1 | =================
|
---|
2 | = RELEASE NOTES =
|
---|
3 | =================
|
---|
4 |
|
---|
5 | MindTerm, release 0.97 - Jan 10, 1999
|
---|
6 |
|
---|
7 | MindTerm is an entirely FREE(*) SSH (currently v1.5) client program
|
---|
8 | written in 100% pure Java (non-certified). It can be run as a standalone
|
---|
9 | program or as an applet in a webpage. It is more than yet another ssh-
|
---|
10 | client, apart from beeing multi-platform/web-enabled, it's also a full
|
---|
11 | set of packages enabling people to make their own ssh-client and/or
|
---|
12 | "ssh-aware" java-applications/applets (e.g. special/proprietary proxies,
|
---|
13 | ssh-aware applications/applets "speaking" to proprietary daemons behind
|
---|
14 | firewall, tunneling-only-client etc). It has one other notable feature
|
---|
15 | setting it apart from some other clients, a special ftp-tunnel which works
|
---|
16 | with "ordinary" ftpd's "behind" the sshd.
|
---|
17 |
|
---|
18 | (*) Licensed under Gnu's General Public License (GPL), see the file
|
---|
19 | COPYING or go to <http://www.gnu.org/copyleft/gpl.html>
|
---|
20 |
|
---|
21 | New in this release (applet now more usable otherwise mainly terminal-enhancemnents):
|
---|
22 | o New copyright-policy (again :-). Now the code is GPL.
|
---|
23 | o Now uses random generator and MD5 hash from Logi Ragnarsson's (GPL'd) cryptonite
|
---|
24 | (<http://www.hi.is/~logir/cryptonite/>, it's excelent check it out!) which
|
---|
25 | makes the applet runnable from 'most' (at last :-) browsers
|
---|
26 | (e.g. <many-OS's>/Netscape4.x, <many-OS's>/java-plugin, win32/IE4)
|
---|
27 | o Added support for selecting terminal-emulation (with 'set term
|
---|
28 | <term-type>' in local command-shell, NOTE: the TERM env. variable is only
|
---|
29 | set at initial login)
|
---|
30 | o Added several terminal-types (xterm-color/xterm/linux/scoansi etc.), only
|
---|
31 | xterm/xterm-color tested more thoroughly, the rest is tested very briefly
|
---|
32 | o Colors work (in terminals supporting colors)
|
---|
33 | o Line-draw characters work (in terminals supporting it)
|
---|
34 | o Mouse works (only xterm/xterm-color)
|
---|
35 | o Function keys now work, sending respective terminal's esc-seq.
|
---|
36 | o PgUP, PgDN, Home and End keys can be used either "locally" for controlling the
|
---|
37 | scroll-back buffer OR they can be set to send proper escape-sequences
|
---|
38 | (use 'set lp <true|false>' in local command-shell)
|
---|
39 | o Fixed bug: Keyboard focus is lost when iconified in WinDOS (95/98/NT)
|
---|
40 | (NOTE: this bugfix is quite strange, I don't understand this fully)
|
---|
41 | o Fixed bug: Keyboard focus never acquired when run as applet with plugin when
|
---|
42 | NOT run in a separate frame
|
---|
43 |
|
---|
44 | KNOWN BUGS:
|
---|
45 | o The fix for keyboard-focus when deiconified introduces an oddity when MindTerm
|
---|
46 | is used as an applet (<param name=sepframe value="false">) where it snatches focus
|
---|
47 | from the browser itself! :-). I will look into the whole thing...
|
---|
48 | o Keyboard focus seems still to be an issue when running as an applet inside
|
---|
49 | the applet's own Frame when using the java-plugin (I'm bewildered, I definately need
|
---|
50 | some more awt-studying...).
|
---|
51 | o One or two people have reported ArrayIndexOutOfBoundsException when
|
---|
52 | typing <backspace>, I can not reproduce this, nor can I understand how
|
---|
53 | this can happen :-(, please report if you experince/find this.
|
---|
54 | o Linux line-draw characters doesn't work when normal line-draw characters have
|
---|
55 | been displayed?! (i.e. first use xterm then logout, switch term to linux and
|
---|
56 | reconnect, now we are misinterpreting them??)
|
---|
57 | o Linux line-draw characters doesn't work when doing debug messages in
|
---|
58 | terminal-interpreter)?!? (DEBUG is true in TerminalXTerm.java).
|
---|
59 | This is a ghost, alternatively I'm too tired... Could this be related to the above? :-)
|
---|
60 | o Sometimes things seems to lock up (e.g. 1 minutes delay between 'login:'
|
---|
61 | and 'password:'). I can't seem to find any explanation, a guess is that
|
---|
62 | certain JIT's do something funny when for example compiling the DES.class file??.
|
---|
63 | Try running with -nojit to see if it helps.
|
---|
64 |
|
---|
65 | TODO-LIST (in no particular order):
|
---|
66 | o Property-files (on a per server basis) to be able to store
|
---|
67 | parameters (e.g. server-host-keys, identity-file, port-number
|
---|
68 | etc.). Also the terminal-settings will be saved between sessions
|
---|
69 | o SSH2 support (of course :-) (not for long...)
|
---|
70 | o Clean TermainlWin.update() a bit (maybe remove ATTR_BG/ATTR_FG and instead allways
|
---|
71 | use them)
|
---|
72 | o Optimize some, e.g. lot's can be done final...
|
---|
73 | o Better key-mapping support (this is not easy given the KeyEvent in java...)
|
---|
74 | o Ansi IRM (insert mode) in terminal (TerminalWin.setInsertMode())
|
---|
75 | o Telnet (maybe "Kerbified" and/or "SSLified" aswell)
|
---|
76 | o Make the plugins more usable (clean/effective), maybe add some other proxy-service?
|
---|
77 | (suggestions welcome!)
|
---|
78 | o Priority/mtu on a per tunnel basis (i.e. make some tunnels "more
|
---|
79 | responsive" than others)
|
---|
80 | o Lot's of error-handling and general clean-up
|
---|
81 | o A GUI with a menubar and such, can be useful :-)
|
---|
82 | o Check all terminal modes to work correctly... (it is still quite untested)
|
---|
83 | o Scaling font in terminal instead of changing rows/cols when resizing terminal
|
---|
84 | o Documentation...
|
---|
85 | o et.c. et.c.
|
---|
86 |
|
---|
87 | =================
|
---|
88 |
|
---|
89 | MindTerm has been tested with jdk1.1.6(v5), jdk1.1.5 on Linux (with
|
---|
90 | 2.0.x kernels), on Windows NT4 and Windows-95/98 also with
|
---|
91 | jdk1.1.7A/jdk1.2. As an applet also with Linux/Netscape-4.07,
|
---|
92 | Win32/Netscape-4.5, Win32/IE4.01, win32/java-plugin-1.2. All tests
|
---|
93 | were against sshd versions 1.2.17, 1.2.21, 1.2.25 and 1.2.26. Your
|
---|
94 | milage with other platforms/versions may vary. Please read this entire
|
---|
95 | text before starting to use MindTerm.
|
---|
96 |
|
---|
97 | All comments and bug-reports should be sent to:
|
---|
98 | <[email protected]>
|
---|
99 |
|
---|
100 | Information about this program and its source code can be found at:
|
---|
101 | <http://www.mindbright.se/mindterm/>
|
---|
102 |
|
---|
103 | Features list:
|
---|
104 | o Password and RSA/rhosts-RSA authentication
|
---|
105 | o 3DES/DES, Blowfish and RC4 block-ciphers
|
---|
106 | o Standard SSH port-forwarding (including X11-forwarding)
|
---|
107 | o Special FTP port-forwarding (see FTP-NOTE below)
|
---|
108 | o Plugin-architecture for adding other (than FTP)
|
---|
109 | protocol-specific "proxies"
|
---|
110 | o Full vt102 support, also supports full xterm/xterm-color (with
|
---|
111 | mouse) and some other terminals
|
---|
112 | o "applet-enabled", the class mindbright.applet.MindTerm can be used to run MindTerm
|
---|
113 | as an applet (both in a separate Frame or in the Applet-Panel itself)
|
---|
114 | o Copy/paste with mouse selection ('copy-on-select' and insert-key pastes)
|
---|
115 | o Cursor-keys (with DECCKM toggle)
|
---|
116 | o PgUP, PgDN, Home and End keys can be used either "locally" for controlling the
|
---|
117 | scroll-back buffer OR they can be set to send proper escape-sequences
|
---|
118 | o NonGUI mode, i.e. run at command-line without opening a
|
---|
119 | terminal-window
|
---|
120 | o MTU option (to be able to controll maximum packet size)
|
---|
121 | o The ssh package can be used quite easily by itself to "SSH-enable"
|
---|
122 | an arbitrary java-application
|
---|
123 | o The terminal and security packages can (of course) also be used by itself
|
---|
124 | o Cross-platform (it's java :-)
|
---|
125 |
|
---|
126 | FTP-NOTE: The FTP port-forwarding is done entirely in the client, no
|
---|
127 | patching of the sshd is needed. The FTP port-forwarding is only
|
---|
128 | supported for local-port-forward, i.e. you can connect to a remote
|
---|
129 | FTP-server through the tunnel. It works "100% transparent" with
|
---|
130 | "modern" ftp-clients that use the PASV ftp-command (e.g. Netscape
|
---|
131 | navigator). Older (and not so smart) clients that still use the PORT
|
---|
132 | command are in trouble, since the remote-port-forwards only can be
|
---|
133 | initialized at startup (i.e. before the sshd goes into its
|
---|
134 | server-loop) the best we can do is to pre-allocate the remote-port at
|
---|
135 | startup and reuse it through-out an FTP session. The problem with this
|
---|
136 | is of course the ftpd's way of using the ftp-data port for connecting
|
---|
137 | back to the client hence rendering our remote-ports unusable by the
|
---|
138 | ftpd's ftp-data-port for about a minute after disconnect (i.e. when
|
---|
139 | the tcp-socket is in state TIME_WAIT). This is partly worked around by
|
---|
140 | pre-allocating a number of ports on the remote end using them in a
|
---|
141 | round-robin fashion enabling us to do some PORT-commands in a row, if
|
---|
142 | however we do too many in about a minutes time we're out of available
|
---|
143 | connections back to ourselves making the ftp-server angry :-). This
|
---|
144 | could of course easily be solved by patching the sshd but that might
|
---|
145 | not be feasible in all situations.
|
---|
146 |
|
---|
147 |
|
---|
148 | INSTALLATION:
|
---|
149 |
|
---|
150 | In order to use this program you need the java-runtime (jdk or jre)
|
---|
151 | from Javasoft or any other party providing a port for your
|
---|
152 | platform. It should work with any 1.1.x or 1.2 jdk/jre (it also works
|
---|
153 | with Netscape's and Microsofs's browser-supplied java-runtimes).
|
---|
154 | Please read the installation notes for your respective platform before
|
---|
155 | trying to run MindTerm.
|
---|
156 |
|
---|
157 | Examples of where the java-runtime can be found:
|
---|
158 |
|
---|
159 | Linux:
|
---|
160 | http://www.blackdown.org/java-linux.html
|
---|
161 |
|
---|
162 | Win32 and Solaris:
|
---|
163 | http://www.javasoft.com/products/
|
---|
164 |
|
---|
165 | When you have installed the java-runtime and made yourself familiar
|
---|
166 | with how to use it you are ready to run the MindTerm. The
|
---|
167 | commandline-options of MindTerm are somewhat similar to those of the
|
---|
168 | free ssh-client for unix. When run with option '-?' MindTerm says:
|
---|
169 |
|
---|
170 | usage: MindTerm [options] [<server> [<command>]]
|
---|
171 | Options:
|
---|
172 | -l user Log in using this user name.
|
---|
173 | -d No terminal-window, only dumb command-line and port-forwarding.
|
---|
174 | -i file Name of the RSA identity file (default: ~/.ssh/identity).
|
---|
175 | -v Verbose; display verbose debugging messages.
|
---|
176 | -V Display version number only.
|
---|
177 | -a authtype Select authentication type: ``passwd'', ``rsa'', ``rhostsrsa''
|
---|
178 | -c cipher Select encryption algorithm: ``blowfish'', ``3des'', ``des''...
|
---|
179 | -p port Connect to this port. Server must be on the same port.
|
---|
180 | -L [/plugin/]listen-port:host:port Forward local port to remote address.
