1 | ==========
|
---|
2 | = README =
|
---|
3 | ==========
|
---|
4 |
|
---|
5 | MindTerm is an entirely FREE(*) SSH (currently v1.5) client program
|
---|
6 | written in 100% pure Java (non-certified). It can be run as a standalone
|
---|
7 | program or as an applet in a webpage. It is more than yet another ssh-
|
---|
8 | client, apart from beeing multi-platform/web-enabled, it's also a full
|
---|
9 | set of packages enabling people to make their own ssh-client and/or
|
---|
10 | "ssh-aware" java-applications/applets (e.g. special/proprietary proxies,
|
---|
11 | ssh-aware applications/applets "speaking" to proprietary daemons behind
|
---|
12 | firewall, tunneling-only-client etc). It has one other notable feature
|
---|
13 | setting it apart from some other clients, a special ftp-tunnel which works
|
---|
14 | with "ordinary" ftpd's "behind" the sshd.
|
---|
15 |
|
---|
16 | (*) Licensed under Gnu's General Public License (GPL), see the file
|
---|
17 | COPYING or go to <http://www.gnu.org/copyleft/gpl.html>
|
---|
18 |
|
---|
19 | =================
|
---|
20 |
|
---|
21 | NOTE: MindTerm contains code implementing the RSA algorithm which is
|
---|
22 | patented and subject to licensing in certain countries (e.g. U.S. and
|
---|
23 | Canada). It is therefore illegal to use MindTerm (even non-commercially)
|
---|
24 | without proper licensing from RSA in these countries.
|
---|
25 |
|
---|
26 | However, if there is any interest I can write wrapper-code in java to
|
---|
27 | be able to use the rsa-ref code (i.e. through 'native' binding in
|
---|
28 | java). This will of course only work with the standalone version
|
---|
29 | (i.e. the applet can't be used). Please contact me if you are
|
---|
30 | interested in this. Also, if anybody knows of an existing java-wrapper
|
---|
31 | around the rsa-ref code please let me know. See <a href="ftp://ftp.rsa.com/rsar\
|
---|
32 | ef/README">here</a> for the rsa-ref
|
---|
33 | README (only for U.S. or Canadian citizens).
|
---|
34 |
|
---|
35 | =================
|
---|
36 |
|
---|
37 |
|
---|
38 |
|
---|
39 | 1.INSTALLATION:
|
---|
40 |
|
---|
41 | To use as an applet please download file 'mindtermapplet.zip' or
|
---|
42 | compile the source-files (optionally bundling them into a
|
---|
43 | jar-file). Assuming you have the jar-file (mindbright.jar) you must
|
---|
44 | write an html-page as in the example in APPLET USAGE below. The applet
|
---|
45 | can be given permissions to function more as a "real" ssh-client
|
---|
46 | (i.e. be able to do tunneling and connect to an arbitrary
|
---|
47 | server). This functionality depends on your browser.
|
---|
48 |
|
---|
49 | In a future version of Mindterm the jar-file may be signed using an
|
---|
50 | official certificate in which case it can request extra permissions in
|
---|
51 | for example the Netscape browser to be able to connect "freely" and also
|
---|
52 | utilize the system-clipboard.
|
---|
53 |
|
---|
54 | In order to use this program as a standalone client please download
|
---|
55 | the file 'mindtermapplication.zip' or compile the source-files. You
|
---|
56 | also need the java-runtime (jdk or jre) from Javasoft or any other
|
---|
57 | party providing a port for your platform. It should work with any
|
---|
58 | 1.1.x or 1.2 jdk/jre (it also works with Netscape's and Microsofs's
|
---|
59 | browser-supplied java-runtimes). Please read the installation notes
|
---|
60 | for your respective platform before trying to run MindTerm (also read
|
---|
61 | about running java-programs with the runtime including running
|
---|
62 | programs residing in a jar-file).
