Newer Older
Niels Möller's avatar
Niels Möller committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88
I'd like to announce a new version of LSH, the GNU implementation of
the secure shell protocols. LSH includes a client, a server, and a few
scripts and utility programs.


Some of the LSH-0.9 features are

o  Strong encryption and data authentication.

o  Strong host authentication using public key techniques.

o  Spawning of remote shells, including pseudo tty support.

o  Forwarding of TCP connections, in both directions.

o  User authentication by either ordinary UN*X passwords
   or public key techniques.

o  Zlib compression.

o  A draft manual.


LSH implements the secsh protocol as defined by the latest drafts from
the IETF secsh working group. It is also bug-compatible with
Datafellow's SSH2 products. Note that LSH is *not* compatible with
SSH1, although the lshd deamon can fall back to an SSH1 implementation
(e.g. OpenSSH or Datafellow's) when an ssh1 client connects.

LSH is reported to have worked at least once on GNU/Linux on Sparc and
Intel, FreeBSD, Solaris and IRIX. There may well be portability
problems left, please report them to me.


However, LSH does *NOT* try to provide any security on systems that
lack a good /dev/random. LSH-0.9 should be considered a beta release;
use on production systems is not recommended. LSH is provided AS IS,
ABSOLUTELY no GUARANTEES, etc. Please report any bugs you find.


Some features that are planned but not yet implemented are

o  Execution of remote commands (like rsh).

o  A "gateway" interface, to let external programs access an LSH
   connection easily and securely.

o  Forwarding of X, ssh-agent, UDP.

o  Support for SPKI certificates, for both authorization and host

o  Support for the Secure Remote Password (SRP) protocol.

o  Kerberos authentication.

o  A file transfer service.

o  IPv6 support.


LSH is distributed under the terms and conditions of the GNU General
Public License. Unlike other secsh implementations, you can use LSH
freely for any purpose.


The main LSH archive is located at

Discussions about LSH takes place on the psst mailing list. See the
psst home page,, for details.

Happy hacking,
/Niels Möller, <>