VShell Server for UNIX

man pages


Section: User Commands (1)
Updated: Version 7.0



vsh - VanDyke Software command-line utility.  


vsh [options] [user@[domain@]]host[:port]  


vsh is a command program for logging onto a remote machine using the Secure Shell protocol. Like rsh , vsh can be used to execute commands on a remote system. But unlike rsh , vsh provides secure encrypted communications over a nonsecure network. In addition, TCP/IP services such as SMTP, POP, and X11 can be forwarded over the secure connection.  


Command-line options are shown below.

Instructs vsh to automatically accept host keys.
   Note: This option should be used with caution. 
   If a host key has changed, it will invalidate 
   the ability to detect a man-in-the-middle 
--auth authentication list

The authentication methods to be used in a comma separated list. Valid methods are keyboard-interactive, publickey, password, and gssapi.

Supports automatically reconnecting after being disconnected from the server.
-c cipher

Specifies the cipher that the SSH2 server will use. Protocol strings or display strings are permitted.
-e character or none

Sets the escape character, which takes you out of VSH without disconnecting, to the specified character (e.g., "~") or "none" (which disables escape handling). See the Escape Sequences section below for more information.

Displays usage.
--http-proxy hostname[:port]

Specifies the http proxy to be used during connection.
-i file

Specifies the identity file to use for public-key authentication or a PKCS#12 file to use for X.509 authentication. If no file is specified, vsh will attempt to use all public keys in the $HOME/.vshell/publickey directory.
--kex KEX

Specifies which key exchange algorithm to use. Valid algorithms are diffie-hellman, diffie-hellman-group, Kerberos, and any OID (in dotted number format) supported by the GSSAPI provider.
-l username

Specifies the remote username.
--local [localip:]localport:remotehost:remoteport

Specifies the port forward for the connection.
--log file

Specifies the file where vsh will log all output, in addition to sending it to the console. If the file does not exist, vsh will create it; or, if the file does exist, vsh will append the output to it. If used in combination with the -v (verbose) option, the extra verbose output will also be logged.
-m MAC

Specifies the MAC that the SSH2 server will use.

Fails if prompted for user input.

Causes vsh not to allocate a tty. By default, vsh requests a tty if no command is specified on the command line.

Causes vsh not to request a shell; this is useful if the remote system doesn't allow shell access but does allow port forwarding.
-p port

Specifies the port to be used during connection.
--passphrase passphrase

Specifies the passphrase for your private key.

Causes vsh to allocate a tty even if a command is given. By default, vsh does not request a tty if a command is specified on the command line.
--pw password

Specifies your user password.

Quiets (suppresses) screen output.
--remote [remote-listen-addr:]remote-listen-port:dest-addr:dest-port

The reverse port forward for the connection.
--socks4 server[:port]

Specifies the Socks version 4 server to be used during connection.
--socks5 server[:port]

Specifies the Socks version 5 server to be used during connection
--spn hostname

Allows you to manually specify the SPN (Server Principal Name). The SPN is almost always of the form host@<server canonical name>. An example of a valid string is "host@mail.mydomain.com". If the server is in a different Kerberos realm, the realm name may need to be appended (e.g., host@mail.mydomain.com@KRBS.MYDOMAIN.COM.
--subsystem name

Starts named SSH subsystem when connection is established.

Displays verbose connection debug information.

Disables x11 forwarding.
-z n

The compression level (0-9). By default, the compression level is set to 5. Setting the level to 0 turns off compression. When compression is on, vsh attempts to use zlib@openssh.com, zlib, and no compression, in that order, when making a connection.


vsh supports a number of functions by using escape characters. A single tilde character can be sent entering the sequence ~~ or by following a tilde with a character other than those described below. The escape sequence must always follow a newline. The following escape sequences are supported by vsh :
     ~~   Send a ~
     ~.   Disconnect
     ~^Z  Put UNIX versions of VSH into the background 
          (this command will not work under VSH running 
          on Windows) 
     ~?   Display a list of escape characters
     ~R   Request re-keying of the connection (only useful
          for SSH protocol version 2, and only if the peer
          supports it)
     ~#   List open channels   


The following are the locations of data files.
Host key files
The directory of these files is the same directory as the public key directory, which can be specified in the vshelld_config file. By default, the location is $HOME/.vshell/known_hosts.
Public key files
The directory of these files is specified in the vshelld_config file. By default, the location is $HOME/.vshell/publickey. Note: To find an acceptable public key match, vshelld (VShell(R) server for UNIX) will only look at files in the public key directory that end in .pub or that are named "authorized_keys". vshelld will not check those files with names that begin with a period (.). For example, file.pub would be checked to see if it contains a valid key, where as, .x.pub would not.


vcp(1), vkeygen(1), vpka(1), vsftp(1), vshelld(8), vshelld_config(5)



Copyright (C) 1995 - VanDyke Software, Inc.

VanDyke Software and VShell are trademarks of VanDyke Software, Inc. All other products and services mentioned are trademarks or registered trademarks of their respective companies.




VanDyke Software uses cookies to give you the best online experience. Before continuing to use this site, please confirm that you agree to our use of cookies. Please see our Cookie Usage for details.