--- /dev/null
+
+20060910
+ - [ gss-genr.c kexgssc.c kexgsss.c kex.h monitor.c sshconnect2.c sshd.c
+ ssh-gss.h ]
+ add support for gss-group14-sha1 key exchange mechanisms
+ - [ gss-serv.c servconf.c servconf.h sshd_config sshd_config.5 ]
+ Add GSSAPIStrictAcceptorCheck option to allow the disabling of
+ acceptor principal checking on multi-homed machines.
+ <Bugzilla #928>
+ - [ sshd_config ssh_config ]
+ Add settings for GSSAPIKeyExchange and GSSAPITrustDNS to the sample
+ configuration files
+ - [ kexgss.c kegsss.c sshconnect2.c sshd.c ]
+ Code cleanup. Replace strlen/xmalloc/snprintf sequences with xasprintf()
+ Limit length of error messages displayed by client
+
+20060909
+ - [ gss-genr.c gss-serv.c ]
+ move ssh_gssapi_acquire_cred() and ssh_gssapi_server_ctx to be server
+ only, where they belong
+ <Bugzilla #1225>
+
+20060829
+ - [ gss-serv-krb5.c ]
+ Fix CCAPI credentials cache name when creating KRB5CCNAME environment
+ variable
+
+20060828
+ - [ gss-genr.c ]
+ Avoid Heimdal context freeing problem
+ <Fixed upstream 20060829>
+
+20060818
+ - [ gss-genr.c ssh-gss.h sshconnect2.c ]
+ Make sure that SPENGO is disabled
+ <Bugzilla #1218 - Fixed upstream 20060818>
+
+20060421
+ - [ gssgenr.c, sshconnect2.c ]
+ a few type changes (signed versus unsigned, int versus size_t) to
+ fix compiler errors/warnings
+ (from jbasney AT ncsa.uiuc.edu)
+ - [ kexgssc.c, sshconnect2.c ]
+ fix uninitialized variable warnings
+ (from jbasney AT ncsa.uiuc.edu)
+ - [ gssgenr.c ]
+ pass oid to gss_display_status (helpful when using GSSAPI mechglue)
+ (from jbasney AT ncsa.uiuc.edu)
+ <Bugzilla #1220 >
+ - [ gss-serv-krb5.c ]
+ #ifdef HAVE_GSSAPI_KRB5 should be #ifdef HAVE_GSSAPI_KRB5_H
+ (from jbasney AT ncsa.uiuc.edu)
+ <Fixed upstream 20060304>
+ - [ readconf.c, readconf.h, ssh_config.5, sshconnect2.c
+ add client-side GssapiKeyExchange option
+ (from jbasney AT ncsa.uiuc.edu)
+ - [ sshconnect2.c ]
+ add support for GssapiTrustDns option for gssapi-with-mic
+ (from jbasney AT ncsa.uiuc.edu)
+ <gssapi-with-mic support is Bugzilla #1008>
#define BUFFER_MAX_CHUNK 0x100000
#define BUFFER_MAX_LEN 0xa00000
-#define BUFFER_ALLOCSZ 0x008000
-
-/* this value for BUFFER_MAX_HPN_LEN is */
-/* still undersized for the faster networks */
-/* it might make sense to have yet another */
-/* MAX_LEN for 10+GB networks. Something closer to */
-/* 128MB or 192MB -cjr*/
-#define BUFFER_MAX_HPN_LEN 0x2000000 /*32MB*/
+/* try increasing to 256k in hpnxfers */
+#define BUFFER_ALLOCSZ 0x008000 /* 32k */
+#define BUFFER_ALLOCSZ_HPN 0x040000 /* 256k */
/* Initializes the buffer structure. */
buffer_append_space(Buffer *buffer, u_int len)
{
u_int newlen;
+ u_int buf_max;
+ u_int buf_alloc_sz;
void *p;
if (len > BUFFER_MAX_CHUNK)
if (buffer_compact(buffer))
goto restart;
+ // if hpn is disabled use the smaller buffer size
+ buf_max = BUFFER_MAX_LEN_HPN;
+ buf_alloc_sz = BUFFER_ALLOCSZ_HPN;
+
/* Increase the size of the buffer and retry. */
- newlen = roundup(buffer->alloc + len, BUFFER_ALLOCSZ);
- if (newlen > BUFFER_MAX_HPN_LEN)
+ newlen = roundup(buffer->alloc + len, buf_alloc_sz);
+
+
+ if (newlen > buf_max)
fatal("buffer_append_space: alloc %u not supported",
newlen);
buffer->buf = xrealloc(buffer->buf, 1, newlen);
int
buffer_check_alloc(Buffer *buffer, u_int len)
{
+ u_int buf_max;
+ u_int buf_alloc_sz;
+
if (buffer->offset == buffer->end) {
buffer->offset = 0;
buffer->end = 0;
return (1);
if (buffer_compact(buffer))
goto restart;
- if (roundup(buffer->alloc + len, BUFFER_ALLOCSZ) <= BUFFER_MAX_LEN)
+
+ // if hpn is disabled use the smaller buffer size
+ buf_max = BUFFER_MAX_LEN_HPN;
+ buf_alloc_sz = BUFFER_ALLOCSZ_HPN;
+
+ if (roundup(buffer->alloc + len, buf_alloc_sz) <= buf_max)
return (1);
return (0);
}
#ifndef BUFFER_H
#define BUFFER_H
+#define BUFFER_MAX_LEN_HPN 0x4000000 /* 64MB */
typedef struct {
u_char *buf; /* Buffer for data. */
FD_SET(c->sock, writeset);
}
+int channel_tcpwinsz () {
+ u_int32_t tcpwinsz = 0;
+ socklen_t optsz = sizeof(tcpwinsz);
+ int ret = -1;
+ if(!packet_connection_is_on_socket())
+ return(131072);
+ ret = getsockopt(packet_get_connection_in(),
+ SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz);
+ if ((ret == 0) && tcpwinsz > BUFFER_MAX_LEN_HPN)
+ tcpwinsz = BUFFER_MAX_LEN_HPN;
+ debug2("tcpwinsz: %d for connection: %d", tcpwinsz,
+ packet_get_connection_in());
+ return(tcpwinsz);
+}
+
static void
channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset)
{
u_int limit = compat20 ? c->remote_window : packet_get_maxsize();
+ /* check buffer limits */
+ if (!c->tcpwinsz)
+ c->tcpwinsz = channel_tcpwinsz();
+ if (c->dynamic_window > 0)
+ c->tcpwinsz = channel_tcpwinsz();
+
+ limit = MIN(limit, 2 * c->tcpwinsz);
+
if (c->istate == CHAN_INPUT_OPEN &&
limit > 0 &&
buffer_len(&c->input) < limit &&
*/
int
channel_input_port_forward_request(int is_root, int gateway_ports,
- int hpn_disabled, int hpn_buffer_size)
+ int hpn_disabled, int hpn_buffer_size)
{
u_short port, host_port;
int success = 0;
if (strstr(version,"hpn") == NULL)
{
datafellows |= SSH_BUG_LARGEWINDOW;
+ debug("Remote is NON-HPN aware");
}
}
return;
/* config.h.in. Generated from configure.ac by autoheader. */
+/* Define this if you want to use AFS/Kerberos 5 option, which runs aklog. */
+#undef AFS_KRB5
+
/* Define if you have a getaddrinfo that fails for the all-zeros IPv6 address
*/
#undef AIX_GETNAMEINFO_HACK
/* Define if your AIX loginfailed() function takes 4 arguments (AIX >= 5.2) */
#undef AIX_LOGINFAILED_4ARG
+/* Define this if you want to use AFS/Kerberos 5 option, which runs aklog. */
+#undef AKLOG_PATH
+
/* Define if your resolver libs need this for getrrsetbyname */
#undef BIND_8_COMPAT
/* Define if your system glob() function has gl_matchc options in glob_t */
#undef GLOB_HAS_GL_MATCHC
+/* Define if you want GSI/Globus authentication support. */
+#undef GSI
+
/* Define this if you want GSSAPI support in the version 2 protocol */
#undef GSSAPI
/* Define to 1 if you have the `glob' function. */
#undef HAVE_GLOB
+/* Define to 1 if you have the `globus_gss_assist_map_and_authorize' function.
+ */
+#undef HAVE_GLOBUS_GSS_ASSIST_MAP_AND_AUTHORIZE
+
/* Define to 1 if you have the <glob.h> header file. */
#undef HAVE_GLOB_H
/* Set this to your mail directory if you don't have maillock.h */
#undef MAIL_DIRECTORY
+/* Define this if you're building with GSSAPI MechGlue. */
+#undef MECHGLUE
+
/* Define on *nto-qnx systems */
#undef MISSING_FD_MASK
/* read(1) can return 0 for a non-closed fd */
#undef PTY_ZEROREAD
+/* Define this if you want support for startup/shutdown hooks */
+#undef SESSION_HOOKS
+
/* Define if your platform breaks doing a seteuid before a setuid */
#undef SETEUID_BREAKS_SETUID
-/* The size of `char', as computed by sizeof. */
+/* The size of a `char', as computed by sizeof. */
#undef SIZEOF_CHAR
-/* The size of `int', as computed by sizeof. */
+/* The size of a `int', as computed by sizeof. */
#undef SIZEOF_INT
-/* The size of `long int', as computed by sizeof. */
+/* The size of a `long int', as computed by sizeof. */
#undef SIZEOF_LONG_INT
-/* The size of `long long int', as computed by sizeof. */
+/* The size of a `long long int', as computed by sizeof. */
#undef SIZEOF_LONG_LONG_INT
-/* The size of `short int', as computed by sizeof. */
+/* The size of a `short int', as computed by sizeof. */
#undef SIZEOF_SHORT_INT
/* Define if you want S/Key support */
/* Use btmp to log bad logins */
#undef USE_BTMP
+/* platform uses an in-memory credentials cache */
+#undef USE_CCAPI
+
/* Use libedit for sftp */
#undef USE_LIBEDIT
/* Define if you want smartcard support using sectok */
#undef USE_SECTOK
+/* platform has the Security Authorization Session API */
+#undef USE_SECURITY_SESSION_API
+
/* Define if you have Solaris process contracts */
#undef USE_SOLARIS_PROCESS_CONTRACTS
AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
[Define if your resolver libs need this for getrrsetbyname])
- AC_MSG_CHECKING(if we have the Security Authorization Session API)
- AC_TRY_COMPILE([#include <Security/AuthSession.h>],
- [SessionCreate(0, 0);],
- [ac_cv_use_security_session_api="yes"
- AC_DEFINE(USE_SECURITY_SESSION_API, 1,
- [platform has the Security Authorization Session API])
- LIBS="$LIBS -framework Security"
- AC_MSG_RESULT(yes)],
- [ac_cv_use_security_session_api="no"
- AC_MSG_RESULT(no)])
- AC_MSG_CHECKING(if we have an in-memory credentials cache)
- AC_TRY_COMPILE(
- [#include <Kerberos/Kerberos.h>],
- [cc_context_t c;
- (void) cc_initialize (&c, 0, NULL, NULL);],
- [AC_DEFINE(USE_CCAPI, 1,
- [platform uses an in-memory credentials cache])
- LIBS="$LIBS -framework Security"
- AC_MSG_RESULT(yes)
- if test "x$ac_cv_use_security_session_api" = "xno"; then
- AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
- fi],
- [AC_MSG_RESULT(no)]
- )
AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
[Use tunnel device compatibility to OpenBSD])
AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
[Prepend the address family to IP tunnel traffic])
- ;;
+ AC_MSG_CHECKING(if we have the Security Authorization Session API)
+ AC_TRY_COMPILE([#include <Security/AuthSession.h>],
+ [SessionCreate(0, 0);],
+ [ac_cv_use_security_session_api="yes"
+ AC_DEFINE(USE_SECURITY_SESSION_API, 1,
+ [platform has the Security Authorization Session API])
+ LIBS="$LIBS -framework Security"
+ AC_MSG_RESULT(yes)],
+ [ac_cv_use_security_session_api="no"
+ AC_MSG_RESULT(no)])
+ AC_MSG_CHECKING(if we have an in-memory credentials cache)
+ AC_TRY_COMPILE(
+ [#include <Kerberos/Kerberos.h>],
+ [cc_context_t c;
+ (void) cc_initialize (&c, 0, NULL, NULL);],
+ [AC_DEFINE(USE_CCAPI, 1,
+ [platform uses an in-memory credentials cache])
+ LIBS="$LIBS -framework Security"
+ AC_MSG_RESULT(yes)
+ if test "x$ac_cv_use_security_session_api" = "xno"; then
+ AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
+ fi],
+ [AC_MSG_RESULT(no)]
+ )
+ ;;
*-*-dragonfly*)
SSHDLIBS="$SSHDLIBS -lcrypt"
;;
#include "log.h"
#include "canohost.h"
#include "ssh2.h"
+#include "cipher.h"
+#include "key.h"
+#include "kex.h"
#include <openssl/evp.h>
#include "ssh-gss.h"
* a key exchange with a bad mechanism
*/
-
char *
ssh_gssapi_client_mechanisms(const char *host) {
gss_OID_set gss_supported;
gss_indicate_mechs(&min_status, &gss_supported);
return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
- (void *)host));
+ host));
}
char *
ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
- void *data) {
+ const char *data) {
Buffer buf;
size_t i;
int oidpos, enclen;
char deroid[2];
const EVP_MD *evp_md = EVP_md5();
EVP_MD_CTX md;
- Gssctxt *gssctxt = NULL;
if (gss_enc2oid != NULL) {
- for (i=0;gss_enc2oid[i].encoded!=NULL;i++)
+ for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
xfree(gss_enc2oid[i].encoded);
xfree(gss_enc2oid);
}
gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping)*
- (gss_supported->count+1));
+ (gss_supported->count + 1));
buffer_init(&buf);
oidpos = 0;
- for (i = 0;i < gss_supported->count;i++) {
+ for (i = 0; i < gss_supported->count; i++) {
if (gss_supported->elements[i].length < 128 &&
- (*check)(&gssctxt, &(gss_supported->elements[i]), data)) {
-
+ (*check)(NULL, &(gss_supported->elements[i]), data)) {
deroid[0] = SSH_GSS_OIDTYPE;
deroid[1] = gss_supported->elements[i].length;
gss_supported->elements[i].length);
EVP_DigestFinal(&md, digest, NULL);
- encoded = xmalloc(EVP_MD_size(evp_md)*2);
+ encoded = xmalloc(EVP_MD_size(evp_md) * 2);
enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
- encoded, EVP_MD_size(evp_md)*2);
+ encoded, EVP_MD_size(evp_md) * 2);
if (oidpos != 0)
- buffer_put_char(&buf, ',');
+ buffer_put_char(&buf, ',');
buffer_append(&buf, KEX_GSS_GEX_SHA1_ID,
- sizeof(KEX_GSS_GEX_SHA1_ID)-1);
+ sizeof(KEX_GSS_GEX_SHA1_ID) - 1);
buffer_append(&buf, encoded, enclen);
- buffer_put_char(&buf,',');
+ buffer_put_char(&buf, ',');
buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID,
- sizeof(KEX_GSS_GRP1_SHA1_ID)-1);
+ sizeof(KEX_GSS_GRP1_SHA1_ID) - 1);
+ buffer_append(&buf, encoded, enclen);
+ buffer_put_char(&buf, ',');
+ buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID,
+ sizeof(KEX_GSS_GRP14_SHA1_ID) - 1);
buffer_append(&buf, encoded, enclen);
gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
mechs = NULL;
}
- if (gssctxt) {
- ssh_gssapi_delete_ctx(&gssctxt);
- }
-
return (mechs);
}
gss_OID
-ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int *gex) {
+ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) {
int i = 0;
-
- if (strncmp(name, KEX_GSS_GRP1_SHA1_ID,
- sizeof(KEX_GSS_GRP1_SHA1_ID)-1) == 0) {
- name+=sizeof(KEX_GSS_GRP1_SHA1_ID)-1;
- *gex = 0;
- } else if (strncmp(name, KEX_GSS_GEX_SHA1_ID,
- sizeof(KEX_GSS_GEX_SHA1_ID)-1) == 0) {
- name+=sizeof(KEX_GSS_GEX_SHA1_ID)-1;
- *gex = 1;
- } else {
- return NULL;
+
+ switch (kex_type) {
+ case KEX_GSS_GRP1_SHA1:
+ name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1;
+ break;
+ case KEX_GSS_GRP14_SHA1:
+ name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1;
+ break;
+ case KEX_GSS_GEX_SHA1:
+ name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1;
+ break;
+ default:
+ return GSS_C_NO_OID;
}
while (gss_enc2oid[i].encoded != NULL &&
- strcmp(name, gss_enc2oid[i].encoded) != 0) {
+ strcmp(name, gss_enc2oid[i].encoded) != 0)
i++;
- }
if (gss_enc2oid[i].oid != NULL && ctx != NULL)
ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid);
return (ctx->major);
}
-/* Acquire credentials for a server running on the current host.
