GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  CFSSH (1)

NAME

cfssh - (somewhat) secure CFS shell

CONTENTS

Synopsis
Description
See Also
Bugs
Author

SYNOPSIS

cfssh directory

DESCRIPTION

cfssh uses cattach(1) to associate the encrypted directory (previously created with cmkdir(1)) with a randomly selected name. Once the correct passphrase is provided, cfssh invokes a new shell with the random directory in /crypt as its working directory. When the shell exits, the temporary attach name is deleted with cdetach(1). Since the generated names are somewhat obscure and are hidden from view with CFS’s "." mechanism, casual attackers cannot easily exploit the attached cleartext even if they can spoof the UID of the user.

This command assumes the Korn Shell is installed as /bin/ksh.

SEE ALSO

cfsd(8), cattach(1), cdetach(1), cmkdir(1)

BUGS

The temporary names generated are not random in any cryptographically strong sense, so this command should really only be viewed as an example. A determined attacker could probably guess the generated name by exploiting the known properties of the way the ksh random function is seeded.

There’s no hiding from an attacker who can compromise root on the client system while an attach is active.

AUTHOR

Matt Blaze; for information on cfs, email to cfs@research.att.com.

Search for    or go to Top of page |  Section 1 |  Main Index


--> CFSSH (1)

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.