|
---|
63 |
|
---|
64 | Examples of where the java-runtime can be found:
|
---|
65 |
|
---|
66 | Win32 and Solaris:
|
---|
67 | http://www.javasoft.com/products/
|
---|
68 | Linux:
|
---|
69 | http://www.blackdown.org/java-linux.html
|
---|
70 |
|
---|
71 | MindTerm has been tested with jdk1.1.6(v5), jdk1.1.5 on Linux (with
|
---|
72 | 2.0.x kernels). In linux with jdk1.1.7v1a, there seems to be something
|
---|
73 | wrong with the awt-stuff building the dialogs :-(. On Windows NT4 and
|
---|
74 | Windows-95/98 it is also tested with jdk1.1.7A/jdk1.2. As an applet
|
---|
75 | also with Linux/Netscape-4.07, Win32/Netscape-4.5, Win32/IE4.01,
|
---|
76 | win32/java-plugin-1.2. All tests were against sshd versions 1.2.17,
|
---|
77 | 1.2.21, 1.2.25 and 1.2.26. Your milage with other platforms/versions
|
---|
78 | may vary. Please read this entire text before starting to use
|
---|
79 | MindTerm.
|
---|
80 |
|
---|
81 |
|
---|
82 | 2.GENERAL:
|
---|
83 |
|
---|
84 | When started either as an applet or as a stand-alone program MindTerm
|
---|
85 | is fully configurable. You may supply all settable parameters (see
|
---|
86 | below) on the command-line or as applet-params. Additionally when used
|
---|
87 | as a stand-alone program you can choose to save all settings in one
|
---|
88 | single file (default-settings) OR on a per server basis, i.e. each
|
---|
89 | new sshd you connect to will have its settings in a separate file.
|
---|
90 |
|
---|
91 | SSH-parameters:
|
---|
92 | (all these can be set to values in parenthesis where applicable)
|
---|
93 | server : name of server to connect to (N/A)
|
---|
94 | port : port on server to connect to (0-65535)
|
---|
95 | usrname : username to login as (N/A)
|
---|
96 | cipher : name of block cipher to use ( none des 3des rc4 blowfish )
|
---|
97 | authtyp : method of authentication ( rhosts rsa passwd rhostsrsa tis kerberos kerbtgt )
|
---|
98 | idfile : name of file containing identity, rsa-keys (N/A)
|
---|
99 | display : display definition, i.e <host>:<screen> (N/A)
|
---|
100 | mtu : maximum packet size to use, 0 means use default (4096 - 256k or 0)
|
---|
101 | escseq : sequence of characters to type to enter local command-shell (N/A)
|
---|
102 | secrand : level of security in random-seed, for generating session-key (0-2,
|
---|
103 | 0 is lowest (default) and 2 is highest (very slow :-))
|
---|
104 | (all these can be set to either 'true' or 'false')
|
---|
105 | x11fwd : indicates whether X11 display is forwarded or not
|
---|
106 | prvport : indicates whether to use a privileged source port or not
|
---|
107 | forcpty : indicates whether to allocate a pty or not
|
---|
108 | remfwd : indicates whether we allow remote connects to local forwards
|
---|
109 | idhost : indicates whether to check hosts host-key in 'known_hosts'
|
---|
110 | portftp : indicates whether to enable ftp 'PORT' command support
|
---|
111 |
|
---|
112 | Terminal-parameters:
|
---|
113 | (all these can be set to either 'true' or 'false')
|
---|
114 | rv : reverse video
|
---|
115 | aw : autowrap of line if output reaches edge of window
|
---|
116 | rw : reverse autowrap when going off left edge of window
|
---|
117 | al : auto-linefeed
|
---|
118 | sk : reposition scroll-area to bottom on keyboard input
|
---|
119 | si : reposition scroll-area to bottom on output to screen
|
---|
120 | lp : use PgUp, PgDn, Home, End keys locally or escape them to shell
|
---|
121 | sc : put <CR><NL> instead of <NL> at end of lines when selecting
|
---|
122 | vi : visible cursor
|
---|
123 | ad : ASCII Line-draw-characters
|
---|
124 | le : do local echo
|
---|
125 | sf : scale font when resizing window (not yet implemeted)
|
---|
126 | ct : map <ctrl>+<space> to <NUL> (e.g. for 'mark set' in emacs)
|
---|
127 | (all these can be set to values in parenthesis where applicable)
|
---|
128 | te : name of terminal to emulate ( xterm linux scoansi att6386 sun vt220
|
---|
129 | vt100 ansi vt52 xterm-color linux-lat at386 vt102 )
|
---|
130 | fn : name of font to use in terminal (Dialog, SansSerif, Serif, Monospaced,
|
---|
131 | Helvetica, TimesRoman, Courier, DialogInput, ZapfDingbats)
|
---|
132 | fs : size of font to use in terminal (N/A)
|
---|
133 | sl : number of lines to save in "scrollback" buffer (0 - 32k)
|
---|
134 | sb : scrollbar position (none/left/right)
|
---|
135 | bg : background color ('#0'...'#15' or '<r>,<g>,<b>',
|
---|
136 | #<n> means "standard" terminal color <n> these are:
|
---|
137 | 0 = black
|
---|
138 | 1 = red
|
---|
139 | 2 = green
|
---|
140 | 3 = yellow
|
---|
141 | 4 = blue
|
---|
142 | 5 = magenta
|
---|
143 | 6 = cyan
|
---|
144 | 7 = white
|
---|
145 | 8 = bright black (!)