- * Requires that the context structure contains a valid OID
- */
-
-/* Returns a GSSAPI error code */
-OM_uint32
-ssh_gssapi_acquire_cred(Gssctxt *ctx)
-{
- OM_uint32 status;
- char lname[MAXHOSTNAMELEN];
- gss_OID_set oidset;
-
- gss_create_empty_oid_set(&status, &oidset);
- gss_add_oid_set_member(&status, ctx->oid, &oidset);
-
- if (gethostname(lname, MAXHOSTNAMELEN)) {
- gss_release_oid_set(&status, &oidset);
- return (-1);
- }
-
- if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
- gss_release_oid_set(&status, &oidset);
- return (ctx->major);
- }
-
- if ((ctx->major = gss_acquire_cred(&ctx->minor,
- ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
- ssh_gssapi_error(ctx);
-
- gss_release_oid_set(&status, &oidset);
- return (ctx->major);
-}
-
OM_uint32
ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
{
buffer_put_cstring(b, context);
}
-OM_uint32
-ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
-{
- if (*ctx)
- ssh_gssapi_delete_ctx(ctx);
- ssh_gssapi_build_ctx(ctx);
- ssh_gssapi_set_oid(*ctx, oid);
- return (ssh_gssapi_acquire_cred(*ctx));
-}
-
int
ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
{
gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
OM_uint32 major, minor;
gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};
+ Gssctxt *intctx = NULL;
+
+ if (ctx == NULL)
+ ctx = &intctx;
/* RFC 4462 says we MUST NOT do SPNEGO */
if (oid->length == spnego_oid.length &&
GSS_C_NO_BUFFER);
}
- if (GSS_ERROR(major))
+ if (GSS_ERROR(major) || intctx != NULL)
ssh_gssapi_delete_ctx(ctx);
return (!GSS_ERROR(major));
OM_uint32 maj_status, min_status;
gss_cred_id_t krb5_cred_handle;
int len;
+ const char* new_ccname;
if (client->creds == NULL) {
debug("No credentials stored");
return;
}
- client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
+ new_ccname = krb5_cc_get_name(krb_context, ccache);
+
client->store.envvar = "KRB5CCNAME";
- len = strlen(client->store.filename) + 6;
- client->store.envval = xmalloc(len);
- snprintf(client->store.envval, len, "FILE:%s", client->store.filename);
+#ifdef USE_CCAPI
+ xasprintf(&client->store.envval, "API:%s", new_ccname);
+ client->store.filename = NULL;
+#else
+ xasprintf(&client->store.envval, "FILE:%s", new_ccname);
+ client->store.filename = xstrdup(new_ccname);
+#endif
#ifdef USE_PAM
if (options.use_pam)
/* $OpenBSD: gss-serv.c,v 1.20 2006/08/03 03:34:42 deraadt Exp $ */
/*
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#include "log.h"
#include "channels.h"
#include "session.h"
+#include "misc.h"
#include "servconf.h"
+
#include "xmalloc.h"
#include "ssh-gss.h"
#include "monitor_wrap.h"
-#include "misc.h"
extern ServerOptions options;
/* Unprivileged */
int
-ssh_gssapi_server_check_mech(Gssctxt **ctx, gss_OID oid, const char *data) {
+ssh_gssapi_server_check_mech(Gssctxt **dum, gss_OID oid, const char *data) {
+ Gssctxt *ctx = NULL;
int res;
- res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(ctx, oid)));
- if (!res)
- ssh_gssapi_delete_ctx(ctx);
+ res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid)));
+ ssh_gssapi_delete_ctx(&ctx);
return (res);
}
gss_release_oid_set(&min_status, &supported);
}
+OM_uint32
+ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
+{
+ if (*ctx)
+ ssh_gssapi_delete_ctx(ctx);
+ ssh_gssapi_build_ctx(ctx);
+ ssh_gssapi_set_oid(*ctx, oid);
+ return (ssh_gssapi_acquire_cred(*ctx));
+}
+
+/* Acquire credentials for a server running on the current host.
+ * Requires that the context structure contains a valid OID
+ */
+
+/* Returns a GSSAPI error code */
+OM_uint32
+ssh_gssapi_acquire_cred(Gssctxt *ctx)
+{
+ OM_uint32 status;
+ char lname[MAXHOSTNAMELEN];
+ gss_OID_set oidset;
+
+ if (options.gss_strict_acceptor) {
+ gss_create_empty_oid_set(&status, &oidset);
+ gss_add_oid_set_member(&status, ctx->oid, &oidset);
+
+ if (gethostname(lname, MAXHOSTNAMELEN)) {
+ gss_release_oid_set(&status, &oidset);
+ return (-1);
+ }
+
+ if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
+ gss_release_oid_set(&status, &oidset);
+ return (ctx->major);
+ }
+
+ if ((ctx->major = gss_acquire_cred(&ctx->minor,
+ ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds,
+ NULL, NULL)))
+ ssh_gssapi_error(ctx);
+
+ gss_release_oid_set(&status, &oidset);
+ return (ctx->major);
+ } else {
+ ctx->name = GSS_C_NO_NAME;
+ ctx->creds = GSS_C_NO_CREDENTIAL;
+ }
+ return GSS_S_COMPLETE;
+}
+
/* Wrapper around accept_sec_context
* Requires that the context contains:
} else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
k->kex_type = KEX_DH_GEX_SHA1;
k->evp_md = EVP_sha1();
+#if OPENSSL_VERSION_NUMBER >= 0x00907000L
+ } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
+ k->kex_type = KEX_DH_GEX_SHA256;
+ k->evp_md = evp_ssh_sha256();
+#endif
#ifdef GSSAPI
} else if (strncmp(k->name, KEX_GSS_GEX_SHA1_ID,
- sizeof(KEX_GSS_GEX_SHA1_ID)-1) == 0) {
+ sizeof(KEX_GSS_GEX_SHA1_ID) - 1) == 0) {
k->kex_type = KEX_GSS_GEX_SHA1;
k->evp_md = EVP_sha1();
} else if (strncmp(k->name, KEX_GSS_GRP1_SHA1_ID,
- sizeof(KEX_GSS_GRP1_SHA1_ID)-1) == 0) {
+ sizeof(KEX_GSS_GRP1_SHA1_ID) - 1) == 0) {
k->kex_type = KEX_GSS_GRP1_SHA1;
k->evp_md = EVP_sha1();
-#endif
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
- } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
- k->kex_type = KEX_DH_GEX_SHA256;
- k->evp_md = evp_ssh_sha256();
+ } else if (strncmp(k->name, KEX_GSS_GRP14_SHA1_ID,
+ sizeof(KEX_GSS_GRP14_SHA1_ID) - 1) == 0) {
+ k->kex_type = KEX_GSS_GRP14_SHA1;
+ k->evp_md = EVP_sha1();
#endif
} else
fatal("bad kex alg %s", k->name);
KEX_DH_GRP1_SHA1,
KEX_DH_GRP14_SHA1,
KEX_DH_GEX_SHA1,
+ KEX_DH_GEX_SHA256,
KEX_GSS_GRP1_SHA1,
+ KEX_GSS_GRP14_SHA1,
KEX_GSS_GEX_SHA1,
- KEX_DH_GEX_SHA256,
KEX_MAX
};
/*
- * Copyright (c) 2001-2005 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#include <openssl/crypto.h>
#include <openssl/bn.h>
+#include <string.h>
+
#include "xmalloc.h"
#include "buffer.h"
-#include "bufaux.h"
-#include "cipher.h"
+#include "ssh2.h"
#include "key.h"
+#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
#include "dh.h"
-#include "canohost.h"
-#include "ssh2.h"
+
#include "ssh-gss.h"
void
kexgss_client(Kex *kex) {
gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
- gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr;
+ gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr;
Gssctxt *ctxt;
OM_uint32 maj_status, min_status, ret_flags;
u_int klen, kout, slen = 0, hashlen, strlen;
char *lang;
int type = 0;
int first = 1;
- int gex = 0;
int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
/* Initialise our GSSAPI world */
ssh_gssapi_build_ctx(&ctxt);
- if (ssh_gssapi_id_kex(ctxt, kex->name, &gex) == NULL)
+ if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type)
+ == GSS_C_NO_OID)
fatal("Couldn't identify host exchange");
if (ssh_gssapi_import_name(ctxt, kex->gss_host))
fatal("Couldn't import hostname");
- if (gex) {
+ switch (kex->kex_type) {
+ case KEX_GSS_GRP1_SHA1:
+ dh = dh_new_group1();
+ break;
+ case KEX_GSS_GRP14_SHA1:
+ dh = dh_new_group14();
+ break;
+ case KEX_GSS_GEX_SHA1:
debug("Doing group exchange\n");
nbits = dh_estimate(kex->we_need * 8);
packet_start(SSH2_MSG_KEXGSS_GROUPREQ);
min, BN_num_bits(p), max);
dh = dh_new_group(g, p);
- } else {
- dh = dh_new_group1();
+ break;
+ default:
+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
}
/* Step 1 - e is dh->pub_key */
min_status = packet_get_int();
msg = packet_get_string(NULL);
lang = packet_get_string(NULL);
- fatal("GSSAPI Key Exchange Error: \n%s",msg);
+ fatal("GSSAPI Error: \n%.400s",msg);
default:
packet_disconnect("Protocol error: didn't expect packet type %d",
type);
memset(kbuf, 0, klen);
xfree(kbuf);
- if (gex) {
+ switch (kex->kex_type) {
+ case KEX_GSS_GRP1_SHA1:
+ case KEX_GSS_GRP14_SHA1:
+ kex_dh_hash( kex->client_version_string,
+ kex->server_version_string,
+ buffer_ptr(&kex->my), buffer_len(&kex->my),
+ buffer_ptr(&kex->peer), buffer_len(&kex->peer),
+ serverhostkey, slen, /* server host key */
+ dh->pub_key, /* e */
+ dh_server_pub, /* f */
+ shared_secret, /* K */
+ &hash, &hashlen
+ );
+ break;
+ case KEX_GSS_GEX_SHA1:
kexgex_hash(
kex->evp_md,
kex->client_version_string,
shared_secret,
&hash, &hashlen
);
- } else {
- /* The GSS hash is identical to the DH one */
- kex_dh_hash( kex->client_version_string,
- kex->server_version_string,
- buffer_ptr(&kex->my), buffer_len(&kex->my),
- buffer_ptr(&kex->peer), buffer_len(&kex->peer),
- serverhostkey, slen, /* server host key */
- dh->pub_key, /* e */
- dh_server_pub, /* f */
- shared_secret, /* K */
- &hash, &hashlen
- );
- }
+ break;
+ default:
+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
+ }
gssbuf.value = hash;
gssbuf.length = hashlen;
- /* Verify that the hash matches the MIC we just got. */
+ /* Verify that the hash matches the MIC we just got. */
if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
packet_disconnect("Hash's MIC didn't verify");
/*
- * Copyright (c) 2001-2005 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#ifdef GSSAPI
+#include <string.h>
+
#include <openssl/crypto.h>
#include <openssl/bn.h>
#include "xmalloc.h"
#include "buffer.h"
-#include "bufaux.h"
-#include "cipher.h"
+#include "ssh2.h"
#include "key.h"
+#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
#include "dh.h"
-#include "ssh2.h"
#include "ssh-gss.h"
#include "monitor_wrap.h"
BIGNUM *shared_secret = NULL;
BIGNUM *dh_client_pub = NULL;
int type = 0;
- int gex;
gss_OID oid;
-
+
/* Initialise GSSAPI */
/* If we're rekeying, privsep means that some of the private structures
* in the GSSAPI code are no longer available. This kludges them back
- * into life
+ * into life
*/
if (!ssh_gssapi_oid_table_ok())
ssh_gssapi_server_mechanisms();
debug2("%s: Identifying %s", __func__, kex->name);
- oid = ssh_gssapi_id_kex(NULL, kex->name, &gex);
- if (oid == NULL)
+ oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
+ if (oid == GSS_C_NO_OID)
fatal("Unknown gssapi mechanism");
debug2("%s: Acquiring credentials", __func__);
if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) {
kex_gss_send_error(ctxt);
- fatal("Unable to acquire credentials for the server");
- }
-
- if (gex) {
+ fatal("Unable to acquire credentials for the server");
+ }
+
+ switch (kex->kex_type) {
+ case KEX_GSS_GRP1_SHA1:
+ dh = dh_new_group1();
+ break;
+ case KEX_GSS_GRP14_SHA1:
+ dh = dh_new_group14();
+ break;
+ case KEX_GSS_GEX_SHA1:
debug("Doing group exchange");
packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ);
min = packet_get_int();
packet_send();
packet_write_wait();
-
- } else {
- dh = dh_new_group1();
+ break;
+ default:
+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
}
+
dh_gen_key(dh, kex->we_need * 8);
do {
memset(kbuf, 0, klen);
xfree(kbuf);
- if (gex) {
+ switch (kex->kex_type) {
+ case KEX_GSS_GRP1_SHA1:
+ case KEX_GSS_GRP14_SHA1:
+ kex_dh_hash(
+ kex->client_version_string, kex->server_version_string,
+ buffer_ptr(&kex->peer), buffer_len(&kex->peer),
+ buffer_ptr(&kex->my), buffer_len(&kex->my),
+ NULL, 0, /* Change this if we start sending host keys */
+ dh_client_pub, dh->pub_key, shared_secret,
+ &hash, &hashlen
+ );
+ break;
+ case KEX_GSS_GEX_SHA1:
kexgex_hash(
kex->evp_md,
kex->client_version_string, kex->server_version_string,
shared_secret,
&hash, &hashlen
);
+ break;
+ default:
+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
}
- else {
- /* The GSSAPI hash is identical to the Diffie Helman one */
- kex_dh_hash(
- kex->client_version_string, kex->server_version_string,
- buffer_ptr(&kex->peer), buffer_len(&kex->peer),
- buffer_ptr(&kex->my), buffer_len(&kex->my),
- NULL, 0, /* Change this if we start sending host keys */
- dh_client_pub, dh->pub_key, shared_secret,
- &hash, &hashlen
- );
- }
+
BN_free(dh_client_pub);
if (kex->session_id == NULL) {
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
+ kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
#ifdef GSSAPI
kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
#endif
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
kex->hostkey_type = buffer_get_int(m);
kex->kex_type = buffer_get_int(m);
options->none_switch = 0;
if (options->hpn_disabled == -1)
options->hpn_disabled = 0;
- if (options->hpn_buffer_size == -1)
- options->hpn_buffer_size = 2*1024*1024;
- else {
+ if (options->hpn_buffer_size > -1)
+ {
if (options->hpn_buffer_size == 0)
- options->hpn_buffer_size = 1;
+ options->hpn_buffer_size = 1;
/*limit the buffer to 7MB*/
- if (options->hpn_buffer_size > 7168)
+ if (options->hpn_buffer_size > 7168)
+ {
options->hpn_buffer_size = 7168;
+ debug("User requested buffer larger than 7MB. Request reverted to 7MB");
+ }
options->hpn_buffer_size *=1024;
- }
+ debug("hpn_buffer_size set to %d", options->hpn_buffer_size);
+ }
if (options->tcp_rcv_buf == 0)
options->tcp_rcv_buf = 1;
if (options->tcp_rcv_buf > -1)
-SCP(1) OpenBSD Reference Manual SCP(1)
+SCP(1) BSD General Commands Manual SCP(1)
NAME
scp - secure copy (remote file copy program)
-6 Forces scp to use IPv6 addresses only.
