Eric J. Schwertfeger enscribed:
> As promised, I've rolled up everything I know about how to use lsh so far
> (assuming the user knows how to use rsh/rlogin) into an HTML document.
> The rough draft is available at http://cybernut.com/lsh.html and while
> I've gotten rid of almost all the red text (for those of you that have
> already looked at it), I do have just a few known issues left. Feel free
> to inform me of anything I might have overlooked. I'm an lsh newbie, but I
> think I've got the concepts down.
I looked through it.. looks like a good start :) I'm going to add a link to it
and eventually an entire section on lsh in the SSH FAQ.
> I was under the impression that SECSH had made it to rfc status, but all I
> can find defining it are expired drafts. Has it not made it to rfc status
> yet, or is www.normos.org not up to date? I don't know which would be
> worse, that we're coding to expired drafts, which aren't supposed to be
> used as reference material to begin with, or that my favorite place to
> search for RFC's is out of date. Hmmm. just found the SECSH-charter
> homepage, and they list everything as drafts (though the last-modified
> date is June 99), so it looks like that is the case.
No, I believe it's still in draft status. The reason it's not an RFC
yet is becauses there needs to be two completely separate workable
versions of the SECSH--SSH2 and lsh. I think it's still waiting on
lsh. However, you can go to the SSH FAQ if you want to have direct
links to the draft.
> How stable do most people find recent lsh snapshots? Do you trust lsh to
> provide security? I know the documentation says not to trust it, but I
> think that's a little out of date. Aside from potential exploits
> (potential as in I haven't proven that they don't exist, not as in they're
> there, but haven't been exploited yet), lsh seems to offer complete enough
> an implementation of SECSH to be quite useful.
Unfortunately, I haven't had much time to play with it.. I was waiting
for your doc :)
Thanks for taking the time to write this. I'll let you know when I put the
link up.
If anyone else has additional stuff to include on the lsh section of the
SSH FAQ let me know :)
-Anne
--
A sign in a toilet in a (\`--/') _ _______ .-r-.
London office building: >.~.\ `` ` `,`,`. ,'_'~`.
"Toilet Out of Order. (v_," ; `,-\ ; : ; \/,-~) \
Please Use Floor Below." `--'_..),-/ ' ' '_.>-' )`.`.__.')
stripes at tigerlair dot com ((,((,__..'~~~~~~((,__..' `-..-'fL
