Commit e517be92 authored by Niels Möller's avatar Niels Möller

Wrote feature list for LSH-1.4.

Rev: ANNOUNCE:1.8
parent f3946e83
...@@ -2,35 +2,54 @@ I'd like to announce a new version of LSH, the GNU implementation of ...@@ -2,35 +2,54 @@ I'd like to announce a new version of LSH, the GNU implementation of
the secure shell protocols. LSH includes a client, a server, and a few the secure shell protocols. LSH includes a client, a server, and a few
scripts and utility programs. scripts and utility programs.
The LSH-1.2 release, and any following LSH-1.2.x updates, are intended The LSH-1.4 release, and any following LSH-1.4.x updates, are intended
to be stable. New features will be added to LSH-1.3.x. to be stable. New features will be added to LSH-1.5.x.
FEATURES FEATURES
The most notable new features in LSH-1.2 are The most notable new features in LSH-1.4 are
o Support for RSA keys, for both host and user authentication. o Random numbers are generated using the Yarrow pseudorandomness
generator, which improves security in particular on systems without
/dev/random. A new program lsh-make-seed is provided for
initializing the generator.
o The "gateway" mode of operation, implemented by lsh -G and lshg. o Both lsh and lshd now expire session keys and performs
key-reexchange regularly.
o Limited Kerberos support, comparable to that available for the o AES is now the default cipher. A faster assembler version for sparc
original sshd. is included. x86 code is included as well, but it needs some more
work before it can be enabled.
o Client and server support for subsystems.
o lsh supports X11 forwarding; lshd support is not yet implemented.
o Implemented handshake timeout.
o An improved randomness generator that works also on systems that o lshd handles SIGHUP by closing its listening socket, and then
lack /dev/random. waiting for existing connections to be closed before exiting. This
makes it easier to restart lshd in a friendly way.
Some of the older (LSH-1.0) features are
o Proper utmp logging.
o Improved handling of process suspend, and other process related
things.
Some of the older (LSH-1.0 and LSH-1.2) features are
o Strong encryption and data authentication. o Strong encryption and data authentication.
o Strong host authentication using public key techniques. o Strong host authentication using public key techniques, DSA and RSA
keys.
o User authentication by either ordinary UN*X passwords o User authentication by either ordinary UN*X passwords
or public key techniques. or public key techniques.
o Spawning of remote shells and commands, including pseudo tty support. o Spawning of remote shells and commands, including pseudo tty support.
o A "gateway" interface, that lets you create a single SSH connection o A "gateway" interface, which lets you create a single SSH connection
to a remote host, and reuse that connection for later commands. to a remote host, and reuse that connection for later commands.
Ideal for applications like remote CVS. Ideal for applications like remote CVS.
...@@ -38,11 +57,14 @@ o Forwarding of TCP connections, in both directions. ...@@ -38,11 +57,14 @@ o Forwarding of TCP connections, in both directions.
o Zlib compression. o Zlib compression.
o Limited Kerberos support, comparable to that available for the
original sshd.
o Experimental support for Secure Remote Password (SRP) authentication. o Experimental support for Secure Remote Password (SRP) authentication.
o Experimental support for IPv6. o Experimental support for IPv6.
o A draft manual. o A manual.
COMPATIBILITY AND PORTABILITY COMPATIBILITY AND PORTABILITY
...@@ -64,20 +86,6 @@ LSH is provided AS IS, ABSOLUTELY no GUARANTEES, etc. Please report ...@@ -64,20 +86,6 @@ LSH is provided AS IS, ABSOLUTELY no GUARANTEES, etc. Please report
any bugs you find. any bugs you find.
PLANNED FEATURES
Some features that are planned but not yet implemented are
o Forwarding of X, ssh-agent, UDP.
o Support for SPKI certificates, for both authorization and host
authentication.
o Kerberos authentication.
o A file transfer service.
LICENSE LICENSE
LSH is distributed under the terms and conditions of the GNU General LSH is distributed under the terms and conditions of the GNU General
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment