updating readme and sponsors

Author: progrium

README.md

@@ -1,64 +1,66 @@
 # sshfront
 
-A lightweight SSH server frontend written in Go. Authentication and connections
+A lightweight SSH server frontend where authentication and connections
 are controlled with command handlers / shell scripts.
 
 ## Using sshfront
 ```
 Usage: ./sshfront [options] <handler>
 
-  -d=false: debug mode displays handler output
-  -e=false: pass environment to handlers
-  -k="": pem file of private keys (read from SSH_PRIVATE_KEYS by default)
-  -h="": host ip to listen on
+  -a="": authentication hook. empty=allow all
+  -d=false: debug mode
+  -e=false: pass environment to handler
+  -h="0.0.0.0": ip to listen on
+  -k="~/.ssh/id_rsa": private host key path
   -p="22": port to listen on
 ```
 
 
-#### auth-handler $user $key
+#### handler $command...
 
- * `$user` argument is the name of the user being used to attempt the connection
- * `$key` argument is the public key data being provided for authentication
-
-auth-handler is the path to an executable that's used for authenticating incoming SSH connections. If it returns with exit status 0, the connection will be allowed, otherwise it will be denied. The output of auth-handler must be empty, or key-value pairs in the form `KEY=value` separated by newlines, which will be added to the environment of exec-handler.
+ * `$command...` command line arguments specified to run by the SSH client
 
-Although auth-handler is required, you can still achieve no-auth open access by providing `/usr/bin/true` as auth-handler.
+The handler is a command that's used to handle all SSH connections. Output, stderr, and the exit code is returned to the client. If the client provides stdin, that's passed to the handler.
 
+If the authentication hook was specified, any output is parsed as environment variables and added to the handler environment. `$USER` is always the SSH user used to connect and `$SSH_ORIGINAL_COMMAND` is the command specified from the client if not interactive.
 
-#### exec-handler $command...
+#### auth-hook $user $key
 
- * `$command...` arguments is the command line that was specified to run by the SSH client
+ * `$user` argument is the name of the user being used to attempt the connection
+ * `$key` argument is the public key data being provided for authentication
 
-exec-handler is the path to an executable that's used to execute the command provided by the client. The meaning of that is quite flexible. All of the stdout and stderr is returned to the client, including the exit status. If the client provides stdin, that's passed to the exec-handler. Any environment variables provided by the auth-handler output will be available to exec-handler, as well as `$USER` and `$SSH_ORIGINAL_COMMAND` environment variables.
+The auth hook is a command used for authenticating incoming SSH connections. If it returns with exit status 0, the connection will be allowed, otherwise it will be denied. The output of auth hook must be empty, or key-value pairs in the form `KEY=value` separated by newlines, which will be added to the environment of connection handler.
 
+The auth hook is optional, but if not specified then all connections are allowed.
+It is a good idea to always specify an auth hook.
 
 ## Examples
 
-**These examples bypass all authentication and allow remote execution, *do not* run this in production.**
+**Many of these bypass authentication and may allow remote execution, *do not* run this in production.**
 
-Echo server (with accept-all auth):
+Echo server:
 
 ```
-server$ sshfront $(which true) $(which echo)
+server$ sshfront $(which echo)
 client$ ssh $SERVER "hello world"
 hello world
 ```
 
-Echo host's environment to clients (with accept-all auth):
+Echo host's environment to clients:
 
 ```
-server$ sshfront -e $(which true) $(env)
+server$ sshfront -e $(env)
 client$ ssh $SERVER
 USER=root
 HOME=/root
 LANG=en_US.UTF-8
 ...
 ```
 
-Bash server (with accept-all auth):
+Bash server:
 
 ```
-server$ sshfront $(which true) $(which bash)
+server$ sshfront $(which bash)
 client$ ssh $SERVER
 bash-4.3$ echo "this is a bash instance running on the server"
 this is a bash instance running on the server
@@ -67,8 +69,8 @@ this is a bash instance running on the server
 
 ## Sponsors
 
-This project was made possible thanks to [DigitalOcean](http://digitalocean.com).
+This project was made possible thanks to [Deis](http://deis.io) and [DigitalOcean](http://digitalocean.com).
 
 ## License
 
-BSD
+MIT

SPONSORS

@@ -1 +1,2 @@
-DigitalOcean 	http://digitalocean.com
+DigitalOcean 	http://digitalocean.com
+Deis Project	http://deis.io