Add LSH, a login program similar to SSH. It depends on SECSH, which does

not require any patent-encumbered encryption algorithms, unlike SSH1, which depends on RSA, and SSH2, which is not free (of course, these days, this is not so true thanks to OpenSSH, but it's good to have alternatives!). PR: 18879 Submitted by: Eric Schwertfeger <eric@cybernut.com>
author: Will Andrews <will@FreeBSD.org> 2000-06-02 02:56:29 +0000
committer: Will Andrews <will@FreeBSD.org> 2000-06-02 02:56:29 +0000
commit: 28824c0b83fedcb931002eeb5a5c6939c0415778 (patch)
tree: 42c37a3af1050d1535ee3d8a45bd751c2f0f514c /security/lsh
parent: Add AFSP, a set of audio file conversion utilities. (diff)
6 files changed, 121 insertions, 0 deletions
diff --git a/security/lsh/Makefile b/security/lsh/Makefile
new file mode 100644
index 000000000000..f4e692e5947e
--- /dev/null
+++ b/security/lsh/Makefile
@@ -0,0 +1,38 @@
+# New ports collection makefile for:	lsh secure shell
+# Date created:				29 MAY 2000
+# Whom:					Eric Schwertfeger <eric@cybernut.com>
+#
+# $FreeBSD$
+
+PORTNAME=	lsh
+PORTVERSION=	0.9.10
+CATEGORIES=	security ipv6
+MASTER_SITES=	ftp://ftp.lysator.liu.se/pub/security/lsh/
+DISTNAME=	${PORTNAME}-${PORTVERSION}
+
+MAINTAINER=	eric@cybernut.com
+
+RESTRICTED=	"Crypto; export-controlled"
+GNU_CONFIGURE=	yes
+INSTALL_TARGET=	install
+
+.include <bsd.port.pre.mk>
+
+.if ${OSVERSION} < 400014
+CONFIGURE_ARGS+=--without-ipv6
+.endif
+
+post-install:
+.for BIN in lsh lsh_keygen lsh_writekey sexp_conv srp-gen
+	strip ${PREFIX}/bin/${BIN}
+.endfor
+.for SBIN in lshd lsh_proxy
+	strip ${PREFIX}/sbin/${SBIN}
+.endfor
+.if !defined(NOPORTDOCS)
+	install-info --section="Miscellaneous" \
+		--entry="* LSH: (lsh).			lsh secure remote shell documentation." \
+		${PREFIX}/info/lsh.info ${PREFIX}/info/dir
+.endif
+
+.include <bsd.port.post.mk>
diff --git a/security/lsh/distinfo b/security/lsh/distinfo
new file mode 100644
index 000000000000..2bcdb8e18ee2
--- /dev/null
+++ b/security/lsh/distinfo
@@ -0,0 +1 @@
+MD5 (lsh-0.9.10.tar.gz) = b09d691cdbb8f82091bf6343a1bb7ace
diff --git a/security/lsh/files/patch-ac b/security/lsh/files/patch-ac
new file mode 100644
index 000000000000..de66c299ee97
--- /dev/null
+++ b/security/lsh/files/patch-ac
@@ -0,0 +1,56 @@
+--- src/lsh-authorize.orig	Sun Feb  6 09:39:43 2000
++++ src/lsh-authorize	Sun Apr 16 13:32:57 2000
+@@ -1,4 +1,4 @@
+-#! /bin/sh
++#!/bin/sh
+ 
+ usage () {
+     echo Usage: $0 key-file
+@@ -29,7 +29,7 @@
+     exit 0
+ fi
+ 
+-create_dir () {
++create-dir () {
+     if mkdir $1 2>/dev/null; then
+ 	echo Created $1
+ 	chmod $2 $1 || exit 1
+@@ -37,22 +37,27 @@
+ }
+ 
+ # Create directories
+-create_dir ~/.lsh 0700
+-create_dir ~/.lsh/authorized_keys_sha1 0700
++create-dir ~/.lsh 0700
++create-dir ~/.lsh/authorized_keys_sha1 0700
+ 
+-SEXP_CONV=`PATH=$PATH:. \type -path sexp_conv`
++PATH=$PATH:`dirname $0`
+ 
+-if [ -z $SEXP_CONV ] ; then
+-    echo "Can't find the sexp_conv program"
+-    exit 1
+-fi
++SEXP_CONV="sexp_conv"
+ 
+ while [ $# != 0 ]; do
+-    hash=`$SEXP_CONV < $1 --once --hash sha1 --raw-hash`
+-    if [ -z $hash ] ; then
+-	echo $0: File $1 not found.
+-    else
++    if [ -f $1 ]; then
++      hash=`$SEXP_CONV < $1 --once --hash sha1 --raw-hash`
++      if [ $? = 127 ]; then
++        echo "Can't find the sexp_conv program"
++	exit 1
++      fi
++      if [ -z "$hash" ] ; then
++	echo $0: File $1 not readable.
++      else
+         $SEXP_CONV < $1 -o canonical --once > ~/.lsh/authorized_keys_sha1/$hash
++      fi
++    else
++      echo $0: File $1 not found.
+     fi
+     shift
+ done
diff --git a/security/lsh/pkg-comment b/security/lsh/pkg-comment
new file mode 100644
index 000000000000..6463c23501d8
--- /dev/null
+++ b/security/lsh/pkg-comment
@@ -0,0 +1 @@
+A secure (encrypted) remote shell compatible with ssh 2.0
diff --git a/security/lsh/pkg-descr b/security/lsh/pkg-descr
new file mode 100644
index 000000000000..df7b7ec696b2
--- /dev/null
+++ b/security/lsh/pkg-descr
@@ -0,0 +1,14 @@
+lsh is a client that can connect to the corresponding lshd server.  It uses
+the SECSH protocol, which means that it is compatible with SSH 2.0, except
+for file transfer, which is not part of SECSH.
+
+SECSH uses compression and encryption algorithms that are unencumbered, and
+lsh itself is GPL.
+
+lsh is not as feature-rich as OpenSSH, as it doesn't currently support
+password-protected keyrings, the SSH 1.X protocols, TCP wrappers, etc.
+On the other hand, it doesn't require OpenSSL, and doesn't take a lot of
+work to avoid patented algorithms.
+
+Port author's notes on usage and common problems can be found at
+WWW: http://gz.geekazoid.com/lsh/
diff --git a/security/lsh/pkg-plist b/security/lsh/pkg-plist
new file mode 100644
index 000000000000..0d5fa1f2107d
--- /dev/null
+++ b/security/lsh/pkg-plist
@@ -0,0 +1,11 @@
+bin/lsh
+bin/lsh_keygen
+bin/lsh_writekey
+bin/sexp_conv
+bin/lsh-authorize
+bin/srp-gen
+sbin/lshd
+sbin/lsh_proxy
+@unexec install-info --delete %D/info/lsh.info %D/info/dir
+info/lsh.info
+@exec install-info --section="Miscellaneous" --entry="* LSH: (lsh).			lsh secure remote shell documentation." %D/info/lsh.info %D/info/dir
author	Will Andrews <will@FreeBSD.org>	2000-06-02 02:56:29 +0000
committer	Will Andrews <will@FreeBSD.org>	2000-06-02 02:56:29 +0000
commit	28824c0b83fedcb931002eeb5a5c6939c0415778 (patch)
tree	42c37a3af1050d1535ee3d8a45bd751c2f0f514c /security/lsh
parent	Add AFSP, a set of audio file conversion utilities. (diff)