is a command program for logging onto a remote machine using the Secure Shell protocol. Like
can be used to execute commands on a remote system. But unlike
provides secure encrypted communications over a nonsecure network. In addition, TCP/IP services such as SMTP, POP, and X11 can be forwarded over the secure connection.
Command-line options are shown below.
to automatically accept host keys.
Note: This option should be used with caution.
If a host key has changed, it will invalidate
the ability to detect a man-in-the-middle
--auth authentication list
The authentication methods to be used in a comma separated list. Valid methods are keyboard-interactive, publickey, password, and gssapi.
Supports automatically reconnecting after being disconnected from the server.
Specifies the cipher that the SSH2 server will use. Protocol strings or display strings are permitted.
-e character or none
Sets the escape character, which takes you out of VSH without disconnecting, to the specified character (e.g., "~") or "none" (which disables escape handling). See the Escape Sequences section below for more information.
Specifies the http proxy to be used during connection.
Specifies the identity file to use for public-key authentication or a PKCS#12 file to use for X.509 authentication. If no file is specified,
will attempt to use all public keys in the $HOME/.vshell/publickey directory.
Specifies which key exchange algorithm to use. Valid algorithms are diffie-hellman, diffie-hellman-group, Kerberos, and any OID (in dotted number format) supported by the GSSAPI provider.
Specifies the remote username.
Specifies the port forward for the connection.
Specifies the file where
will log all output, in addition to sending it to the console. If the file does not exist,
will create it; or, if the file does exist,
will append the output to it. If used in combination with the -v (verbose) option, the extra verbose output will also be logged.
Specifies the MAC that the SSH2 server will use.
Fails if prompted for user input.
not to allocate a tty. By default,
requests a tty if no command is specified on the command line.
not to request a shell; this is useful if the remote system
doesn't allow shell access but does allow port forwarding.
Specifies the port to be used during connection.
Specifies the passphrase for your private key.
to allocate a tty even if a command is given. By default,
does not request a tty if a command is specified on the command line.
Specifies the Socks version 4 server to be used during connection.
Specifies the Socks version 5 server to be used during connection
Allows you to manually specify the SPN (Server Principal Name). The SPN is almost always of the form host@<server canonical name>. An example of a valid string is "firstname.lastname@example.org". If the server is in a different Kerberos realm, the realm name may need to be appended (e.g., email@example.com@KRBS.MYDOMAIN.COM.
Starts named SSH subsystem when connection is established.
Displays verbose connection debug information.
Disables x11 forwarding.
The compression level (0-9). By default, the compression level is set to 5. Setting the level to 0 turns off compression. When compression is on,
attempts to use firstname.lastname@example.org, zlib, and no compression, in that order, when making a connection.
supports a number of functions by using escape characters. A single tilde character can be sent entering the sequence ~~ or by following a tilde with a character other than those described below. The escape sequence must always follow a newline.
The following escape sequences are supported by
~~ Send a ~
~^Z Put UNIX versions of VSH into the background
(this command will not work under VSH running
~? Display a list of escape characters
~R Request re-keying of the connection (only useful
for SSH protocol version 2, and only if the peer
~# List open channels
The following are the locations of data files.
Host key files
The directory of these files is the same directory as the public key directory, which can be specified in the
file. By default, the location is $HOME/.vshell/known_hosts.
Public key files
The directory of these files is specified in the
file. By default, the location is $HOME/.vshell/publickey.
Note: To find an acceptable public key match,
(VShell(R) server for UNIX) will only look at files in the public key directory that end in .pub or that are named "authorized_keys".
will not check those files with names that begin with a period (.). For example, file.pub would be checked to see if it contains a valid key, where as, .x.pub would not.