|
---|
146 | 9 = bright red
|
---|
147 | 10 = bright green
|
---|
148 | 11 = bright yellow
|
---|
149 | 12 = bright blue
|
---|
150 | 13 = bright magenta
|
---|
151 | 14 = bright cyan
|
---|
152 | 15 = bright white
|
---|
153 | alternatively rgb-values (decimal) are give e.g. 255,0,0 for red)
|
---|
154 | fg : foreground color ('#0'...'#15' or '<r>,<g>,<b>', see above)
|
---|
155 | rg : resize gravity, fixpoint of screen when resizing (southwest/northwest)
|
---|
156 | bs : character to send on BACKSPACE ('BS' or 'DEL')
|
---|
157 |
|
---|
158 | There are also special properties to set tunnels, these are:
|
---|
159 |
|
---|
160 | local0, local1, ... ,localN
|
---|
161 | remote0, remote1, ... ,remoteN
|
---|
162 |
|
---|
163 | Their syntax is as follows:
|
---|
164 |
|
---|
165 | localN : [/<plugin>/<local-port>:<remote-ip>:<remote-port>
|
---|
166 | remoteN : [/<plugin>/<remote-port>:<local-ip>:<local-port>
|
---|
167 |
|
---|
168 | They are enumerated, i.e. if you have three local-forward-definitions
|
---|
169 | they will be local0, local1 and local2. The same goes for
|
---|
170 | remoteN. These properties are used in the exact same way as all other
|
---|
171 | properties (i.e. they can either be entered on the command-line, as
|
---|
172 | applet-params or in the property-files).
|
---|
173 |
|
---|
174 | For example to set up tunnels to telnet, imap and smtp on the local
|
---|
175 | ports 4711, 4712 and 4713 to the remote side:
|
---|
176 |
|
---|
177 | java -cp mindbright.jar mindbright.application.MindTerm -server www.mindbright.se
|
---|
178 | -local0 4711:localhost:23 -local1 4712:localhost:143 -local2 4713:localhost:25
|
---|
179 |
|
---|
180 |
|
---|
181 | There is a local command shell where all settings can be viewed and/or
|
---|
182 | altered. To enter this command-shell you press ctrl-D at the prompt
|
---|
183 | (i.e. before having logged in) or you can select the 'Local command
|
---|
184 | shell' option in the 'MindTerm Main' menu. If are running in "dumb"
|
---|
185 | mode you might have to press ENTER after pressing ctrl-D.
|
---|
186 |
|
---|
187 | This is what is displayed when entering the command-shell:
|
---|
188 |
|
---|
189 | ...entering local command-shell (type 'h' for help).
|
---|
190 |
|
---|
191 | mindterm>
|
---|
192 |
|
---|
193 |
|
---|
194 | The following commands are available in the command-shell:
|
---|
195 |
|
---|
196 | go Start SSH-session with current settings.
|
---|
197 | quit Quit program (or disconnect if connected).