|
---|
181 | -R [/plugin/]listen-port:host:port Forward remote port to local address.
|
---|
182 | Thank you for using MindTerm...
|
---|
183 |
|
---|
184 | Note that you don't have to give any command-line options in order to run
|
---|
185 | MindTerm, all settings can be changed from a simple command-shell
|
---|
186 | inside the program (see below).
|
---|
187 |
|
---|
188 | The program can be run with a command something like the following:
|
---|
189 |
|
---|
190 | java -classpath <libpath>/classes.zip:<mindpath>/mindbright.jar mindbright.application.MindTerm
|
---|
191 |
|
---|
192 | where:
|
---|
193 |
|
---|
194 | <libpath> is wherever your java-runtime libraries resides. Note that if you use
|
---|
195 | a CLASSPATH environment variable you might use that instead and just add
|
---|
196 | the mindbright.jar to it like:
|
---|
197 | CLASSPATH = CLASSPATH:/usr/local/myjavaapps/mindbright.jar
|
---|
198 |
|
---|
199 | <mindpath> is wherever you put the mindbright.jar file.
|
---|
200 |
|
---|
201 | In the case where you have added the file TO the class-path (i.e. not put
|
---|
202 | the file IN a directory in the class-path). The command would of course just be:
|
---|
203 |
|
---|
204 | java mindbright.application.MindTerm
|
---|
205 |
|
---|
206 | Note that when using Windows NT/95 you use ';' instead of ':' in the path, but you knew that.
|
---|
207 |
|
---|
208 |
|
---|
209 | 'STANDALONE' USAGE:
|
---|
210 |
|
---|
211 | When the program is started it does some initialisation, this can take
|
---|
212 | several seconds depending on the speed of your machine. When the
|
---|
213 | copyright notice has been printed you are prompted for the SSH-server
|
---|
214 | to connect to, this looks like:
|
---|
215 |
|
---|
216 | Copyright (c) 1998,99 by Mindbright Technology AB, Stockholm, Sweden
|
---|
217 | Initializing random generator, please wait...done
|
---|
218 |
|
---|
219 | (press ^D before logging in to enter local command-shell)
|
---|
220 |
|
---|
221 | SSH-server: wintermute
|
---|
222 |
|
---|
223 | To enter the local command-shell you press ctrl-D at the prompt
|
---|
224 | (i.e. before having logged in). If running in "dumb" mode you might
|
---|
225 | have to press ENTER after pressing ctrl-D. Like:
|
---|
226 |
|
---|
227 | ...entering local command-shell (type 'h' for help).
|
---|
228 |
|
---|
229 | mindterm>
|
---|
230 |
|
---|
231 | **When typing help (or just h) at the prompt in the local command-shell:
|
---|
232 |
|
---|
233 | The following commands are available:
|
---|
234 |
|
---|
235 | go Start SSH-session with current settings.
|
---|
236 | quit Quit program.
|
---|
237 | add <l|r> [/<plug>/]<port>:<host>:<port> (see below).
|
---|
238 | del <l|r> <listen-port>|* Delete local/remote forward (* = all).
|
---|
239 | list Lists current parameters and forwards.
|
---|
240 | set [<parameter> <value>] Set value of a parameter.
|
---|
241 | help Display this list, but you knew that :-).
|
---|
242 |
|
---|
243 | (do 'set' without arguments to list parameter-usage)
|
---|
244 |
|
---|
245 | Examples of adding a remote/local tunnel:
|
---|
246 | > add r 4711:www.foo.com:80 Adds a remote tunnel at port 4711 back to
|
---|
247 | www.foo.com port 80 without a plugin,
|
---|
248 | i.e. default tunneling behaviour.
|
---|
249 | > add l /ftp/4711:ftp.bar.com:21 Adds a local tunnel going to ftp.bar.com
|
---|
250 | port 21 using the ftp protocol-plugin to
|
---|
251 | handle protocol specific needs.
|
---|
252 |
|
---|
253 | NOTE: The first character of the command can be used instead of the full word.
|
---|
254 | NOTE2: Sometimes ftp-forward to localhost/127.0.0.1 fails, use hostname instead.
