Commit f849239e authored by Niels Möller's avatar Niels Möller
Browse files

* doc/lsh.texinfo (Action options): Edited the description of the

-g, not calling it "gateway mode", as the word "gateway" is
associated with the '-G' option.
(Invoking lshd): Documented --kerberos-passwords,
--password-helper and --login-shell.
Changed UPDATED-FOR to 1.1.6.

Rev: doc/lsh.texinfo:1.20
parent 0a92b56e
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
@settitle lsh @settitle lsh
@c %**end of header @c %**end of header
@set UPDATED-FOR 1.0 @set UPDATED-FOR 1.1.6
@c Latin-1 doesn't work with tex output. @c Latin-1 doesn't work with tex output.
@c Also lookout for é characters. @c Also lookout for é characters.
...@@ -1146,12 +1146,12 @@ Redirect the stdout of a remote process to a given, local, file. ...@@ -1146,12 +1146,12 @@ Redirect the stdout of a remote process to a given, local, file.
Analogous to the @option{--stdout} option. Analogous to the @option{--stdout} option.
@item -g @item -g
Gateway mode. This option applies to the forwarding actions, i.e. Remote peers, aka Global forwarding. This option applies to the
@option{-L} and @option{-R}. By default, only connections to the forwarding actions, i.e. @option{-L} and @option{-R}. By default, only
loopback interface, ip 127.0.0.1, are forwared. This implies that only connections to the loopback interface, ip 127.0.0.1, are forwared. This
processes on the same machine can use the forwarded tunnel directly. If implies that only processes on the same machine can use the forwarded
the -g modifier is in effect, the forwarding party will listen on tunnel directly. If the -g modifier is in effect, the forwarding party
@emph{all} network interfaces. will listen on @emph{all} network interfaces.
@end table @end table
...@@ -1271,6 +1271,22 @@ Disable the "publickey" user authentication mechanism. ...@@ -1271,6 +1271,22 @@ Disable the "publickey" user authentication mechanism.
@item --root-login @item --root-login
Enable root login. By default, root can not log in using @command{lshd}. Enable root login. By default, root can not log in using @command{lshd}.
@item --kerberos-passwords
Verify passwords against the kerberos database. This is implemented
using the @command{lsh-krb-checkpw} helper program. Note that this does
@emph{not} use the Kerberos infrastructure in the Right Way. Experimental.
@item --password-helper
Tells @command{lshd} to use a helper program for verifying passwords.
This is a generalization of @option{--kerberos-passwords}, and it could
be used for verifying passwords against any password database. See the
source files @file{lsh-krb-checkpw.c} and @file{unix_user.c} for
details.
@item --login-shell
Use the specified program as the login shell for all users, overriding
the login shell in the passwd database.
@item --srp-keyexchange @item --srp-keyexchange
Enable @acronym{SRP} keyexchange and user authentication. Enable @acronym{SRP} keyexchange and user authentication.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment