The following message is a courtesy copy of an article that has been posted as well. This is the first public release of LSH, a GPL:ed implementation of version 2 of the Secure Shell protocols. Both a server and a client is included. LSH-0.1 supports the basic operations, such as key exchange, encryption, compression, password authentication, and spawning of a remote shell (including a pty). A lot of things are still missing. In particular, the randomness generator is lousy (except possibly on systems with a good /dev/random), and there's no hostkey database, leaving it open to Man-in-the-middle attacks. So you don't want to replace ssh with LSH quite yet. You can get the source from ftp://ftp.lysator.liu.se/pub/security/lsh/lsh-0.1.tar.gz http://www.lysator.liu.se/~nisse/archive/lsh-0.1.tar.gz There's a mailing list for discussions about LSH and other free ssh implementations, see <URL: http://www.net.lut.ac.uk/psst/> for details. If you would like to contribute, mail me or the list. If you would like to help funding the development of LSH, please contact me. Happy hacking, /Niels M�ller
