		      ssh : The Secure Shell client
			=========================

Basic usage: (rustic) explanations
----------------------------------

Connect to some host:

		# ssh [-l user] host

Execute a command on the remote host:

		# ssh host command

Usage in XWindow:

Execute remote a X app, running on the remote X server

		# start XWindow
		# [ in a xterm window ]
		# ssh -f host /usr/X11R6/bin/...command...

-f option tell ssh to fork() and to go in background.
ssh set DISPLAY for you.

	   == from the ssh README (reduced for muLinux) ==

SSH (Secure Shell) is a program to log into another computer over a
network, to execute commands in a remote machine, and to move files
from one machine to another.  It provides strong authentication and
secure communications over insecure channels.  It is intended as a
replacement for rlogin, rsh, rcp, and rdist.


SEE also "ssh -h"

FEATURES

 o  Strong authentication.  Closes several security holes (e.g., IP,
    routing, and DNS spoofing).  New authentication methods: .rhosts
    together with RSA based host authentication, and pure RSA
    authentication.

 o  Improved privacy.  All communications are automatically and
    transparently encrypted.  RSA is used for key exchange, and a
    conventional cipher (normally IDEA, Blowfish, or triple-DES) for
    encrypting the session.  Encryption is started before
    authentication, and no passwords or other information is
    transmitted in the clear.  Encryption is also used to protect
    against spoofed packets.

 o  Secure X11 sessions.  The program automatically sets DISPLAY on
    the server machine, and forwards any X11 connections over the
    secure channel.  Fake Xauthority information is automatically
    generated and forwarded to the remote machine; the local client
    automatically examines incoming X11 connections and replaces the
    fake authorization data with the real data (never telling the 
    remote machine the real information).

 o  Arbitrary TCP/IP ports can be redirected through the encrypted channel
    in both directions (e.g., for e-cash transactions).

 o  Complete replacement for rlogin, rsh, and rcp.


WHY TO USE SECURE SHELL

Currently, almost all communications in computer networks are done
without encryption.  As a consequence, anyone who has access to any
machine connected to the network can listen in on any communication.
This is being done by hackers, curious administrators, employers,
criminals, industrial spies, and governments.  Some networks leak off
enough electromagnetic radiation that data may be captured even from a
distance.

When you log in, your password goes in the network in plain
text.  Thus, any listener can then use your account to do any evil he
likes.  Many incidents have been encountered worldwide where crackers
have started programs on workstations without the owners knowledge
just to listen to the network and collect passwords.  Programs for
doing this are available on the Internet, or can be built by a
competent programmer in a few hours.


X11 CONNECTION FORWARDING
==========================

X11 forwarding serves two purposes: it is a convenience to the user
because there is no need to set the DISPLAY variable, and it provides
encrypted X11 connections.  I cannot think of any other easy way to
make X11 connections encrypted; modifying the X server, clients or
libraries would require special work for each machine, vendor and
application.  Widely used IP-level encryption does not seem likely for
several years.  Thus what we have left is faking an X server on the
same machine where the clients are run, and forwarding the connections
to a real X server over the secure channel.

The recommended way to start a shell in a remote machine is

 #  xterm -e ssh host &

and the recommended way to execute an X11 application in a remote
machine is

 # ssh -n host emacs &

If you need to type a password/passphrase for the remote machine,

 # ssh -f host emacs

may be useful.



ABOUT THE AUTHOR

This software was originally written by Tatu Ylonen <ylo@cs.hut.fi> in
Finland.  It is now being maintained by SSH Communications Security
(http://www.ssh.fi) and Data Fellows (http://www.datafellows.com).

Copyright (c) 1996,1997,1998 SSH Communications Security, Espoo, Finland.


Traditional Remote Shell:  rsh (the client) and in.rshd (the daemon)
--------------------------------------------------------------------

Usage:
		# rsh [ -l username] hostname [command]

rsh execute "command" on the host "hostname"

in.rshd is the daemon. It is enabled if you enable the setup/inetd.
If you enable it, users can connect to your machine using "rsh" on
the remote side.





