Go to the first, previous, next, last section, table of contents.

Copyright (C) 1999 Per Cederqvist

Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies.

Permission is granted to copy and distribute modified versions of this manual under the conditions for verbatim copying, provided also that the sections entitled "Copying" and "GNU General Public License" are included exactly as in the original, and provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this manual into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the Free Software Foundation.

Introduction to fsh

Remote command execution via a cryptographically strong method such as lsh or ssh is often painfully slow. The biggest problem is that the client and the server perform a lot of complex calculations during connection establishment.

fsh uses lsh or ssh to establish a secure tunnel to the remote system. This takes as long as a normal connection establishment, but once the tunnel is established, fsh can reuse it to start new sessions on the remote system almost instantaneously. You get the security of ssh and the speed of rsh.

There are three programs at work. fshd establish a tunnel to the remote system. It can use lsh, ssh or even rsh to establish it. It will start in.fshd on the remote system. You can start fshd manually, or allow fsh to do it automatically on an as-needed basis.

in.fshd receives commands such as "create a new session running the command gcc foo.c, and call it session 3" or "send the following data to standard input of session 5" via the tunnel. You would normally not interact directly with in.fshd.

fsh is a drop-in replacement for rsh. It connects to the local fshd using a unix domain socket that is protected so that only the users that started fshd can connect to it. It uses fshd to forward a request to in.fshd, which will in turn start the requested program.

Go to the first, previous, next, last section, table of contents.