.TH SSH 1 ""
.SH NAME
cfssh - (somewhat) secure CFS shell
.SH SYNOPSIS
.B cfssh
\fIdirectory\fP
.SH DESCRIPTION
\fBcfssh\fP uses \fBcattach\fP(1) to associate the encrypted
\fIdirectory\fP (previously created with \fBcmkdir\fP(1)) with a
randomly selected name.  Once the correct passphrase is provided,
\fBcfssh\fP invokes a new shell with the random directory in /crypt as its
working directory.
When the shell exits, the temporary attach name is deleted with
cdetach(1).
Since the generated names are somewhat obscure and are hidden from
view with CFS's "." mechanism, casual attackers cannot easily exploit
the attached cleartext even if they can spoof the UID of the user.
.SH SEE ALSO
cfsd(8), cattach(1), cdetach(1), cmkdir(1)
.SH BUGS
The temporary names generated are not random in any cryptographically
strong sense, so this command should really only be viewed as an
example.  A determined attacker could probably guess the generated
name by exploiting the known properties of the way the ksh random
function is seeded.
.LP
There's no hiding from an attacker who can compromise root on the
client system while an attach is active.
.SH AUTHOR
Matt Blaze; for information on cfs, email to
cfs@research.att.com.