|
---|
198 | add <l|r> [/<plug>/]<port>:<host>:<port> (see below).
|
---|
199 | del <l|r> <listen-port>|* Delete local/remote forward (* = all).
|
---|
200 | list [ssh | term] Lists ssh- and/or terminal-settings.
|
---|
201 | set [<parameter> <value>] Set value of a ssh-parameter.
|
---|
202 | tset [<parameter> <value>] Set value of a terminal-parameter.
|
---|
203 | key [<bits>] Generate RSA key-pair (of length <bits>).
|
---|
204 | help Display this list, but you knew that :-).
|
---|
205 |
|
---|
206 |
|
---|
207 | 3.STANDALONE USAGE:
|
---|
208 |
|
---|
209 | Examples of how to start MindTerm as a standalone program:
|
---|
210 | (NOTE: the whole command to start the runtime is written on one line)
|
---|
211 |
|
---|
212 | Linux/jdk1.1.6:
|
---|
213 |
|
---|
214 | /usr/local/java/bin/java -classpath /usr/local/java/lib/classes.zip:
|
---|
215 | /home/mats/java/mindbright.jar mindbright.application.MindTerm
|
---|
216 |
|
---|
217 | Win32/jdk1.1.x:
|
---|
218 |
|
---|
219 | c:\jdk1.1.x\bin\java -classpath c:\jdk1.1.6\lib\classes.zip;c:\mindbright\mindbright.jar
|
---|
220 | mindbright.application.MindTerm
|
---|
221 |
|
---|
222 | Win32/jre1.1.x:
|
---|
223 |
|
---|
224 | c:\jdk1.1.x\bin\java -cp c:\mindbright\mindbright.jar
|
---|
225 | mindbright.application.MindTerm
|
---|
226 |
|
---|
227 | Win32/jdk/jre1.2:
|
---|
228 |
|
---|
229 | c:\jdk1.2\bin\java -cp c:\mindbright\mindbright.jar
|
---|
230 | mindbright.application.MindTerm
|
---|
231 |
|
---|
232 | Win32/jview:
|
---|
233 |
|
---|
234 | jview /cp:p mindbright.jar mindbright.application.MindTerm
|
---|
235 |
|
---|
236 |
|
---|
237 | When run as a standalone application MindTerm takes two types of
|
---|
238 | command-line options. One type is preceeded with a single hyphen ('-').
|
---|
239 | These are the parameters (see above) followed with their respective
|
---|
240 | value, for example:
|
---|
241 |
|
---|
242 | java -cp mindbright.jar mindbright.application.MindTerm -server www.mindbright.se
|
---|
243 | -port 22 -x11fwd true -authtyp rsa
|
---|
244 |
|
---|
245 | The other type of options are given with two preceeding hyphens
|
---|
246 | ('--'). These are the special MindTerm stand-alone options. When run
|
---|
247 | with the stand-alone option '--?' the following is displayed:
|
---|
248 |
|
---|
249 | usage: MindTerm [options] [properties] [command]
|
---|
250 | Options:
|
---|
251 | --c Enable local command-shell.
|
---|
252 | --d No terminal-window, only dumb command-line and port-forwarding.
|
---|
253 | --h dir Name of the MindTerm home-dir (default: ~/.ssh/).
|
---|
254 | --p <no | def> Use no property-files or only default property-file.
|
---|
255 | --q Quiet; don't query for server/username if given.
|
---|
256 | --v Verbose; display verbose debugging messages.
|
---|
257 | --V Display version number only.
|
---|
258 |
|
---|
259 |
|
---|
260 | These are the valid stand-alone options.