- -B Selects batch mode (prevents asking for passwords or passphras-
- es).
+ -B Selects batch mode (prevents asking for passwords or
+ passphrases).
-C Compression enable. Passes the -C flag to ssh(1) to enable com-
pression.
-P port
Specifies the port to connect to on the remote host. Note that
- this option is written with a capital `P', because -p is already
+ this option is written with a capital 'P', because -p is already
reserved for preserving the times and modes of the file in
rcp(1).
Timo Rinne <tri@iki.fi>
Tatu Ylonen <ylo@cs.hut.fi>
-OpenBSD 4.0 September 25, 1999 3
+BSD September 25, 1999 BSD
addargs(&args, "-oClearAllForwardings yes");
fflag = tflag = 0;
- while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q1246zS:o:F:w:")) != -1)
+ while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q1246S:o:F:")) != -1)
switch (ch) {
/* User-visible flags. */
case '1':
case '4':
case '6':
case 'C':
- case 'z':
- addargs(&args, "-%c", ch);
- break;
+ addargs(&args, "-%c", ch);
+ break;
case 'o':
case 'c':
case 'i':
setmode(0, O_BINARY);
#endif
break;
- case 'w':
- addargs(&args, "-w%s", optarg);
- break;
default:
usage();
}
{
(void) fprintf(stderr,
"usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
- " [-l limit] [-o ssh_option] [-P port] [-w buffer size] [-S program]\n"
+ " [-l limit] [-o ssh_option] [-P port] [-S program]\n"
" [[user@]host1:]file1 [...] [[user@]host2:]file2\n");
exit(1);
}
options->gss_authentication=-1;
options->gss_keyex = -1;
options->gss_cleanup_creds = -1;
+ options->gss_strict_acceptor = -1;
options->gsi_allow_limited_proxy = -1;
options->password_authentication = -1;
options->kbd_interactive_authentication = -1;
options->permit_tun = -1;
options->num_permitted_opens = -1;
options->adm_forced_command = NULL;
-
- options->none_enabled = -1;
- options->tcp_rcv_buf_poll = -1;
- options->hpn_disabled = -1;
- options->hpn_buffer_size = -1;
+ options->none_enabled = -1;
+ options->tcp_rcv_buf_poll = -1;
+ options->hpn_disabled = -1;
+ options->hpn_buffer_size = -1;
}
void
options->gss_keyex = 1;
if (options->gss_cleanup_creds == -1)
options->gss_cleanup_creds = 1;
+ if (options->gss_strict_acceptor == -1)
+ options->gss_strict_acceptor = 0;
if (options->gsi_allow_limited_proxy == -1)
options->gsi_allow_limited_proxy = 0;
if (options->password_authentication == -1)
sBanner, sUseDNS, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+ sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
sGssKeyEx,
sGsiAllowLimitedProxy,
- sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
+ sAcceptEnv, sPermitTunnel,
sMatch, sPermitOpen, sForceCommand,
sUsePrivilegeSeparation,
sNoneEnabled, sTcpRcvBufPoll,
{ "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
#ifdef GSSAPI
{ "gssapiauthentication", sGssAuthentication, SSHCFG_GLOBAL },
- { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL },
{ "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
+ { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL },
+ { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL },
#ifdef GSI
{ "gsiallowlimitedproxy", sGsiAllowLimitedProxy, SSHCFG_GLOBAL },
#endif
#else
{ "gssapiauthentication", sUnsupported, SSHCFG_GLOBAL },
- { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL },
{ "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
+ { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL },
+ { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL },
+#ifdef GSI
+ { "gsiallowlimitedproxy", sUnsupported, SSHCFG_GLOBAL },
+#endif
#endif
#ifdef SESSION_HOOKS
{ "allowsessionhooks", sAllowSessionHooks, SSHCFG_GLOBAL },
{ "match", sMatch, SSHCFG_ALL },
{ "permitopen", sPermitOpen, SSHCFG_ALL },
{ "forcecommand", sForceCommand, SSHCFG_ALL },
+ { "noneenabled", sNoneEnabled },
+ { "hpndisabled", sHPNDisabled },
+ { "hpnbuffersize", sHPNBufferSize },
+ { "tcprcvbufpoll", sTcpRcvBufPoll },
{ NULL, sBadOption, 0 }
};
intptr = &options->gss_cleanup_creds;
goto parse_flag;
+ case sGssStrictAcceptor:
+ intptr = &options->gss_strict_acceptor;
+
case sGsiAllowLimitedProxy:
intptr = &options->gsi_allow_limited_proxy;
goto parse_flag;
int gss_authentication; /* If true, permit GSSAPI authentication */
int gss_keyex; /* If true, permit GSSAPI key exchange */
int gss_cleanup_creds; /* If true, destroy cred cache on logout */
+ int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */
int gsi_allow_limited_proxy; /* If true, accept limited proxies */
int password_authentication; /* If true, permit password
* authentication. */
}
debug("Received TCP/IP port forwarding request.");
if (channel_input_port_forward_request(s->pw->pw_uid == 0,
- options.gateway_ports,
- options.hpn_disabled, options.hpn_buffer_size) < 0) {
+ options.gateway_ports, options.hpn_disabled,
+ options.hpn_buffer_size) < 0) {
debug("Port forwarding failed.");
break;
}
-SFTP-SERVER(8) OpenBSD System Manager's Manual SFTP-SERVER(8)
+SFTP-SERVER(8) BSD System Manager's Manual SFTP-SERVER(8)
NAME
sftp-server - SFTP server subsystem
DESCRIPTION
sftp-server is a program that speaks the server side of SFTP protocol to
- stdout and expects client requests from stdin. sftp-server is not in-
- tended to be called directly, but from sshd(8) using the Subsystem op-
- tion.
+ stdout and expects client requests from stdin. sftp-server is not
+ intended to be called directly, but from sshd(8) using the Subsystem
+ option.
Command-line flags to sftp-server should be specified in the Subsystem
declaration. See sshd_config(5) for more information.
-l log_level
Specifies which messages will be logged by sftp-server. The pos-
- sible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DE-
- BUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that
- sftp-server performs on behalf of the client. DEBUG and DEBUG1
- are equivalent. DEBUG2 and DEBUG3 each specify higher levels of
- debugging output. The default is ERROR.
+ sible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG,
+ DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions
+ that sftp-server performs on behalf of the client. DEBUG and
+ DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher
+ levels of debugging output. The default is ERROR.
SEE ALSO
sftp(1), ssh(1), sshd_config(5), sshd(8)
AUTHORS
Markus Friedl <markus@openbsd.org>
-OpenBSD 4.0 August 30, 2000 1
+BSD August 30, 2000 BSD
-SFTP(1) OpenBSD Reference Manual SFTP(1)
+SFTP(1) BSD General Commands Manual SFTP(1)
NAME
sftp - secure file transfer program
sftp is an interactive file transfer program, similar to ftp(1), which
performs all operations over an encrypted ssh(1) transport. It may also
use many features of ssh, such as public key authentication and compres-
- sion. sftp connects and logs into the specified host, then enters an in-
- teractive command mode.
+ sion. sftp connects and logs into the specified host, then enters an
+ interactive command mode.
The second usage format will retrieve files automatically if a non-inter-
active authentication method is used; otherwise it will do so after suc-
higher memory consumption. The default is 32768 bytes.
-b batchfile
- Batch mode reads a series of commands from an input batchfile in-
- stead of stdin. Since it lacks user interaction it should be
+ Batch mode reads a series of commands from an input batchfile
+ instead of stdin. Since it lacks user interaction it should be
used in conjunction with non-interactive authentication. A
- batchfile of `-' may be used to indicate standard input. sftp
+ batchfile of '-' may be used to indicate standard input. sftp
will abort if any of the following commands fail: get, put,
rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp,
lpwd and lmkdir. Termination on error can be suppressed on a
- command by command basis by prefixing the command with a `-'
+ command by command basis by prefixing the command with a '-'
character (for example, -rm /tmp/blah*).
-C Enables compression (via ssh's -C flag).
those of ftp(1). Commands are case insensitive. Pathnames that contain
spaces must be enclosed in quotes. Any special characters contained
within pathnames that are recognized by glob(3) must be escaped with
- backslashes (`\').
+ backslashes ('\').
bye Quit sftp.
Retrieve the remote-path and store it on the local machine. If
the local path name is not specified, it is given the same name
it has on the remote machine. remote-path may contain glob(3)
- characters and may match multiple files. If it does and local-
- path is specified, then local-path must specify a directory. If
- the -P flag is specified, then full file permissions and access
- times are copied too.
+ characters and may match multiple files. If it does and
+ local-path is specified, then local-path must specify a direc-
+ tory. If the -P flag is specified, then full file permissions
+ and access times are copied too.
help Display help text.
-1 Produce single columnar output.
- -a List files beginning with a dot (`.').
+ -a List files beginning with a dot ('.').
-f Do not sort the listing. The default sort order is lexi-
cographical.
Toggle display of progress meter.
put [-P] local-path [remote-path]
- Upload local-path and store it on the remote machine. If the re-
- mote path name is not specified, it is given the same name it has
- on the local machine. local-path may contain glob(3) characters
- and may match multiple files. If it does and remote-path is
+ Upload local-path and store it on the remote machine. If the
+ remote path name is not specified, it is given the same name it
+ has on the local machine. local-path may contain glob(3) charac-
+ ters and may match multiple files. If it does and remote-path is
specified, then remote-path must specify a directory. If the -P
flag is specified, then the file's full permission and access
time are copied too.
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
filexfer-00.txt, January 2001, work in progress material.
-OpenBSD 4.0 February 4, 2001 4
+BSD February 4, 2001 BSD
-SSH-ADD(1) OpenBSD Reference Manual SSH-ADD(1)
+SSH-ADD(1) BSD General Commands Manual SSH-ADD(1)
NAME
ssh-add - adds RSA or DSA identities to the authentication agent
ated OpenSSH. Markus Friedl contributed the support for SSH protocol
versions 1.5 and 2.0.
-OpenBSD 4.0 September 25, 1999 2
+BSD September 25, 1999 BSD
-SSH-AGENT(1) OpenBSD Reference Manual SSH-AGENT(1)
+SSH-AGENT(1) BSD General Commands Manual SSH-AGENT(1)
NAME
ssh-agent - authentication agent
The options are as follows:
-a bind_address
- Bind the agent to the unix-domain socket bind_address. The de-
- fault is /tmp/ssh-XXXXXXXXXX/agent.<ppid>.
+ Bind the agent to the unix-domain socket bind_address. The
+ default is /tmp/ssh-XXXXXXXXXX/agent.<ppid>.
-c Generate C-shell commands on stdout. This is the default if
SHELL looks like it's a csh style of shell.
Later ssh(1) looks at these variables and uses them to establish a con-
nection to the agent.
- The agent will never send a private key over its request channel. In-
- stead, operations that require a private key will be performed by the
+ The agent will never send a private key over its request channel.
+ Instead, operations that require a private key will be performed by the
agent, and the result will be returned to the requester. This way, pri-
vate keys are not exposed to clients using the agent.
A unix-domain socket is created and the name of this socket is stored in
the SSH_AUTH_SOCK environment variable. The socket is made accessible
- only to the current user. This method is easily abused by root or anoth-
- er instance of the same user.
+ only to the current user. This method is easily abused by root or
+ another instance of the same user.
The SSH_AGENT_PID environment variable holds the agent's process ID.
ated OpenSSH. Markus Friedl contributed the support for SSH protocol
versions 1.5 and 2.0.
-OpenBSD 4.0 September 25, 1999 2
+BSD September 25, 1999 BSD
#define SSH_GSS_OIDTYPE 0x06
-#define SSH2_MSG_KEXGSS_INIT 30
-#define SSH2_MSG_KEXGSS_CONTINUE 31
-#define SSH2_MSG_KEXGSS_COMPLETE 32
-#define SSH2_MSG_KEXGSS_HOSTKEY 33
-#define SSH2_MSG_KEXGSS_ERROR 34
+#define SSH2_MSG_KEXGSS_INIT 30
+#define SSH2_MSG_KEXGSS_CONTINUE 31
+#define SSH2_MSG_KEXGSS_COMPLETE 32
+#define SSH2_MSG_KEXGSS_HOSTKEY 33
+#define SSH2_MSG_KEXGSS_ERROR 34
#define SSH2_MSG_KEXGSS_GROUPREQ 40
#define SSH2_MSG_KEXGSS_GROUP 41
#define KEX_GSS_GRP1_SHA1_ID "gss-group1-sha1-"
+#define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-"
#define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-"
typedef struct {
typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *);
char *ssh_gssapi_client_mechanisms(const char *host);
-char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, void *);
-gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int *);
-
+char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *);
+gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int);
int ssh_gssapi_server_check_mech(Gssctxt **, gss_OID, const char *);
+
int ssh_gssapi_userok(char *name);
OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
void ssh_gssapi_do_child(char ***, u_int *);
-SSH-KEYGEN(1) OpenBSD Reference Manual SSH-KEYGEN(1)
+SSH-KEYGEN(1) BSD General Commands Manual SSH-KEYGEN(1)
NAME
ssh-keygen - authentication key generation, management and conversion
ssh-keygen -U reader [-f input_keyfile]
ssh-keygen -r hostname [-f input_keyfile] [-g]
ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]
- ssh-keygen -T output_file -f input_file [-v] [-a num_trials] [-W
- generator]
+ ssh-keygen -T output_file -f input_file [-v] [-a num_trials]
+ [-W generator]
DESCRIPTION
ssh-keygen generates, manages and converts authentication keys for
name but ``.pub'' appended. The program also asks for a passphrase. The
passphrase may be empty to indicate no passphrase (host keys must have an
empty passphrase), or it may be a string of arbitrary length. A
- passphrase is similar to a password, except it can be a phrase with a se-
- ries of words, punctuation, numbers, whitespace, or any string of charac-
- ters you want. Good passphrases are 10-30 characters long, are not sim-
- ple sentences or otherwise easily guessable (English prose has only 1-2
- bits of entropy per character, and provides very bad passphrases), and
- contain a mix of upper and lowercase letters, numbers, and non-alphanu-
- meric characters. The passphrase can be changed later by using the -p
- option.
+ passphrase is similar to a password, except it can be a phrase with a
+ series of words, punctuation, numbers, whitespace, or any string of char-
+ acters you want. Good passphrases are 10-30 characters long, are not
+ simple sentences or otherwise easily guessable (English prose has only
+ 1-2 bits of entropy per character, and provides very bad passphrases),
+ and contain a mix of upper and lowercase letters, numbers, and non-
+ alphanumeric characters. The passphrase can be changed later by using
+ the -p option.
There is no way to recover a lost passphrase. If the passphrase is lost
or forgotten, a new key must be generated and copied to the corresponding
-b bits
Specifies the number of bits in the key to create. For RSA keys,
the minimum size is 768 bits and the default is 2048 bits. Gen-
- erally, 2048 bits is considered sufficient. DSA keys must be ex-
- actly 1024 bits as specified by FIPS 186-2.
+ erally, 2048 bits is considered sufficient. DSA keys must be
+ exactly 1024 bits as specified by FIPS 186-2.
-C comment
Provides a new comment.
Download the RSA public key stored in the smartcard in reader.
-e This option will read a private or public OpenSSH key file and
- print the key in a `SECSH Public Key File Format' to stdout.
+ print the key in a 'SECSH Public Key File Format' to stdout.
This option allows exporting keys for use by several commercial
SSH implementations.
-g Use generic DNS format when printing fingerprint resource records
using the -r command.
- -H Hash a known_hosts file. This replaces all hostnames and ad-
- dresses with hashed representations within the specified file;
+ -H Hash a known_hosts file. This replaces all hostnames and
+ addresses with hashed representations within the specified file;
the original content is moved to a file with a .old suffix.
These hashes may be used normally by ssh and sshd, but they do
not reveal identifying information should the file's contents be
-i This option will read an unencrypted private (or public) key file
in SSH2-compatible format and print an OpenSSH compatible private
- (or public) key to stdout. ssh-keygen also reads the `SECSH
+ (or public) key to stdout. ssh-keygen also reads the 'SECSH
Public Key File Format'. This option allows importing keys from
several commercial SSH implementations.
MODULI GENERATION
ssh-keygen may be used to generate groups for the Diffie-Hellman Group
Exchange (DH-GEX) protocol. Generating these groups is a two-step pro-
- cess: first, candidate primes are generated using a fast, but memory in-
- tensive process. These candidate primes are then tested for suitability
- (a CPU-intensive process).
+ cess: first, candidate primes are generated using a fast, but memory
+ intensive process. These candidate primes are then tested for suitabil-
+ ity (a CPU-intensive process).
Generation of primes is performed using the -G option. The desired
length of the primes may be specified by the -b option. For example:
FILES
~/.ssh/identity
Contains the protocol version 1 RSA authentication identity of
- the user. This file should not be readable by anyone but the us-
- er. It is possible to specify a passphrase when generating the
+ the user. This file should not be readable by anyone but the
+ user. It is possible to specify a passphrase when generating the
key; that passphrase will be used to encrypt the private part of
this file using 3DES. This file is not automatically accessed by
ssh-keygen but it is offered as the default file for the private
~/.ssh/id_dsa
Contains the protocol version 2 DSA authentication identity of
- the user. This file should not be readable by anyone but the us-
- er. It is possible to specify a passphrase when generating the
+ the user. This file should not be readable by anyone but the
+ user. It is possible to specify a passphrase when generating the
key; that passphrase will be used to encrypt the private part of
this file using 3DES. This file is not automatically accessed by
ssh-keygen but it is offered as the default file for the private
~/.ssh/id_rsa
Contains the protocol version 2 RSA authentication identity of
- the user. This file should not be readable by anyone but the us-
- er. It is possible to specify a passphrase when generating the
+ the user. This file should not be readable by anyone but the
+ user. It is possible to specify a passphrase when generating the
key; that passphrase will be used to encrypt the private part of
this file using 3DES. This file is not automatically accessed by
ssh-keygen but it is offered as the default file for the private
AUTHORS
OpenSSH is a derivative of the original and free ssh 1.2.12 release by
Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
- de Raadt and Dug Song removed many bugs, re-added newer features and
- created OpenSSH. Markus Friedl contributed the support for SSH protocol
+ de Raadt and Dug Song removed many bugs, re-added newer features and cre-
+ ated OpenSSH. Markus Friedl contributed the support for SSH protocol
versions 1.5 and 2.0.
-OpenBSD 4.0 September 25, 1999 5
+BSD September 25, 1999 BSD
-SSH-KEYSCAN(1) OpenBSD Reference Manual SSH-KEYSCAN(1)
+SSH-KEYSCAN(1) BSD General Commands Manual SSH-KEYSCAN(1)
NAME
ssh-keyscan - gather ssh public keys
Set the timeout for connection attempts. If timeout seconds have
elapsed since a connection was initiated to a host or since the
last time anything was read from that host, then the connection
- is closed and the host in question considered unavailable. De-
- fault is 5 seconds.
+ is closed and the host in question considered unavailable.
+ Default is 5 seconds.
-t type
Specifies the type of the key to fetch from the scanned hosts.
If a ssh_known_hosts file is constructed using ssh-keyscan without veri-
fying the keys, users will be vulnerable to man in the middle attacks.
On the other hand, if the security model allows such a risk, ssh-keyscan
- can help in the detection of tampered keyfiles or man in the middle at-
- tacks which have begun after the ssh_known_hosts file was created.
+ can help in the detection of tampered keyfiles or man in the middle
+ attacks which have begun after the ssh_known_hosts file was created.
FILES
Input format:
This is because it opens a connection to the ssh port, reads the public
key, and drops the connection as soon as it gets the key.
-OpenBSD 4.0 January 1, 1996 2
+BSD January 1, 1996 BSD
-SSH-KEYSIGN(8) OpenBSD System Manager's Manual SSH-KEYSIGN(8)
+SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign - ssh helper program for host-based authentication
AUTHORS
Markus Friedl <markus@openbsd.org>
-OpenBSD 4.0 May 24, 2002 1
+BSD May 24, 2002 BSD
-SSH-RAND-HELPER(8) OpenBSD System Manager's Manual SSH-RAND-HELPER(8)
+SSH-RAND-HELPER(8) BSD System Manager's Manual SSH-RAND-HELPER(8)
NAME
ssh-rand-helper - Random number gatherer for OpenSSH
SEE ALSO
ssh(1), ssh-add(1), ssh-keygen(1), sshd(8)
-OpenBSD 4.0 April 14, 2002 1
+BSD April 14, 2002 BSD
-SSH(1) OpenBSD Reference Manual SSH(1)
+SSH(1) BSD General Commands Manual SSH(1)
NAME
ssh - OpenSSH SSH client (remote login program)
SYNOPSIS
- ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
- [-D [bind_address:]port] [-e escape_char] [-F configfile]
- [-i identity_file] [-L [bind_address:]port:host:hostport]
- [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
- [-R [bind_address:]port:host:hostport] [-S ctl_path]
+ ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec] [-D
+ [bind_address:]port] [-e escape_char] [-F configfile]
+ [-i identity_file] [-L [bind_address:]port:host:hostport]
+ [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-R
+ [bind_address:]port:host:hostport] [-S ctl_path]
[-w local_tun[:remote_tun]] [user@]hostname [command]
DESCRIPTION
ssh (SSH client) is a program for logging into a remote machine and for
executing commands on a remote machine. It is intended to replace rlogin
- and rsh, and provide secure encrypted communications between two untrust-
- ed hosts over an insecure network. X11 connections and arbitrary TCP
- ports can also be forwarded over the secure channel.
+ and rsh, and provide secure encrypted communications between two
+ untrusted hosts over an insecure network. X11 connections and arbitrary
+ TCP ports can also be forwarded over the secure channel.
ssh connects and logs into the specified hostname (with optional user
name). The user must prove his/her identity to the remote machine using
- one of several methods depending on the protocol version used (see be-
- low).
+ one of several methods depending on the protocol version used (see
+ below).
If command is specified, it is executed on the remote host instead of a
login shell.
-b bind_address
Use bind_address on the local machine as the source address of
- the connection. Only useful on systems with more than one ad-
- dress.
+ the connection. Only useful on systems with more than one
+ address.
-C Requests compression of all data (including stdin, stdout,
stderr, and data for forwarded X11 and TCP connections). The
the secure channel, and the application protocol is then used to
determine where to connect to from the remote machine. Currently
the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
- as a SOCKS server. Only root can forward privileged ports. Dy-
- namic port forwardings can also be specified in the configuration
- file.
+ as a SOCKS server. Only root can forward privileged ports.
+ Dynamic port forwardings can also be specified in the configura-
+ tion file.
IPv6 addresses can be specified with an alternative syntax:
[bind_address/]port or by enclosing the address in square brack-
- ets. Only the superuser can forward privileged ports. By de-
- fault, the local port is bound in accordance with the
+ ets. Only the superuser can forward privileged ports. By
+ default, the local port is bound in accordance with the
GatewayPorts setting. However, an explicit bind_address may be
used to bind the connection to a specific address. The
bind_address of ``localhost'' indicates that the listening port
- be bound for local use only, while an empty address or `*' indi-
+ be bound for local use only, while an empty address or '*' indi-
cates that the port should be available from all interfaces.
-e escape_char
- Sets the escape character for sessions with a pty (default: `~').
+ Sets the escape character for sessions with a pty (default: '~').
The escape character is only recognized at the beginning of a
- line. The escape character followed by a dot (`.') closes the
+ line. The escape character followed by a dot ('.') closes the
connection; followed by control-Z suspends the connection; and
followed by itself sends the escape character once. Setting the
character to ``none'' disables any escapes and makes the session
default for the per-user configuration file is ~/.ssh/config.
-f Requests ssh to go to background just before command execution.
- This is useful if ssh is going to ask for passwords or passphras-
- es, but the user wants it in the background. This implies -n.
- The recommended way to start X11 programs at a remote site is
- with something like ssh -f host xterm.
+ This is useful if ssh is going to ask for passwords or
+ passphrases, but the user wants it in the background. This
+ implies -n. The recommended way to start X11 programs at a
+ remote site is with something like ssh -f host xterm.
-g Allows remote hosts to connect to local forwarded ports.
-I smartcard_device
Specify the device ssh should use to communicate with a smartcard
used for storing the user's private RSA key. This option is only
- available if support for smartcard devices is compiled in (de-
- fault is no support).
+ available if support for smartcard devices is compiled in
+ (default is no support).
