Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
LSH
lsh
Commits
bc553e59
Commit
bc553e59
authored
Feb 06, 2000
by
Niels Möller
Browse files
*** empty log message ***
Rev: doc/TODO:1.69 Rev: doc/lsh.texinfo:1.4
parent
18c0d86e
Changes
2
Hide whitespace changes
Inline
Side-by-side
doc/TODO
View file @
bc553e59
...
...
@@ -301,10 +301,6 @@ See if we can do without the "reason" argument to close callbacks.
Current bugs (Bazsi):
I've encountered a bug in remote (-R) forwarding in lshd. My proxy didn't
handle forwarded-tcpip channels, and refused to open such a channel. lshd
crashes if this channel cannot be opened with an unhandled exception.
* 0.2.6 doesn't remember the listening socket of an -L option as a resource,
so when the connection is closed (logout from the shell), lsh hangs on the
listening socket, and connecting to it results in a segfault (most
...
...
@@ -315,15 +311,12 @@ probably because the connection struct had been freed by the gc)
proxy patches I made this possible adding a struct exception_handler **e to
channel_request_command's format method.
/* FIXME: The new fd object should be added to the same resource list
* as the old one. Perhaps the conenction code in io.c should reuse
* the fd object in some way? */
static void
do_connect_continue(struct fd_callback **s, int fd)
static void do_free_zstream(z_stream *z)
{
/* FIXME: Let opaque be a pointer to a struct, as it is not portable
* to cast between void * and a function pointer. */
/* Call deflateEnd() or inflateEnd(). But which? We use the opague
* pointer, as we don't use that for anything else. */
Try to unify the handling of queued channel requests and global
requests.
doc/lsh.texinfo
View file @
bc553e59
...
...
@@ -535,6 +535,27 @@ arcfour.
@comment node-name, next, previous, up
@section Host authentication options
As described earlier @pxref
{
Threats
}
, proper authentication of the
remote host is crucial to protect the connection against
Man-in-the-middle attacks. By default, @code
{
lsh
}
verifies the server's
claimed host key against the @dfn
{
Acess Control Lists
}
in
@file
{
~/.lsh/known
_
hosts
}
. If the remote host cannot be authenticated,
the connection is dropped.
The options that change this behaviour are
@table @option
@item --host-db
Specifies the location of the @acronym
{
ACL
}
file.
@item --sloppy-host-authentication
@item --strict-host-authentication
@item --capture-to
@end table
@node Userauth options, Action options, Hostauth options, Invoking lsh
@comment node-name, next, previous, up
@section User authentication options
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment