Man Linux: Main Page and Category List


       lsh - secsh (SSH2) client


       lsh [OPTION...] HOST [COMMAND]


       CAUTION!  The  information  in this manpage may be invalid or outdated.
       For authorative information on lsh, please see it's Texinfo manual (see
       the SEE ALSO section).

       Connects  to  the  the  remote  machine  HOST,  and perform one or more
       actions, i.e.  command  execution,  various  forwarding  services.  The
       default  action  is  to  start  a remote interactive shell or execute a
       given command on the remote machine.


              When a new hostkey is received, append an ACL  expressing  trust
              in the key. In sloppy mode, the default is ~/.lsh/captured_keys.

              Enable DH support (default, unless SRP is being used).

              By default, ~/.lsh/host-acls

       -i, --identity=Identity key
              Use this key to authenticate.

              Disable DH support.

              Don't try publickey user authentication.

              Disable experimental SRP support (default).

              Try publickey user authentication (default).

              Allow untrusted hostkeys.

              Enable experimental SRP support.

              Never, never, ever trust an unknown hostkey.  (default)

              Print huge amounts of debug information

       --log-file=File name
              Append messages to this file.

       -q, --quiet
              Suppress all warnings and diagnostic messages

              Detailed trace

       -v, --verbose
              Verbose diagnostic messages

       Algorithm selection:

       -c, --crypto=Algorithm


              List supported algorithms.

       -m, --mac=Algorithm

       -z, --compression[=Algorithm]
              Default is zlib.

              Program to use for reading  passwords.  Should  be  an  absolute

       -l, --user=User name
              Login as this user.

       -p, --port=Port
              Connect to this port.


       -B, --background
              Put process into the background. Implies -N.

       -D, --forward-socks[=port] Enable socks dynamic forwarding

       -E, --execute=command
              Execute a command on the remote machine

       -L, --forward-local-port=local-port:target-host:target-port

       -N, --nop
              No operation (suppresses the default action, which is to spawn a
              remote shell)

              Connect to given subsystem. Implies --no-pty.

       -S, --shell=command
              Spawn a remote shell

       Universal not:

       -n, --no
              Inverts the effect of the next modifier

       Modifiers that apply to port forwarding:

       -g, --remote-peers
              Allow remote access to forwarded ports

              Disallow remote access to forwarded ports (default).

       Modifiers that apply to remote execution:

              Detach from terminal at session end.

              Do not detach  session  at  end,  wait  for  all  open  channels

              Don't request a remote pty.

              Redirect stderr to /dev/null

              Redirect stdin from /dev/null

              Redirect stdout to /dev/null

              Redirect stderr

              Redirect stdin

              Redirect stdout

       -t, --pty
              Request a remote pty (default).

       Miscellaneous options:

       -e, --escape-char=Character
              Escape  char.  `none' means disable. Default is to use `~' if we
              have a tty, otherwise none.

              Make -B write the pid of the backgrounded process to stdout.

       -G, --gateway
              Setup a local gateway

       -R, --forward-remote-port=remote-port:target-host:target-port

              Disable X11 forwarding (default).

       -x, --x11-forward
              Enable X11 forwarding.

       -?, --help
              Give this help list

              Give a short usage message

       -V, --version
              Print program version



       is the default file used for storing keys captured when  connecting  to
       hosts  with keys not previously accepted (see the --capture-to option).


       is the  default  file  containing  accepted  keys  (see  the  --host-db


       is  the  key  file  lsh  attempts to use by default (see the --identity


       See the --verbose , --trace and --debug options.


       Report bugs to <>.


       LSH_YARROW_SEED_FILE may be used to specify the random seed file.

       LSHFLAGS may be used for passing  additional  parameters.  The  parsing
       order is undefined.


       The  lsh  suite of programs is distributed under the GNU General Public
       License; see the COPYING and AUTHORS files in the  source  distribution
       for details.


       The   lsh   program   suite   is   written   mainly   by  Niels  Moller

       This  man-page  was  originally  written   by   J.H.M.   Dassen   (Ray)
       <>.  It was modified and updated for lsh 2.0 by
       Pontus Freyhult <>


       lsftp(1), lshg(1), lsh-authorize(1),  lsh-keygen(1),  lsh-make-seed(1),
       lsh-upgrade(1),   lsh-upgrade-key(1),  lsh-writekey(1),  lshd(8),  ssh-

       The full documentation for lsh is maintained as a Texinfo  manual.   If
       the  info  and  lsh  programs  are properly installed at your site, the

              info lsh

       should give you access to the complete manual.