-i identity_file
Selects a file from which the identity (private key) for RSA or
the secure channel, and a connection is made to host port
hostport from the remote machine. Port forwardings can also be
specified in the configuration file. IPv6 addresses can be spec-
- ified with an alternative syntax: [bind_address/]port/host/host-
- port or by enclosing the address in square brackets. Only the
- superuser can forward privileged ports. By default, the local
- port is bound in accordance with the GatewayPorts setting. How-
- ever, an explicit bind_address may be used to bind the connection
- to a specific address. The bind_address of ``localhost'' indi-
- cates that the listening port be bound for local use only, while
- an empty address or `*' indicates that the port should be avail-
- able from all interfaces.
+ ified with an alternative syntax:
+ [bind_address/]port/host/hostport or by enclosing the address in
+ square brackets. Only the superuser can forward privileged
+ ports. By default, the local port is bound in accordance with
+ the GatewayPorts setting. However, an explicit bind_address may
+ be used to bind the connection to a specific address. The
+ bind_address of ``localhost'' indicates that the listening port
+ be bound for local use only, while an empty address or '*' indi-
+ cates that the port should be available from all interfaces.
-l login_name
Specifies the user to log in as on the remote machine. This also
-M Places the ssh client into ``master'' mode for connection shar-
ing. Multiple -M options places ssh into ``master'' mode with
- confirmation required before slave connections are accepted. Re-
- fer to the description of ControlMaster in ssh_config(5) for de-
- tails.
+ confirmation required before slave connections are accepted.
+ Refer to the description of ControlMaster in ssh_config(5) for
+ details.
-m mac_spec
Additionally, for protocol version 2 a comma-separated list of
-n Redirects stdin from /dev/null (actually, prevents reading from
stdin). This must be used when ssh is run in the background. A
- common trick is to use this to run X11 programs on a remote ma-
- chine. For example, ssh -n shadows.cs.hut.fi emacs & will start
- an emacs on shadows.cs.hut.fi, and the X11 connection will be au-
- tomatically forwarded over an encrypted channel. The ssh program
- will be put in the background. (This does not work if ssh needs
- to ask for a password or passphrase; see also the -f option.)
+ common trick is to use this to run X11 programs on a remote
+ machine. For example, ssh -n shadows.cs.hut.fi emacs & will
+ start an emacs on shadows.cs.hut.fi, and the X11 connection will
+ be automatically forwarded over an encrypted channel. The ssh
+ program will be put in the background. (This does not work if
+ ssh needs to ask for a password or passphrase; see also the -f
+ option.)
-O ctl_cmd
Control an active connection multiplexing master process. When
-o option
Can be used to give options in the format used in the configura-
tion file. This is useful for specifying options for which there
- is no separate command-line flag. For full details of the op-
- tions listed below, and their possible values, see ssh_config(5).
+ is no separate command-line flag. For full details of the
+ options listed below, and their possible values, see
+ ssh_config(5).
AddressFamily
BatchMode
By default, the listening socket on the server will be bound to
the loopback interface only. This may be overriden by specifying
- a bind_address. An empty bind_address, or the address `*', indi-
+ a bind_address. An empty bind_address, or the address '*', indi-
cates that the remote socket should listen on all interfaces.
- Specifying a remote bind_address will only succeed if the serv-
- er's GatewayPorts option is enabled (see sshd_config(5)).
+ Specifying a remote bind_address will only succeed if the
+ server's GatewayPorts option is enabled (see sshd_config(5)).
-S ctl_path
Specifies the location of a control socket for connection shar-
in ssh_config(5) for details.
-s May be used to request invocation of a subsystem on the remote
- system. Subsystems are a feature of the SSH2 protocol which fa-
- cilitate the use of SSH as a secure transport for other applica-
- tions (eg. sftp(1)). The subsystem is specified as the remote
+ system. Subsystems are a feature of the SSH2 protocol which
+ facilitate the use of SSH as a secure transport for other appli-
+ cations (eg. sftp(1)). The subsystem is specified as the remote
command.
-T Disable pseudo-tty allocation.
the verbosity. The maximum is 3.
-w local_tun[:remote_tun]
- Requests tunnel device forwarding with the specified tun(4) de-
- vices between the client (local_tun) and the server (remote_tun).
+ Requests tunnel device forwarding with the specified tun(4)
+ devices between the client (local_tun) and the server
+ (remote_tun).
The devices may be specified by numerical ID or the keyword
``any'', which uses the next available tunnel device. If
through the forwarded connection. An attacker may then be able
to perform activities such as keystroke monitoring.
- For this reason, X11 forwarding is subjected to X11 SECURITY ex-
- tension restrictions by default. Please refer to the ssh -Y op-
- tion and the ForwardX11Trusted directive in ssh_config(5) for
+ For this reason, X11 forwarding is subjected to X11 SECURITY
+ extension restrictions by default. Please refer to the ssh -Y
+ option and the ForwardX11Trusted directive in ssh_config(5) for
more information.
-x Disables X11 forwarding.
strong mechanism for ensuring the integrity of the connection.
The methods available for authentication are: GSSAPI-based authentica-
- tion, host-based authentication, public key authentication, challenge-re-
- sponse authentication, and password authentication. Authentication meth-
- ods are tried in the order specified above, though protocol 2 has a con-
- figuration option to change the default order: PreferredAuthentications.
+ tion, host-based authentication, public key authentication, challenge-
+ response authentication, and password authentication. Authentication
+ methods are tried in the order specified above, though protocol 2 has a
+ configuration option to change the default order:
+ PreferredAuthentications.
Host-based authentication works as follows: If the machine the user logs
in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote
the name of the user on that machine, the user is considered for login.
Additionally, the server must be able to verify the client's host key
(see the description of /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts,
- below) for login to be permitted. This authentication method closes se-
- curity holes due to IP spoofing, DNS spoofing, and routing spoofing.
+ below) for login to be permitted. This authentication method closes
+ security holes due to IP spoofing, DNS spoofing, and routing spoofing.
[Note to the administrator: /etc/hosts.equiv, ~/.rhosts, and the
rlogin/rsh protocol in general, are inherently insecure and should be
disabled if security is desired.]
the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol
2 DSA), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), or
- ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home directory. The us-
- er should then copy the public key to ~/.ssh/authorized_keys in his/her
+ ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home directory. The
+ user should then copy the public key to ~/.ssh/authorized_keys in his/her
home directory on the remote machine. The authorized_keys file corre-
sponds to the conventional ~/.rhosts file, and has one key per line,
though the lines can be very long. After this, the user can log in with-
authentication agent. See ssh-agent(1) for more information.
Challenge-response authentication works as follows: The server sends an
- arbitrary "challenge" text, and prompts for a response. Protocol 2 al-
- lows multiple challenges and responses; protocol 1 is restricted to just
- one challenge/response. Examples of challenge-response authentication
- include BSD Authentication (see login.conf(5)) and PAM (some non-OpenBSD
- systems).
+ arbitrary "challenge" text, and prompts for a response. Protocol 2
+ allows multiple challenges and responses; protocol 1 is restricted to
+ just one challenge/response. Examples of challenge-response authentica-
+ tion include BSD Authentication (see login.conf(5)) and PAM (some non-
+ OpenBSD systems).
Finally, if other authentication methods fail, ssh prompts the user for a
password. The password is sent to the remote host for checking; however,
~/.ssh/known_hosts in the user's home directory. Additionally, the file
/etc/ssh/ssh_known_hosts is automatically checked for known hosts. Any
new hosts are automatically added to the user's file. If a host's iden-
- tification ever changes, ssh warns about this and disables password au-
- thentication to prevent server spoofing or man-in-the-middle attacks,
+ tification ever changes, ssh warns about this and disables password
+ authentication to prevent server spoofing or man-in-the-middle attacks,
which could otherwise be used to circumvent the encryption. The
StrictHostKeyChecking option can be used to control logins to machines
whose host key is not known or has changed.
- When the user's identity has been accepted by the server, the server ei-
- ther executes the given command, or logs into the machine and gives the
+ When the user's identity has been accepted by the server, the server
+ either executes the given command, or logs into the machine and gives the
user a normal shell on the remote machine. All communication with the
remote command or shell will be automatically encrypted.
ter can be changed in configuration files using the EscapeChar configura-
tion directive or on the command line by the -e option.
- The supported escapes (assuming the default `~') are:
+ The supported escapes (assuming the default '~') are:
~. Disconnect.
version 2 and if the peer supports it).
~C Open command line. Currently this allows the addition of port
- forwardings using the -L and -R options (see above). It also al-
- lows the cancellation of existing remote port-forwardings using
+ forwardings using the -L and -R options (see above). It also
+ allows the cancellation of existing remote port-forwardings using
-KR[bind_address:]port. !command allows the user to execute a
local command if the PermitLocalCommand option is enabled in
ssh_config(5). Basic help is available, using the -h option.
If the ForwardAgent variable is set to ``yes'' (or see the description of
the -A and -a options above) and the user is using an authentication
- agent, the connection to the agent is automatically forwarded to the re-
- mote side.
+ agent, the connection to the agent is automatically forwarded to the
+ remote side.
VERIFYING HOST KEYS
When connecting to a server for the first time, a fingerprint of the
SSH-BASED VIRTUAL PRIVATE NETWORKS
ssh contains support for Virtual Private Network (VPN) tunnelling using
- the tun(4) network pseudo-device, allowing two networks to be joined se-
- curely. The sshd_config(5) configuration option PermitTunnel controls
+ the tun(4) network pseudo-device, allowing two networks to be joined
+ securely. The sshd_config(5) configuration option PermitTunnel controls
whether the server supports this, and at what level (layer 2 or 3 traf-
fic).
- The following example would connect client network 10.0.50.0/24 with re-
- mote network 10.0.99.0/24, provided that the SSH server running on the
+ The following example would connect client network 10.0.50.0/24 with
+ remote network 10.0.99.0/24, provided that the SSH server running on the
gateway to the remote network, at 192.168.1.15, allows it:
# ssh -f -w 0:1 192.168.1.15 true
X11 server. It is automatically set by ssh to
point to a value of the form ``hostname:n'', where
``hostname'' indicates the host where the shell
- runs, and `n' is an integer >= 1. ssh uses this
+ runs, and 'n' is an integer >= 1. ssh uses this
special value to forward X11 connections over the
secure channel. The user should normally not set
DISPLAY explicitly, as that will render the X11
communicate with the agent.
SSH_CONNECTION Identifies the client and server ends of the con-
- nection. The variable contains four space-separat-
- ed values: client IP address, client port number,
- server IP address, and server port number.
+ nection. The variable contains four space-sepa-
+ rated values: client IP address, client port num-
+ ber, server IP address, and server port number.
SSH_ORIGINAL_COMMAND This variable contains the original command line if
a forced command is executed. It can be used to
extract the original arguments.
- SSH_TTY This is set to the name of the tty (path to the de-
- vice) associated with the current shell or command.
- If the current session has no tty, this variable is
- not set.
+ SSH_TTY This is set to the name of the tty (path to the
+ device) associated with the current shell or com-
+ mand. If the current session has no tty, this
+ variable is not set.
TZ This variable is set to indicate the present time
zone if it was set when the daemon was started
USER Set to the name of the user logging in.
Additionally, ssh reads ~/.ssh/environment, and adds lines of the format
- ``VARNAME=value'' to the environment if the file exists and users are al-
- lowed to change their environment. For more information, see the
+ ``VARNAME=value'' to the environment if the file exists and users are
+ allowed to change their environment. For more information, see the
PermitUserEnvironment option in sshd_config(5).
FILES
~/.rhosts
This file is used for host-based authentication (see above). On
- some machines this file may need to be world-readable if the us-
- er's home directory is on an NFS partition, because sshd(8) reads
- it as root. Additionally, this file must be owned by the user,
- and must not have write permissions for anyone else. The recom-
- mended permission for most machines is read/write for the user,
- and not accessible by others.
+ some machines this file may need to be world-readable if the
+ user's home directory is on an NFS partition, because sshd(8)
+ reads it as root. Additionally, this file must be owned by the
+ user, and must not have write permissions for anyone else. The
+ recommended permission for most machines is read/write for the
+ user, and not accessible by others.
~/.shosts
This file is used in exactly the same way as .rhosts, but allows
Lists the public keys (RSA/DSA) that can be used for logging in
as this user. The format of this file is described in the
sshd(8) manual page. This file is not highly sensitive, but the
- recommended permissions are read/write for the user, and not ac-
- cessible by others.
+ recommended permissions are read/write for the user, and not
+ accessible by others.
~/.ssh/config
This is the per-user configuration file. The file format and
should only be writable by root.
/etc/shosts.equiv
- This file is used in exactly the same way as hosts.equiv, but al-
- lows host-based authentication without permitting login with
+ This file is used in exactly the same way as hosts.equiv, but
+ allows host-based authentication without permitting login with
rlogin/rsh.
/etc/ssh/ssh_config
/etc/ssh/ssh_host_rsa_key
These three files contain the private parts of the host keys and
are used for host-based authentication. If protocol version 1 is
- used, ssh must be setuid root, since the host key is readable on-
- ly by root. For protocol version 2, ssh uses ssh-keysign(8) to
- access the host keys, eliminating the requirement that ssh be se-
- tuid root when host-based authentication is used. By default ssh
- is not setuid root.
+ used, ssh must be setuid root, since the host key is readable
+ only by root. For protocol version 2, ssh uses ssh-keysign(8) to
+ access the host keys, eliminating the requirement that ssh be
+ setuid root when host-based authentication is used. By default
+ ssh is not setuid root.
/etc/ssh/ssh_known_hosts
Systemwide list of known host keys. This file should be prepared
AUTHORS
OpenSSH is a derivative of the original and free ssh 1.2.12 release by
Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
- de Raadt and Dug Song removed many bugs, re-added newer features and
- created OpenSSH. Markus Friedl contributed the support for SSH protocol
+ de Raadt and Dug Song removed many bugs, re-added newer features and cre-
+ ated OpenSSH. Markus Friedl contributed the support for SSH protocol
versions 1.5 and 2.0.
-OpenBSD 4.0 September 25, 1999 13
+BSD September 25, 1999 BSD
case 'N':
no_shell_flag = 1;
no_tty_flag = 1;
- options.none_switch = 0;
- break;
- case 'T':
- no_tty_flag = 1;
- options.none_switch = 0;
break;
case 'o':
dummy = 1;
exit(255);
xfree(line);
break;
+ case 'T':
+ no_tty_flag = 1;
+ /* ensure that the user doesn't try to backdoor a */
+ /* null cipher switch on an interactive session */
+ /* so explicitly disable it no matter what */
+ options.none_switch=0;
+ break;
case 's':
subsystem_flag = 1;
break;
case 'F':
config = optarg;
break;
- case 'z':
- /* make sure we can't turn on the none_switch */
- /* if they try to force a no tty flag on a tty session */
- if (!no_tty_flag) {
- options.none_switch = 1;
- }
- break;
-
default:
usage();
}
{
Channel *c;
int window, packetmax, in, out, err;
+ int sock;
+ int socksize;
+ int socksizelen = sizeof(int);
if (stdin_null_flag) {
in = open(_PATH_DEVNULL, O_RDONLY);
if (!isatty(err))
set_nonblock(err);
+ /* we need to check to see if what they want to do about buffer */
+ /* sizes here. In a hpn to nonhpn connection we want to limit */
+ /* the window size to something reasonable in case the far side */
+ /* has the large window bug. In hpn to hpn connection we want to */
+ /* use the max window size but allow the user to override it */
+ /* lastly if they disabled hpn then use the ssh std window size */
+
+ /* so why don't we just do a getsockopt() here and set the */
+ /* ssh window to that? In the case of a autotuning receive */
+ /* window the window would get stuck at the initial buffer */
+ /* size generally less than 96k. Therefore we need to set the */
+ /* maximum ssh window size to the maximum hpn buffer size */
+ /* unless the user hasspecifically set the hpnrcvbufpoll */
+ /* to no. In which case we *can* just set the window to the */
+ /* minimum of the hpn buffer size and tcp receive buffer size */
+
if(options.hpn_disabled)
- window = CHAN_SES_WINDOW_DEFAULT;
- else
- window = options.hpn_buffer_size;
+ {
+ options.hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT;
+ }
+ else if (datafellows & SSH_BUG_LARGEWINDOW)
+ {
+ debug("HPN to Non-HPN Connection");
+ if (options.hpn_buffer_size < 0)
+ options.hpn_buffer_size = 2*1024*1024;
+ }
+ else
+ {
+ if (options.hpn_buffer_size < 0)
+ options.hpn_buffer_size = BUFFER_MAX_LEN_HPN;
+ if (options.tcp_rcv_buf_poll <= 0)
+ {
+ /*create a socket but don't connect it */
+ /* we use that the get the rcv socket size */
+ sock = socket(AF_INET, SOCK_STREAM, 0);
+ /* if they are using the tcp_rcv_buf option */
+ /* attempt to set the buffer size to that */
+ if (options.tcp_rcv_buf)
+ setsockopt(sock, SOL_SOCKET, SO_RCVBUF, (void *)&options.tcp_rcv_buf,
+ sizeof(options.tcp_rcv_buf));
+ getsockopt(sock, SOL_SOCKET, SO_RCVBUF,
+ &socksize, &socksizelen);
+ close(sock);
+ debug("socksize %d", socksize);
+ options.hpn_buffer_size = MIN(socksize,options.hpn_buffer_size);
+ }
+ else
+ {
+ if (options.tcp_rcv_buf > 0)
+ options.hpn_buffer_size = MIN(options.tcp_rcv_buf, options.hpn_buffer_size);
+ }
+
+ }
+
+ debug("Final hpn_buffer_size = %d", options.hpn_buffer_size);
+
+ window = options.hpn_buffer_size;
+
packetmax = CHAN_SES_PACKET_DEFAULT;
if (tty_flag) {
window = 4*CHAN_SES_PACKET_DEFAULT;
-# $OpenBSD: ssh_config,v 1.10 2001/04/03 21:19:38 todd Exp $
+# $OpenBSD: ssh_config,v 1.22 2006/05/29 12:56:33 dtucker Exp $
-# This is ssh client systemwide configuration file. See ssh(1) for more
-# information. This file provides defaults for users, and the values can
-# be changed in per-user configuration files or on the command line.
+# This is the ssh client system-wide configuration file. See
+# ssh_config(5) for more information. This file provides defaults for
+# users, and the values can be changed in per-user configuration files
+# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
-# Site-wide defaults for various options
+# Site-wide defaults for some commonly used options. For a comprehensive
+# list of available options, their meanings and defaults, please see the
+# ssh_config(5) man page.
# Host *
# ForwardAgent no
# ForwardX11 no
-# RhostsAuthentication no
-# RhostsRSAAuthentication yes
+# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
-# FallBackToRsh no
-# UseRsh no
+# HostbasedAuthentication no
+# GSSAPIAuthentication yes
+# GSSAPIDelegateCredentials yes
+# GSSAPIKeyExchange yes
+# GSSAPITrustDNS yes
# BatchMode no
# CheckHostIP yes
-# StrictHostKeyChecking yes
+# AddressFamily any
+# ConnectTimeout 0
+# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
-# IdentityFile ~/.ssh/id_dsa
# IdentityFile ~/.ssh/id_rsa
+# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
-# Cipher blowfish
+# Cipher 3des
+# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
+# Tunnel no
+# TunnelDevice any:any
+# PermitLocalCommand no
-SSH_CONFIG(5) OpenBSD Programmer's Manual SSH_CONFIG(5)
+SSH_CONFIG(5) BSD File Formats Manual SSH_CONFIG(5)
NAME
ssh_config - OpenSSH SSH client configuration files
1. command-line options
2. user's configuration file (~/.ssh/config)
- 3. system-wide configuration file (/etc/ssh/ssh_config)
+ 3. GSSAPI configuration file ($HOME/.ssh/config.gssapi)
+ 4. Kerberos configuration file ($HOME/.ssh/config.krb)
+ 5. system-wide configuration file (/etc/ssh/ssh_config)
For each parameter, the first obtained value will be used. The configu-
ration files contain sections separated by ``Host'' specifications, and
The configuration file has the following format:
- Empty lines and lines starting with `#' are comments. Otherwise a line
+ Empty lines and lines starting with '#' are comments. Otherwise a line
is of the format ``keyword arguments''. Configuration options may be
- separated by whitespace or optional whitespace and exactly one `='; the
+ separated by whitespace or optional whitespace and exactly one '='; the
latter format is useful to avoid the need to quote whitespace when speci-
- fying configuration options using the ssh, scp, and sftp -o option. Ar-
- guments may optionally be enclosed in double quotes (") in order to rep-
- resent arguments containing spaces.
+ fying configuration options using the ssh, scp, and sftp -o option.
+ Arguments may optionally be enclosed in double quotes (") in order to
+ represent arguments containing spaces.
The possible keywords and their meanings are as follows (note that key-
words are case-insensitive and arguments are case-sensitive):
Host Restricts the following declarations (up to the next Host key-
word) to be only for those hosts that match one of the patterns
- given after the keyword. A single `*' as a pattern can be used
+ given after the keyword. A single '*' as a pattern can be used
to provide global defaults for all hosts. The host is the
hostname argument given on the command line (i.e. the name is not
converted to a canonicalized host name before matching).
See PATTERNS for more information on patterns.
AddressFamily
- Specifies which address family to use when connecting. Valid ar-
- guments are ``any'', ``inet'' (use IPv4 only), or ``inet6'' (use
- IPv6 only).
+ Specifies which address family to use when connecting. Valid
+ arguments are ``any'', ``inet'' (use IPv4 only), or ``inet6''
+ (use IPv6 only).
BatchMode
If set to ``yes'', passphrase/password querying will be disabled.
``yes'' or ``no''. The default is ``no''.
BindAddress
- Use the specified address on the local machine as the source ad-
- dress of the connection. Only useful on systems with more than
+ Use the specified address on the local machine as the source
+ address of the connection. Only useful on systems with more than
one address. Note that this option does not work if
UsePrivilegedPort is set to ``yes''.
option applies to protocol version 1 only.
ConnectionAttempts
- Specifies the number of tries (one per second) to make before ex-
- iting. The argument must be an integer. This may be useful in
+ Specifies the number of tries (one per second) to make before
+ exiting. The argument must be an integer. This may be useful in
scripts if the connection sometimes fails. The default is 1.
ConnectTimeout
Specifies the timeout (in seconds) used when connecting to the
SSH server, instead of using the default system TCP timeout.
- This value is used only when the target is down or really un-
- reachable, not when it refuses the connection.
+ This value is used only when the target is down or really
+ unreachable, not when it refuses the connection.
ControlMaster
Enables the sharing of multiple sessions over a single network
ControlPath
Specify the path to the control socket used for connection shar-
ing as described in the ControlMaster section above or the string
- ``none'' to disable connection sharing. In the path, `%l' will
- be substituted by the local host name, `%h' will be substituted
- by the target host name, `%p' the port, and `%r' by the remote
+ ``none'' to disable connection sharing. In the path, '%l' will
+ be substituted by the local host name, '%h' will be substituted
+ by the target host name, '%p' the port, and '%r' by the remote
login username. It is recommended that any ControlPath used for
opportunistic connection sharing include at least %h, %p, and %r.
This ensures that shared connections are uniquely identified.
The argument must be [bind_address:]port. IPv6 addresses can be
specified by enclosing addresses in square brackets or by using
- an alternative syntax: [bind_address/]port. By default, the lo-
- cal port is bound in accordance with the GatewayPorts setting.
+ an alternative syntax: [bind_address/]port. By default, the
+ local port is bound in accordance with the GatewayPorts setting.
However, an explicit bind_address may be used to bind the connec-
tion to a specific address. The bind_address of ``localhost''
indicates that the listening port be bound for local use only,
- while an empty address or `*' indicates that the port should be
+ while an empty address or '*' indicates that the port should be
available from all interfaces.
Currently the SOCKS4 and SOCKS5 protocols are supported, and
for more information.
EscapeChar
- Sets the escape character (default: `~'). The escape character
+ Sets the escape character (default: '~'). The escape character
can also be set on the command line. The argument should be a
- single character, `^' followed by a letter, or ``none'' to dis-
+ single character, '^' followed by a letter, or ``none'' to dis-
able the escape character entirely (making the connection trans-
parent for binary data).
the agent.
ForwardX11
- Specifies whether X11 connections will be automatically redirect-
- ed over the secure channel and DISPLAY set. The argument must be
- ``yes'' or ``no''. The default is ``no''.
+ Specifies whether X11 connections will be automatically redi-
+ rected over the secure channel and DISPLAY set. The argument
+ must be ``yes'' or ``no''. The default is ``no''.
X11 forwarding should be enabled with caution. Users with the
ability to bypass file permissions on the remote host (for the
GSSAPIAuthentication
Specifies whether user authentication based on GSSAPI is allowed.
- The default is ``no''. Note that this option applies to protocol
- version 2 only.
+ The default is ``yes''. Note that this option applies to proto-
+ col version 2 only.
+
+ GSSAPIKeyExchange
+ Specifies whether key exchange based on GSSAPI may be used. When
+ using GSSAPI key exchange the server need not have a host key.
+ The default is ``yes''. Note that this option applies to proto-
+ col version 2 only.
GSSAPIDelegateCredentials
Forward (delegate) credentials to the server. The default is
- ``no''. Note that this option applies to protocol version 2 on-
- ly.
+ ``yes''. Note that this option applies to protocol version 2
+ only.
+
+ GSSAPITrustDns
+ Set to ``yes'' to indicate that the DNS is trusted to securely
+ canonicalize the name of the host being connected to. If ``no,''
+ the hostname entered on the command line will be passed untouched
+ to the GSSAPI library. The default is ``yes''. This option only
+ applies to protocol version 2 connections using GSSAPI.
HashKnownHosts
Indicates that ssh(1) should hash host names and addresses when
HostbasedAuthentication
Specifies whether to try rhosts based authentication with public
key authentication. The argument must be ``yes'' or ``no''. The
- default is ``no''. This option applies to protocol version 2 on-
- ly and is similar to RhostsRSAAuthentication.
+ default is ``no''. This option applies to protocol version 2
+ only and is similar to RhostsRSAAuthentication.
HostKeyAlgorithms
Specifies the protocol version 2 host key algorithms that the
tication agent will be used for authentication.
The file name may use the tilde syntax to refer to a user's home
- directory or one of the following escape characters: `%d' (local
- user's home directory), `%u' (local user name), `%l' (local host
- name), `%h' (remote host name) or `%r' (remote user name).
+ directory or one of the following escape characters: '%d' (local
+ user's home directory), '%u' (local user name), '%l' (local host
+ name), '%h' (remote host name) or '%r' (remote user name).
It is possible to have multiple identity files specified in con-
figuration files; all these identities will be tried in sequence.
KbdInteractiveDevices
- Specifies the list of methods to use in keyboard-interactive au-
- thentication. Multiple method names must be comma-separated.
+ Specifies the list of methods to use in keyboard-interactive
+ authentication. Multiple method names must be comma-separated.
The default is to use the server specified list. The methods
available vary depending on what the server supports. For an
OpenSSH server, it may be zero or more of: ``bsdauth'', ``pam'',
LocalCommand
Specifies a command to execute on the local machine after suc-
cessfully connecting to the server. The command string extends
- to the end of the line, and is executed with /bin/sh. This di-
- rective is ignored unless PermitLocalCommand has been enabled.
+ to the end of the line, and is executed with /bin/sh. This
+ directive is ignored unless PermitLocalCommand has been enabled.
LocalForward
Specifies that a TCP port on the local machine be forwarded over
can be given on the command line. Only the superuser can forward
privileged ports. By default, the local port is bound in accor-
dance with the GatewayPorts setting. However, an explicit
- bind_address may be used to bind the connection to a specific ad-
- dress. The bind_address of ``localhost'' indicates that the lis-
- tening port be bound for local use only, while an empty address
- or `*' indicates that the port should be available from all in-
- terfaces.
+ bind_address may be used to bind the connection to a specific
+ address. The bind_address of ``localhost'' indicates that the
+ listening port be bound for local use only, while an empty
+ address or '*' indicates that the port should be available from
+ all interfaces.
LogLevel
Gives the verbosity level that is used when logging messages from
DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify
higher levels of verbose output.
- MACs Specifies the MAC (message authentication code) algorithms in or-
- der of preference. The MAC algorithm is used in protocol version
- 2 for data integrity protection. Multiple algorithms must be
- comma-separated. The default is: ``hmac-md5,hmac-sha1,hmac-
- ripemd160,hmac-sha1-96,hmac-md5-96''.
+ MACs Specifies the MAC (message authentication code) algorithms in
+ order of preference. The MAC algorithm is used in protocol ver-
+ sion 2 for data integrity protection. Multiple algorithms must
+ be comma-separated. The default is:
+ ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96''.
NoHostAuthenticationForLocalhost
This option can be used if the home directory is shared across
- machines. In this case localhost will refer to a different ma-
- chine on each of the machines and the user will get many warnings
- about changed host keys. However, this option disables host au-
- thentication for localhost. The argument to this keyword must be
- ``yes'' or ``no''. The default is to check the host key for lo-
- calhost.
+ machines. In this case localhost will refer to a different
+ machine on each of the machines and the user will get many warn-
+ ings about changed host keys. However, this option disables host
+ authentication for localhost. The argument to this keyword must
+ be ``yes'' or ``no''. The default is to check the host key for
+ localhost.
NumberOfPasswordPrompts
Specifies the number of password prompts before giving up. The
``yes''.
PermitLocalCommand
- Allow local command execution via the LocalCommand option or us-
- ing the !command escape sequence in ssh(1). The argument must be
- ``yes'' or ``no''. The default is ``no''.
+ Allow local command execution via the LocalCommand option or
+ using the !command escape sequence in ssh(1). The argument must
+ be ``yes'' or ``no''. The default is ``no''.
- Port Specifies the port number to connect on the remote host. The de-
- fault is 22.
+ Port Specifies the port number to connect on the remote host. The
+ default is 22.
PreferredAuthentications
- Specifies the order in which the client should try protocol 2 au-
- thentication methods. This allows a client to prefer one method
- (e.g. keyboard-interactive) over another method (e.g. password)
- The default for this option is: ``gssapi-with-mic,hostbased,
- publickey, keyboard-interactive, password''.
+ Specifies the order in which the client should try protocol 2
+ authentication methods. This allows a client to prefer one
+ method (e.g. keyboard-interactive) over another method (e.g.
+ password) The default for this option is: ``gssapi-keyex,
+ external-keyx, gssapi-with-mic, hostbased, publickey, keyboard-
+ interactive, password''.
Protocol
Specifies the protocol versions ssh(1) should support in order of
- preference. The possible values are `1' and `2'. Multiple ver-
+ preference. The possible values are '1' and '2'. Multiple ver-
sions must be comma-separated. The default is ``2,1''. This
means that ssh tries version 2 and falls back to version 1 if
version 2 is not available.
ProxyCommand
Specifies the command to use to connect to the server. The com-
mand string extends to the end of the line, and is executed with
- /bin/sh. In the command string, `%h' will be substituted by the
- host name to connect and `%p' by the port. The command can be
+ /bin/sh. In the command string, '%h' will be substituted by the
+ host name to connect and '%p' by the port. The command can be
basically anything, and should read from its standard input and
write to its standard output. It should eventually connect an
sshd(8) server running on some machine, or execute sshd -i some-
where. Host key management will be done using the HostName of
- the host being connected (defaulting to the name typed by the us-
- er). Setting the command to ``none'' disables this option en-
- tirely. Note that CheckHostIP is not available for connects with
- a proxy command.
+ the host being connected (defaulting to the name typed by the
+ user). Setting the command to ``none'' disables this option
+ entirely. Note that CheckHostIP is not available for connects
+ with a proxy command.
This directive is useful in conjunction with nc(1) and its proxy
support. For example, the following directive would connect via
``yes''. This option applies to protocol version 2 only.
RekeyLimit
- Specifies the maximum amount of data that may be transmitted be-
- fore the session key is renegotiated. The argument is the number
- of bytes, with an optional suffix of `K', `M', or `G' to indicate
- Kilobytes, Megabytes, or Gigabytes, respectively. The default is
- between `1G' and `4G', depending on the cipher. This option ap-
- plies to protocol version 2 only.
+ Specifies the maximum amount of data that may be transmitted
+ before the session key is renegotiated. The argument is the num-
+ ber of bytes, with an optional suffix of 'K', 'M', or 'G' to
+ indicate Kilobytes, Megabytes, or Gigabytes, respectively. The
+ default is between '1G' and '4G', depending on the cipher. This
+ option applies to protocol version 2 only.
RemoteForward
Specifies that a TCP port on the remote machine be forwarded over
privileged ports.
If the bind_address is not specified, the default is to only bind
- to loopback addresses. If the bind_address is `*' or an empty
+ to loopback addresses. If the bind_address is '*' or an empty
string, then the forwarding is requested to listen on all inter-
faces. Specifying a remote bind_address will only succeed if the
server's GatewayPorts option is enabled (see sshd_config(5)).
to AcceptEnv in sshd_config(5) for how to configure the server.
Variables are specified by name, which may contain wildcard char-
acters. Multiple environment variables may be separated by
- whitespace or spread across multiple SendEnv directives. The de-
- fault is not to send any environment variables.
+ whitespace or spread across multiple SendEnv directives. The
+ default is not to send any environment variables.
See PATTERNS for more information on patterns.
ServerAliveCountMax
Sets the number of server alive messages (see below) which may be
sent without ssh(1) receiving any messages back from the server.
- If this threshold is reached while server alive messages are be-
- ing sent, ssh will disconnect from the server, terminating the
+ If this threshold is reached while server alive messages are
+ being sent, ssh will disconnect from the server, terminating the
session. It is important to note that the use of server alive
messages is very different from TCPKeepAlive (below). The server
alive messages are sent through the encrypted channel and there-
SmartcardDevice
Specifies which smartcard device to use. The argument to this
keyword is the device ssh(1) should use to communicate with a
- smartcard used for storing the user's private RSA key. By de-
- fault, no device is specified and smartcard support is not acti-
- vated.
+ smartcard used for storing the user's private RSA key. By
+ default, no device is specified and smartcard support is not
+ activated.
StrictHostKeyChecking
If this flag is set to ``yes'', ssh(1) will never automatically
nect to hosts whose host key has changed. This provides maximum
protection against trojan horse attacks, though it can be annoy-
ing when the /etc/ssh/ssh_known_hosts file is poorly maintained
- or when connections to new hosts are frequently made. This op-
- tion forces the user to manually add all new hosts. If this flag
- is set to ``no'', ssh will automatically add new host keys to the
- user known hosts files. If this flag is set to ``ask'', new host
- keys will be added to the user known host files only after the
- user has confirmed that is what they really want to do, and ssh
- will refuse to connect to hosts whose host key has changed. The
- host keys of known hosts will be verified automatically in all
- cases. The argument must be ``yes'', ``no'', or ``ask''. The
- default is ``ask''.
+ or when connections to new hosts are frequently made. This
+ option forces the user to manually add all new hosts. If this
+ flag is set to ``no'', ssh will automatically add new host keys
+ to the user known hosts files. If this flag is set to ``ask'',
+ new host keys will be added to the user known host files only
+ after the user has confirmed that is what they really want to do,
+ and ssh will refuse to connect to hosts whose host key has
+ changed. The host keys of known hosts will be verified automati-
+ cally in all cases. The argument must be ``yes'', ``no'', or
+ ``ask''. The default is ``ask''.
TCPKeepAlive
Specifies whether the system should send TCP keepalive messages
To disable TCP keepalive messages, the value should be set to
``no''.
- Tunnel Request tun(4) device forwarding between the client and the serv-
- er. The argument must be ``yes'', ``point-to-point'' (layer 3),
- ``ethernet'' (layer 2), or ``no''. Specifying ``yes'' requests
- the default tunnel mode, which is ``point-to-point''. The de-
- fault is ``no''.
+ Tunnel Request tun(4) device forwarding between the client and the
+ server. The argument must be ``yes'', ``point-to-point'' (layer
+ 3), ``ethernet'' (layer 2), or ``no''. Specifying ``yes''
+ requests the default tunnel mode, which is ``point-to-point''.
+ The default is ``no''.
TunnelDevice
Specifies the tun(4) devices to open on the client (local_tun)
is /usr/X11R6/bin/xauth.
PATTERNS
- A pattern consists of zero or more non-whitespace characters, `*' (a
- wildcard that matches zero or more characters), or `?' (a wildcard that
+ A pattern consists of zero or more non-whitespace characters, '*' (a
+ wildcard that matches zero or more characters), or '?' (a wildcard that
matches exactly one character). For example, to specify a set of decla-
rations for any host in the ``.co.uk'' set of domains, the following pat-
tern could be used:
A pattern-list is a comma-separated list of patterns. Patterns within
pattern-lists may be negated by preceding them with an exclamation mark
- (`!'). For example, to allow a key to be used from anywhere within an
- organisation except from the ``dialup'' pool, the following entry (in au-
- thorized_keys) could be used:
+ ('!'). For example, to allow a key to be used from anywhere within an
+ organisation except from the ``dialup'' pool, the following entry (in
+ authorized_keys) could be used:
from="!*.dialup.example.com,*.example.com"
FILES
~/.ssh/config
This is the per-user configuration file. The format of this file
- is described above. This file is used by the SSH client. Be-
- cause of the potential for abuse, this file must have strict per-
- missions: read/write for the user, and not accessible by others.
+ is described above. This file is used by the SSH client.
+ Because of the potential for abuse, this file must have strict
+ permissions: read/write for the user, and not accessible by oth-
+ ers.
/etc/ssh/ssh_config
Systemwide configuration file. This file provides defaults for
ated OpenSSH. Markus Friedl contributed the support for SSH protocol
versions 1.5 and 2.0.
-OpenBSD 4.0 September 25, 1999 10
+BSD September 25, 1999 BSD
.Pa /etc/ssh/ssh_known_hosts .
.It Cm GSSAPIAuthentication
Specifies whether user authentication based on GSSAPI is allowed.
-The default is
+The default is
.Dq yes .
Note that this option applies to protocol version 2 only.
.It Cm GSSAPIKeyExchange
Note that this option applies to protocol version 2 only.
.It Cm GSSAPITrustDns
Set to
-.Dq yes to indicate that the DNS is trusted to securely canonicalize
+.Dq yes
+to indicate that the DNS is trusted to securely canonicalize
the name of the host being connected to. If
-.Dq no, the hostname entered on the
+.Dq no,
+the hostname entered on the
command line will be passed untouched to the GSSAPI library.
The default is
.Dq yes .
-This option only applies to protocol version 2 connections using GSSAPI
-key exchange.
+This option only applies to protocol version 2 connections using GSSAPI.
.It Cm HashKnownHosts
Indicates that
.Xr ssh 1
#ifdef GSSAPI
char *orig = NULL, *gss = NULL;
- int len;
- char *gss_host = NULL;
+ char *gss_host = NULL;
#endif
xxx_host = host;
#ifdef GSSAPI
if (options.gss_keyex) {
- /* Add the GSSAPI mechanisms currently supported on this client to
- * the key exchange algorithm proposal */
- orig = myproposal[PROPOSAL_KEX_ALGS];
- if (options.gss_trust_dns)
- gss_host = (char *)get_canonical_hostname(1);
- else
- gss_host = host;
-
- gss = ssh_gssapi_client_mechanisms(gss_host);
- if (gss) {
- debug("Offering GSSAPI proposal: %s", gss);
- len = strlen(orig) + strlen(gss) + 2;
- myproposal[PROPOSAL_KEX_ALGS] = xmalloc(len);
- snprintf(myproposal[PROPOSAL_KEX_ALGS], len, "%s,%s", gss,
- orig);
- }
+ /* Add the GSSAPI mechanisms currently supported on this
+ * client to the key exchange algorithm proposal */
+ orig = myproposal[PROPOSAL_KEX_ALGS];
+
+ if (options.gss_trust_dns)
+ gss_host = (char *)get_canonical_hostname(1);
+ else
+ gss_host = host;
+
+ gss = ssh_gssapi_client_mechanisms(gss_host);
+ if (gss) {
+ debug("Offering GSSAPI proposal: %s", gss);
+ xasprintf(&myproposal[PROPOSAL_KEX_ALGS],
+ "%s,%s", gss, orig);
+ }
}
#endif
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
}
+
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
myproposal[PROPOSAL_ENC_ALGS_STOC] =
* 'null' hostkey, as a last resort */
if (options.gss_keyex && gss) {
orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
- len = strlen(orig) + sizeof(",null");
- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = xmalloc(len);
- snprintf(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], len,
+ xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS],
"%s,null", orig);
}
#endif
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
+ kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
#ifdef GSSAPI
kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client;
+ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client;
kex->kex[KEX_GSS_GEX_SHA1] = kexgss_client;
#endif
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
kex->verify_host_key=&verify_host_key_callback;
pubkey_cleanup(&authctxt);
dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
- if ((options.none_switch == 1) && (options.none_enabled == 1) && !tty_flag) /* no null on tty sessions */
+
+ /* if the user wants to use the none cipher do it */
+ /* post authentication and only if the right conditions are met */
+ /* both of the NONE commands must be true and there must be no */
+ /* tty allocated */
+ if ((options.none_switch == 1) && (options.none_enabled == 1))
{
- debug("Requesting none rekeying...");
- myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
- myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
- kex_prop2buf(&xxx_kex->my,myproposal);
- packet_request_rekeying();
- fprintf(stderr, "WARNING: ENABLED NULL CIPHER\n");
+ if (!tty_flag) /* no null on tty sessions */
+ {
+ debug("Requesting none rekeying...");
+ myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
+ myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
+ kex_prop2buf(&xxx_kex->my,myproposal);
+ packet_request_rekeying();
+ fprintf(stderr, "WARNING: ENABLED NONE CIPHER\n");
+ }
+ else
+ {
+ /* requested NONE cipher when in a tty */
+ debug("Cannot switch to NONE cipher with tty allocated");
+ fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
+ }
}
debug("Authentication succeeded (%s).", authctxt.method->name);
}
{
Authctxt *authctxt = ctxt;
Gssctxt *gssctxt;
- unsigned int oidlen;
- unsigned char *oidv;
+ u_int oidlen;
+ u_char *oidv;
if (authctxt == NULL)
fatal("input_gssapi_response: no authentication context");
-SSHD(8) OpenBSD System Manager's Manual SSHD(8)
+SSHD(8) BSD System Manager's Manual SSHD(8)
NAME
sshd - OpenSSH SSH daemon
-d Debug mode. The server sends verbose debug output to the system
log, and does not put itself in the background. The server also
will not fork and will only process one connection. This option
- is only intended for debugging for the server. Multiple -d op-
- tions increase the debugging level. Maximum is 3.
+ is only intended for debugging for the server. Multiple -d
+ options increase the debugging level. Maximum is 3.
