report bugs to <[email protected]>.
LSH_YARROW_SEED_FILE may be used to specify the random seed file.
lshd mimics OpenSSH behaviour with respect to SSH_CLIENT and SSH_TTY for processes it starts where applicable.
The lsh suite of programs is distributed under the GNU General Public License; see the COPYING and AUTHORS files in the source distribution for details.
The lsh program suite is written mainly by Niels M\[:o]ller <[email protected]>.
This man-page was originally written by J.H.M. Dassen (Ray) <[email protected]>. It was modified and updated for lsh 2.0 by Pontus Freyhult <[email protected]>
lsftp(1), lsh(1), lsh-authorize(1), lsh-keygen(1), lsh-make-seed(1), lsh-upgrade(1), lsh-upgrade-key(1), lsh-writekey(1), secsh(5), sftp-server(8), syslogd(8)
The full documentation for lsh is maintained as a Texinfo manual. If the info and lsh programs are properly installed at your site, the command
info lsh
should give you access to the complete manual.