|
---|
255 |
|
---|
256 | **When typing set (or just s) by itself at the prompt in the local command-shell:
|
---|
257 |
|
---|
258 | Do 'set <parameter> <value>' where parameter is one of the following:
|
---|
259 | server : name of server to connect to
|
---|
260 | port : port on server to connect to
|
---|
261 | username : username to login as
|
---|
262 | cipher : name of block cipher to use
|
---|
263 | authtype : method of authentication
|
---|
264 | sshdir : home-directory of ssh-config
|
---|
265 | id-file : name of file containing identity (rsa-keys)
|
---|
266 | x11-fwd : indicates whether X11 display is forwarded or not
|
---|
267 | display : display definition (i.e. <host>:<screen>)
|
---|
268 | mtu : maximum packet size to use (0 means use default)
|
---|
269 | privport : indicates whether to use a privileged port or not (locally)
|
---|
270 | escseq : sequence of characters to type to enter local command-shell
|
---|
271 | term : type of terminal to emulate
|
---|
272 | lp : use PgUp, PgDn, Home, End keys local or escape them to shell
|
---|
273 | fn : name of font to use in terminal
|
---|
274 | fs : size of font to use in terminal
|
---|
275 | sl : number of lines to save in "scrollback" buffer
|
---|
276 | sb : scrollbar position (or 'none' for no scrollbar)
|
---|
277 | rv : set/unset reverse video
|
---|
278 | aw : do autowrap of line if output reaches edge of screen
|
---|
279 | si : reposition scroll-area to bottom on output to screen
|
---|
280 | sk : reposition scroll-area to bottom on keyboard input
|
---|
281 | sc : put <CR><NL> instead of <NL> at end of lines when selecting
|
---|
282 | (For possible parameter-values use 'list')
|
---|
283 |
|
---|
284 | **When typing list (or just l) at the prompt in the local command-shell:
|
---|
285 |
|
---|
286 | SSH settings:
|
---|
287 | server : null
|
---|
288 | port : 22
|
---|
289 | username : Administrator
|
---|
290 | cipher : 3des ( none des 3des rc4 blowfish )
|
---|
291 | authtype : passwd ( rhosts rsa passwd rhostsrsa tis kerberos kerbtgt )
|
---|
292 | sshdir : C:\WINNT\Profiles\Administrator\.ssh\
|
---|
293 | id-file : identity
|
---|
294 | x11-fwd : false (true/false)
|
---|
295 | display : localhost:0
|
---|
296 | mtu : <default> (4096 - 256k)
|
---|
297 | privport : false (true/false)
|
---|
298 | escseq : '~$'
|
---|
299 |
|
---|
300 | local tunnels:
|
---|
301 | <none>
|
---|
302 | remote tunnels:
|
---|
303 | <none>
|
---|
304 |
|
---|
305 | Terminal settings (use 'set' to change):
|
---|
306 | terminal type (term) : xterm-color ( xterm linux scoansi att6386 sun
|
---|
307 | vt220 vt100 ansi vt52 xterm-color linux-lat at386 vt102 )
|
---|
308 | local pagectrl-keys (lp) : false (true/false)
|
---|
309 | terminal font (fn) : Courier (Dialog, SansSerif, Serif, Monospaced,
|
---|
310 | DialogInput)
|
---|
311 | terminal font size (fs) : 12 (system dep.)
|
---|
312 | save lines (sl) : 1024 (0 - 32k)
|
---|
313 | scroll bar (sb) : right (none/left/right)
|
---|
314 | reverse video (rv) : false (true/false)
|
---|
315 | auto wrap (aw) : true (true/false)
|
---|
316 | scroll to end on output (si) : true (true/false)
|
---|
317 | scroll to end on key (sk) : true (true/false)
|
---|
318 | copy <CR><NL> instead of <NL> (sc) : false (true/false)
|
---|
319 | (parameter names and permitted values in parentheses)
|
---|
320 |
|
---|
321 |
|
---|
322 | 'APPLET' USAGE:
|
---|
323 |
|
---|
324 | See page <http://www.mindbright.se/sshlogin.html
|
---|
325 |
|
---|
326 |
|
---|
327 | ABOUT THE AUTHOR
|
---|
328 | This software is written and maintained by Mats Andersson
|
---|
329 | <[email protected]> of Mindbright Technology in Sweden.
|
---|