Man Linux: Main Page and Category List


       esm - encrypted session manager


       esm [-lrs] [-e command]


       esm  manages  a  simple encrypted session protocol.  When first invoked
       from an interactive shell, it provides  a  transparent  pseudo-terminal
       session on the local machine.  When invoked from within an existing ESM
       session, however, the two ESM processes can automatically  encrypt  all
       traffic passed between them.  Typically, the second session is executed
       on a remote networked machine reached by using the initial  session  to
       invoke, e.g., the telnet(1) program.

       Ordinarily, ESM is run first on the local machine in "local" mode ("esm
       -l").  The resulting session is used to establish a connection (over  a
       possibly  insecure  network) to a remote machine on which esm is run in
       "server" mode ("esm -s").  Encrypted sessions are always  initiated  by
       the  remote  esm process.  Remote mode can be invoked in two ways.  esm
       -s will attempt to initiate  an  encrypted  session  immediately  after
       starting.   esm  -r  will start the remote session in cleartext mode; a
       user escape sequence ("control-^" followed  by  "s")  switches  to  the
       encrypted  session  mode.   "Control-^  ?"   provides  a  list of other

       Encrypted sessions use two-key (112 bit) triple  DES  in  8-bit  cipher
       feedback mode.  A 1024-bit Diffie-Hellman key exchange protocol is used
       to establish the session key; the implementation of  this  protocol  is
       based  on  the  RSA  Laboratories  RSAREF  2.0  library.  All encrypted
       traffic is encoded using a  simple  ASCII  hexadecimal  representation;
       this  reduces encrypted terminal bandwidth by a factor of just over two
       compared with cleartext mode.


       -l     Local mode.  This establishes the initial session and provides a
              transparent pseudo-terminal interface until an encrypted session
              is initiated on the "master" (shell) side by  a  remote  server.
              This  is  also  the  default  mode  if  no  command line flag is

       -r     Remote mode.  Provides a transparent pseudo terminal session  on
              the  remote  machine,  with the ability to initiate an encrypted
              session with the "slave" (terminal) side of the connection.

       -s     Remote mode.  Immediately  attempts  to  initiate  an  encrypted
              session  with  the  "slave"  (terminal)  side of the connection.
              This mode is guaranteed to never operate in cleartext mode.

        -e command
              Executes command on the master side of the session.  By  default
              ESM  executes  the value of the SHELL environment or, if that is
              not set, /bin/sh.


       ESM is not a replacement for a  complete  link,  network  or  transport
       layer  security  protocol.  In particular, nothing is authenticated and
       traffic is only protected once the session has started (which may occur
       after sensitive information like login passwords have already been sent
       in the clear).

       Because nothing is authenticated, the protocol is vulnerable to several
       variations  of  the  so-called  "man-in-the-middle" active attack.  ESM
       should be regarded as secure only against passive attacks.

       ESM is slow.  It takes a long time to generate the high-entropy  random
       numbers  required for the key agreement parameters.  The ASCII encoding
       of the encrypted traffic noticeably  reduces  effective  bandwidth  and
       increases response time.

       The session keys may not be random on all platforms.  The random number
       generator relies on variations in clock rate and other hard to  predict
       factors.  Test these assumptions carefully before trusting ESM on a new
       machine or operating system.


       Matt  Blaze,  (for  ESM  and  CFS  problems,  use