|
---|
261 |
|
---|
262 | The stand-alone options MUST be first on the command-line (right after
|
---|
263 | the program-name). For example:
|
---|
264 |
|
---|
265 | java -cp mindbright.jar mindbright.application.MindTerm --p no --h /home/mats/mindterm
|
---|
266 | -server www.mindbright.se -port 22 -x11fwd true -authtyp rsa
|
---|
267 |
|
---|
268 | The stand-alone version of MindTerm uses a file called 'known_hosts'
|
---|
269 | to identify the hosts that you connect to (to avoid man-in-the-middle
|
---|
270 | attacks after first contact with server). This file has the exact same
|
---|
271 | format (and functionality) as the file 'known_hosts' which is used by
|
---|
272 | the unix version of the standard ssh-client. If you do not wish to use
|
---|
273 | this feature you must disable it with the parameter 'idhost' as in:
|
---|
274 |
|
---|
275 | java -cp mindbright.jar mindbright.application.MindTerm --p no --h /home/mats/mindterm
|
---|
276 | -server www.mindbright.se -idhost false
|
---|
277 | ^^^^^^^^^^^^^
|
---|
278 |
|
---|
279 | All parameters are saved in a default-settings file, this file can be
|
---|
280 | manually edited (or explicitly saved from the 'Main Menu' -> 'Save
|
---|
281 | default properties') for personalization of MindTerm. When MindTerm is
|
---|
282 | run for the first time it creates the default file. When running
|
---|
283 | MindTerm after this the default settings will be loaded before any
|
---|
284 | command-line options are applied (if the "--p def" command-line option
|
---|
285 | was given at start up, the defaults will also be saved at exit). All
|
---|
286 | servers visited will have their own settings saved to separate files
|
---|
287 | making it possible to use different settings for each server. This
|
---|
288 | feature may be disabled with the "--p def" option. If the "--p no"
|
---|
289 | option is given NO property-files will be used making all settings
|
---|
290 | done last only for the current session.
|
---|
291 |
|
---|
292 | Note, when a server is given in the default config and the program is
|
---|
293 | started without "--p def" or "--p no" this server's config will be
|
---|
294 | saved to a separate file at exit or when a new server is connected
|
---|
295 | to. This implies that the server-field in the default config should be
|
---|
296 | left empty if you plan to use many different servers (and want their
|
---|
297 | settings saved).
|
---|
298 |
|
---|
299 |
|
---|
300 | 4.APPLET USAGE:
|
---|
301 |
|
---|
302 | See page <http://www.mindbright.se/norm_sshlogin.html> for an example
|
---|
303 | on how to use the applet. As stated above all settable parameters may
|
---|
304 | be set with applet-params, for example:
|
---|
305 |
|
---|
306 | <applet archive="mindbright.jar" code=mindbright.applet.MindTerm.class width=580 height=400>
|
---|
307 | <!-- These parameters are parameters that are listed in 'GENERAL' above -->
|
---|
308 | <param name=port value="22">
|
---|
309 | <param name=cipher value="3des">
|
---|
310 |
|
---|
311 | <!-- These parameters are special for the applet, compareable to '--' standalone -->
|
---|
312 | <param name=rows value="26"><!-- number of rows in terminal -->
|
---|
313 | <param name=cols value="80"><!-- number of columns in terminal -->
|
---|
314 | <param name=sepframe value="false"><!-- wheter to run in a separate frame or not -->
|
---|
315 | <param name=verbose value="true"><!-- output verbose debug-info to java-console -->
|
---|
316 | <param name=sshhome value="c:\ssh\"><!-- If authorized to access local files, this is home-dir -->
|
---|
317 | </applet>
|
---|
318 |
|
---|
319 | You may give any number of parameters to the applet. You only have to
|
---|
320 | supply the ones you want, all values have default settings so you need
|
---|
321 | not supply any parameters if you choose.
|
---|
322 |
|
---|
323 |
|
---|
324 | 5.MINDTUNNEL SSHD
|
---|
325 |
|
---|
326 | TODO:
|
---|
327 | For now check <http://www.mindbright.se/mindtunnel.html>
|
---|
328 |
|
---|
329 |
|
---|
330 | 6.OTHER
|
---|
331 |
|
---|
332 | All comments and bug-reports should be sent to:
|
---|
333 | <[email protected]>
|
---|
334 |
|
---|
335 | Information about this program and its source code can be found at:
|
---|
336 | <http://www.mindbright.se/mindterm/>
|
---|
337 |
|
---|
338 | This software is written and maintained by Mats Andersson
|
---|
339 | <[email protected]> of Mindbright Technology in Sweden.
|
---|