1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
LSH - a GNU implementation of the Secure Shell protocols.
COPYRIGHT
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation. See the file COPYING for details.
INSTALLATION
If you have downloaded a release, you should be able to compile it
with
./configure
make
make install
You need GNU make. Some shells have had bugs preventing them from
executing the configure script; if you experience problems, try
running
bash configure
If you want to hack lsh, you need some more tools:
* autoconf
* automake
* bash,
* gcc,
* gperf (at least version 2.7)
* a scheme implementation. The currently supported schemes are guile
and scsh.
All but scsh can be found at your local GNU mirror site. scsh,
Olin Shiver's Scheme Shell, can be downloaded from <URL:
http://www.scsh.net>. If you use guile, you also need the slib
library, which is usually distributed separately. It's also available
at the GNU mirrors.
Optional programs that are needed to get the most out
of the lsh testsuite:
* tcputils, available at ftp://ftp.lysator.liu.se/pub/unix/tcputils.
* tsocks (plus the supplied patch misc/tsocks-forcelocal.patch). It
can be downloaded from http://tsocks.sourceforge.net/.
If you have checked out lsh from git, things are a little more
complicated. Run the ./.bootstrap script, which will run aclocal,
autoconf, autoheader and automake for you. This creates the configure
script and several Makefile.in. Now run ./configure, to create
Makefile. Next run make bootstap. This will create various
automatically generated files. Then you are ready to run make, to
build the programs.
NEEDED LIBRARIES
GNU GMP (version 3.1 or better), available at ftp.gnu.org, or some of
its mirrors.
GNU Nettle (version 2.2 or later), also available at ftp.gnu.org.
ZLIB can be found at http://www.zlib.org. Older versions zlib have a
known security problems, so make sure you get the latest one.
liboop (version 0.8 or better) can be found at
http://http://www.lysator.liu.se/liboop/.
GETTING STARTED
After install, the first thing you need to do is creating a seed-file
for the randomness generator. Use
lsh-make-seed
to create a personal seed file. If you want to run the lshd server,
you also need to run
lsh-make-seed --server
as root.
Some examples...
Create a new RSA key pair, and save it in ~/.lsh/identity and
~/.lsh/identity.pub:
lsh-keygen | lsh-writekey
To create a key for the server, using the server's seed-file and
storing the result as /etc/lsh_host_key and /etc/lsh_host_key.pub, run
lsh-keygen --server | lsh-writekey --server
Start an lshd server in the background, on the default port, using the
key at /etc/lsh_host_key, created above:
lshd --daemonic
Connect to an lshd server running on port 4711 on HOST, and attempt to
log in as USER:
lsh -p 4711 -l USER HOST
MORE INFORMATION
For more information on using LSH, read the LSH manual, doc/lsh.info
or doc/lsh.html.
For an introduction to the inner workings of LSH, see the file
doc/HACKING.
Several people have contributed to LSH, see the AUTHORS file for
details.
If you are interested in lsh, you may want to subscribe to the
psst-list. Subscription address is psst-request@net.lut.ac.uk.
LSH releases are available at
<http://www.lysator.liu.se/~nisse/archive/> and
<ftp://ftp.lysator.liu.se/pub/security/lsh>.
Happy hacking,
/Niels Mller <nisse@lysator.liu.se>
|
