lshd (8)

Secsh (ssh2) server

  1. Carta.tech
  2. Man Pages
  3. System administration commands
  4. lshd: Secsh (ssh2) server
  1. Carta.tech
  2. Packages
  3. lsh-server
  4. lshd: Secsh (ssh2) server

SYNOPSIS

lshd [OPTION...]

DESCRIPTION

CAUTION! The information in this manpage may be invalid or outdated. For authorative information on lsh, please see it's Texinfo manual (see the SEE ALSO section).

lshd is a server for the SSH-2 (secsh) protocol.

OPTIONS

Miscellaneous options:

-h, --host-key=Key file

Location of the server's private key.

--interface=interface

Listen on this network interface.

-p, --port=Port

Listen on this port.

--debug

Print huge amounts of debug information

--log-file=File name

Append messages to this file.

-q, --quiet

Suppress all warnings and diagnostic messages

--trace

Detailed trace

-v, --verbose

Verbose diagnostic messages

Algorithm selection:

-c, --crypto=Algorithm --hostkey-algorithm=Algorithm

--list-algorithms

List supported algorithms. -m, --mac=Algorithm

-z, --compression[=Algorithm]

Default is zlib.

--banner-file=File name

Banner file to send before handshake.

Keyexchange options:

--dh-keyexchange

Enable DH support (default).

--no-dh-keyexchange

Disable DH support.

--no-srp-keyexchange

Disable experimental SRP support (default).

--srp-keyexchange

Enable experimental SRP support.

User authentication options:

--kerberos-passwords

Recognize kerberos passwords, using the helper program "/usr/local/sbin/lsh-krb-checkpw". This option is experimental.

--login-auth-mode

Enable a telnet like mode (accept none-authentication and launch thelogin-shell, making it responsible for authenticating the user).

--login-shell=Program

Use this program as the login shell for all users. (Experimental)

--no-kerberos-passwords

Don't recognize kerberos passwords (default behaviour).

--no-login-auth-mode

Disable login-auth-mode (default).

--no-password

Disable password user authentication.

--no-publickey

Disable publickey user authentication.

--no-root-login

Don't allow root to login (default).

--password

Enable password user authentication (default).

--password-helper=Program

Use the named helper program for password verification. (Experimental).

--publickey

Enable publickey user authentication (default).

--root-login

Allow root to login.

Offered services:

--no-pty-support

Disable pty allocation.

--no-tcpip-forward

Disable tcpip forwarding.

--no-x11-forward

Disable x11 forwarding.

--pty-support

Enable pty allocation (default).

--subsystems=List of subsystem names and programs

For example `sftp=/usr/sbin/sftp-server,foosystem=/usr/bin/foo' (experimental).

--tcpip-forward

Enable tcpip forwarding (default).

--x11-forward

Enable x11 forwarding (default).

Options controlling daemonic mode and related options:

--daemonic

Run in the background, redirect stdio to /dev/null, and chdir to /.

--enable-core

Dump core on fatal errors (disabled by default).

--no-daemonic

Run in the foreground, with messages to stderr (default).

--no-pid-file

Don't use any pid file. Default in non-daemonic mode.

--no-syslog

Don't use syslog (by default, syslog is used when running in daemonic mode).

--pid-file=file name

Create a pid file. When running in daemonic mode, the default is /var/run/lshd.pid.

-?, --help

Give this help list

--usage

Give a short usage message

-V, --version

Print program version

Mandatory or optional arguments to long options are also mandatory or optional for any corresponding short options.

FILES

lshd doesn't use any traditional configuration file, but must have a random seed file and the server key. By default

/var/spool/lsh/yarrow-seed-file

is used as random seed file (see ENVIRONMENT for changing this) and

/etc/lsh_host_key

is the default key file.

/var/run/lshd.pid

is used to store the process id of the server by default.

Authorized keys are stored in the directory

$HOME/.lsh/authorized_keys_sha1/

DIAGNOSTICS

Log messages are normally sent to syslog(3) when running in daemonic mode.

See the --verbose , --trace and --debug options.

REPORTING BUGS

Report bugs to <[email protected]>.

ENVIRONMENT

LSH_YARROW_SEED_FILE may be used to specify the random seed file.

lshd mimics OpenSSH behaviour with respect to SSH_CLIENT and SSH_TTY for processes it starts where applicable.

COPYING

The lsh suite of programs is distributed under the GNU General Public License; see the COPYING and AUTHORS files in the source distribution for details.

AUTHOR

The lsh program suite is written mainly by Niels M\[:o]ller <[email protected]>.

This man-page was originally written by J.H.M. Dassen (Ray) <[email protected]>. It was modified and updated for lsh 2.0 by Pontus Freyhult <[email protected]>

RELATED TO lshd…

lsftp(1), lsh(1), lsh-authorize(1), lsh-keygen(1), lsh-make-seed(1), lsh-upgrade(1), lsh-upgrade-key(1), lsh-writekey(1), secsh(5), sftp-server(8), syslogd(8)

The full documentation for lsh is maintained as a Texinfo manual. If the info and lsh programs are properly installed at your site, the command

  • info lsh

should give you access to the complete manual.