-e When this option is specified, sshd will send the output to the
standard error instead of the system log.
figuration file.
-g login_grace_time
- Gives the grace time for clients to authenticate themselves (de-
- fault 120 seconds). If the client fails to authenticate the user
- within this many seconds, the server disconnects and exits. A
- value of zero indicates no limit.
+ Gives the grace time for clients to authenticate themselves
+ (default 120 seconds). If the client fails to authenticate the
+ user within this many seconds, the server disconnects and exits.
+ A value of zero indicates no limit.
-h host_key_file
Specifies a file from which a host key is read. This option must
-i Specifies that sshd is being run from inetd(8). sshd is normally
not run from inetd because it needs to generate the server key
before it can respond to the client, and this may take tens of
- seconds. Clients would have to wait too long if the key was re-
- generated every time. However, with small key sizes (e.g. 512)
+ seconds. Clients would have to wait too long if the key was
+ regenerated every time. However, with small key sizes (e.g. 512)
using sshd from inetd may be feasible.
-k key_gen_time
tion for regenerating the key fairly often is that the key is not
stored anywhere, and after about an hour it becomes impossible to
recover the key for decrypting intercepted communications even if
- the machine is cracked into or physically seized. A value of ze-
- ro indicates that the key will never be regenerated.
+ the machine is cracked into or physically seized. A value of
+ zero indicates that the key will never be regenerated.
-o option
Can be used to give options in the format used in the configura-
tion file. This is useful for specifying options for which there
- is no separate command-line flag. For full details of the op-
- tions, and their values, see sshd_config(5).
+ is no separate command-line flag. For full details of the
+ options, and their values, see sshd_config(5).
-p port
Specifies the port on which the server listens for connections
when a command-line port is specified. Ports specified using the
ListenAddress option override command-line ports.
- -q Quiet mode. Nothing is sent to the system log. Normally the be-
- ginning, authentication, and termination of each connection is
+ -q Quiet mode. Nothing is sent to the system log. Normally the
+ beginning, authentication, and termination of each connection is
logged.
-t Test mode. Only check the validity of the configuration file and
indicates that only dotted decimal addresses should be put into
the utmp file. -u0 may also be used to prevent sshd from making
DNS requests unless the authentication mechanism or configuration
- requires it. Authentication mechanisms that may require DNS in-
- clude RhostsRSAAuthentication, HostbasedAuthentication, and using
- a from="pattern-list" option in a key file. Configuration op-
- tions that require DNS include using a USER@HOST pattern in
+ requires it. Authentication mechanisms that may require DNS
+ include RhostsRSAAuthentication, HostbasedAuthentication, and
+ using a from="pattern-list" option in a key file. Configuration
+ options that require DNS include using a USER@HOST pattern in
AllowUsers or DenyUsers.
AUTHENTICATION
The OpenSSH SSH daemon supports SSH protocols 1 and 2. Both protocols
- are supported by default, though this can be changed via the Protocol op-
- tion in sshd_config(5). Protocol 2 supports both RSA and DSA keys; pro-
- tocol 1 only supports RSA keys. For both protocols, each host has a
+ are supported by default, though this can be changed via the Protocol
+ option in sshd_config(5). Protocol 2 supports both RSA and DSA keys;
+ protocol 1 only supports RSA keys. For both protocols, each host has a
host-specific key, normally 2048 bits, used to identify the host.
Forward security for protocol 1 is provided through an additional server
that it is accessible. An account is not accessible if it is locked,
listed in DenyUsers or its group is listed in DenyGroups . The defini-
tion of a locked account is system dependant. Some platforms have their
- own account database (eg AIX) and some modify the passwd field ( `*LK*'
- on Solaris and UnixWare, `*' on HP-UX, containing `Nologin' on Tru64, a
- leading `*LOCKED*' on FreeBSD and a leading `!!' on Linux). If there is
+ own account database (eg AIX) and some modify the passwd field ( '*LK*'
+ on Solaris and UnixWare, '*' on HP-UX, containing 'Nologin' on Tru64, a
+ leading '*LOCKED*' on FreeBSD and a leading '!!' on Linux). If there is
a requirement to disable password authentication for the account while
allowing still public-key, then the passwd field should be set to some-
- thing other than these values (eg `NP' or `*NP*' ).
+ thing other than these values (eg 'NP' or '*NP*' ).
If the client successfully authenticates itself, a dialog for preparing
the session is entered. At this time the client may request things like
allocating a pseudo-tty, forwarding X11 connections, forwarding TCP con-
- nections, or forwarding the authentication agent connection over the se-
- cure channel.
+ nections, or forwarding the authentication agent connection over the
+ secure channel.
After this, the client either requests a shell or execution of a command.
The sides then enter session mode. In this mode, either side may send
AuthorizedKeysFile specifies the file containing public keys for public
key authentication; if none is specified, the default is
~/.ssh/authorized_keys. Each line of the file contains one key (empty
- lines and lines starting with a `#' are ignored as comments). Protocol 1
+ lines and lines starting with a '#' are ignored as comments). Protocol 1
public keys consist of the following space-separated fields: options,
- bits, exponent, modulus, comment. Protocol 2 public key consist of: op-
- tions, keytype, base64-encoded key, comment. The options field is op-
- tional; its presence is determined by whether the line starts with a num-
- ber or not (the options field never starts with a number). The bits, ex-
- ponent, modulus, and comment fields give the RSA key for protocol version
- 1; the comment field is not used for anything (but may be convenient for
- the user to identify the key). For protocol version 2 the keytype is
+ bits, exponent, modulus, comment. Protocol 2 public key consist of:
+ options, keytype, base64-encoded key, comment. The options field is
+ optional; its presence is determined by whether the line starts with a
+ number or not (the options field never starts with a number). The bits,
+ exponent, modulus, and comment fields give the RSA key for protocol ver-
+ sion 1; the comment field is not used for anything (but may be convenient
+ for the user to identify the key). For protocol version 2 the keytype is
``ssh-dss'' or ``ssh-rsa''.
- Note that lines in this file are usually several hundred bytes long (be-
- cause of the size of the public key encoding) up to a limit of 8 kilo-
+ Note that lines in this file are usually several hundred bytes long
+ (because of the size of the public key encoding) up to a limit of 8 kilo-
bytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16
kilobits. You don't want to type them in; instead, copy the
identity.pub, id_dsa.pub, or the id_rsa.pub file and edit it.
for authentication. The command supplied by the user (if any) is
ignored. The command is run on a pty if the client requests a
pty; otherwise it is run without a tty. If an 8-bit clean chan-
- nel is required, one must not request a pty or should specify no-
- pty. A quote may be included in the command by quoting it with a
- backslash. This option might be useful to restrict certain pub-
- lic keys to perform just a specific operation. An example might
- be a key that permits remote backups but nothing else. Note that
- the client may specify TCP and/or X11 forwarding unless they are
- explicitly prohibited. The command originally supplied by the
- client is available in the SSH_ORIGINAL_COMMAND environment vari-
- able. Note that this option applies to shell, command or subsys-
- tem execution.
+ nel is required, one must not request a pty or should specify
+ no-pty. A quote may be included in the command by quoting it
+ with a backslash. This option might be useful to restrict cer-
+ tain public keys to perform just a specific operation. An exam-
+ ple might be a key that permits remote backups but nothing else.
+ Note that the client may specify TCP and/or X11 forwarding unless
+ they are explicitly prohibited. The command originally supplied
+ by the client is available in the SSH_ORIGINAL_COMMAND environ-
+ ment variable. Note that this option applies to shell, command
+ or subsystem execution.
environment="NAME=value"
Specifies that the string is to be added to the environment when
from="pattern-list"
Specifies that in addition to public key authentication, the
canonical name of the remote host must be present in the comma-
- separated list of patterns. The purpose of this option is to op-
- tionally increase security: public key authentication by itself
+ separated list of patterns. The purpose of this option is to
+ optionally increase security: public key authentication by itself
does not trust the network or name servers or anything (but the
key); however, if somebody somehow steals the key, the key per-
- mits an intruder to log in from anywhere in the world. This ad-
- ditional option makes using a stolen key more difficult (name
+ mits an intruder to log in from anywhere in the world. This
+ additional option makes using a stolen key more difficult (name
servers and/or routers would have to be compromised in addition
to just the key).
nect to the specified host and port. IPv6 addresses can be spec-
ified with an alternative syntax: host/port. Multiple permitopen
options may be applied separated by commas. No pattern matching
- is performed on the specified hostnames, they must be literal do-
- mains or addresses.
+ is performed on the specified hostnames, they must be literal
+ domains or addresses.
tunnel="n"
Force a tun(4) device on the server. Without this option, the
Each line in these files contains the following fields: hostnames, bits,
exponent, modulus, comment. The fields are separated by spaces.
- Hostnames is a comma-separated list of patterns (`*' and `?' act as wild-
+ Hostnames is a comma-separated list of patterns ('*' and '?' act as wild-
cards); each pattern in turn is matched against the canonical host name
(when authenticating a client) or against the user-supplied name (when
- authenticating a server). A pattern may also be preceded by `!' to indi-
- cate negation: if the host name matches a negated pattern, it is not ac-
- cepted (by that line) even if it matched another pattern on the line. A
- hostname or address may optionally be enclosed within `[' and `]' brack-
- ets then followed by `:' and a non-standard port number.
+ authenticating a server). A pattern may also be preceded by '!' to indi-
+ cate negation: if the host name matches a negated pattern, it is not
+ accepted (by that line) even if it matched another pattern on the line.
+ A hostname or address may optionally be enclosed within '[' and ']'
+ brackets then followed by ':' and a non-standard port number.
Alternately, hostnames may be stored in a hashed form which hides host
names and addresses should the file's contents be disclosed. Hashed
- hostnames start with a `|' character. Only one hashed hostname may ap-
- pear on a single line and none of the above negation or wildcard opera-
+ hostnames start with a '|' character. Only one hashed hostname may
+ appear on a single line and none of the above negation or wildcard opera-
tors may be applied.
Bits, exponent, and modulus are taken directly from the RSA host key;
they can be obtained, for example, from /etc/ssh/ssh_host_key.pub. The
optional comment field continues to the end of the line, and is not used.
- Lines starting with `#' and empty lines are ignored as comments.
+ Lines starting with '#' and empty lines are ignored as comments.
When performing host authentication, authentication is accepted if any
matching line has the proper key. It is thus permissible (but not recom-
FILES
~/.hushlogin
This file is used to suppress printing the last login time and
- /etc/motd, if PrintLastLog and PrintMotd, respectively, are en-
- abled. It does not suppress printing of the banner specified by
- Banner.
+ /etc/motd, if PrintLastLog and PrintMotd, respectively, are
+ enabled. It does not suppress printing of the banner specified
+ by Banner.
~/.rhosts
This file is used for host-based authentication (see ssh(1) for
If this file, the ~/.ssh directory, or the user's home directory
are writable by other users, then the file could be modified or
- replaced by unauthorized users. In this case, sshd will not al-
- low it to be used unless the StrictModes option has been set to
+ replaced by unauthorized users. In this case, sshd will not
+ allow it to be used unless the StrictModes option has been set to
``no''. The recommended permissions can be set by executing
``chmod go-w ~/ ~/.ssh ~/.ssh/authorized_keys''.
~/.ssh/environment
This file is read into the environment at login (if it exists).
It can only contain empty lines, comment lines (that start with
- `#'), and assignment lines of the form name=value. The file
+ '#'), and assignment lines of the form name=value. The file
should be writable only by the user; it need not be readable by
anyone else. Environment processing is disabled by default and
is controlled via the PermitUserEnvironment option.
/etc/hosts.allow
/etc/hosts.deny
- Access controls that should be enforced by tcp-wrappers are de-
- fined here. Further details are described in hosts_access(5).
+ Access controls that should be enforced by tcp-wrappers are
+ defined here. Further details are described in hosts_access(5).
/etc/hosts.equiv
This file is for host-based authentication (see ssh(1)). It
world-readable.
/etc/shosts.equiv
- This file is used in exactly the same way as hosts.equiv, but al-
- lows host-based authentication without permitting login with
+ This file is used in exactly the same way as hosts.equiv, but
+ allows host-based authentication without permitting login with
rlogin/rsh.
/etc/ssh/ssh_known_hosts
Systemwide list of known host keys. This file should be prepared
by the system administrator to contain the public host keys of
- all machines in the organization. The format of this file is de-
- scribed above. This file should be writable only by root/the
+ all machines in the organization. The format of this file is
+ described above. This file should be writable only by root/the
owner and should be world-readable.
/etc/ssh/ssh_host_key
System security is not improved unless rshd, rlogind, and rexecd are dis-
abled (thus completely disabling rlogin and rsh into the machine).
-OpenBSD 4.0 September 25, 1999 9
+BSD September 25, 1999 BSD
else
gss = NULL;
- if (gss && orig) {
- int len = strlen(orig) + strlen(gss) + 2;
- newstr = xmalloc(len);
- snprintf(newstr, len, "%s,%s", gss, orig);
- } else if (gss) {
+ if (gss && orig)
+ xasprintf(&newstr, "%s,%s", gss, orig);
+ else if (gss)
newstr = gss;
- } else if (orig) {
+ else if (orig)
newstr = orig;
- }
+
/*
* If we've got GSSAPI mechanisms, then we've got the 'null' host
* key alg, but we can't tell people about it unless its the only
#endif
/* start key exchange */
- kex = kex_setup(myproposal);
- kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
+ /* start key exchange */
+ kex = kex_setup(myproposal);
+ kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
+ kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
#ifdef GSSAPI
kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
+ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
#endif
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
# GSSAPI options
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
#MaxStartups 10
#PermitTunnel no
+# no default banner path
+#Banner /some/path
+
+# override default of no subsystems
+Subsystem sftp /usr/libexec/sftp-server
+
# the following are HPN related configuration options
# tcp receive buffer polling. enable in autotuning kernels
#TcpRcvBufPoll no
-
+
# allow the use of the none cipher
#NoneEnabled no
# buffer size for hpn to non-hn connections
#HPNBufferSize 2048
-# end of HPN options
-
-# no default banner path
-#Banner /some/path
-# override default of no subsystems
-Subsystem sftp /usr/libexec/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
-SSHD_CONFIG(5) OpenBSD Programmer's Manual SSHD_CONFIG(5)
+SSHD_CONFIG(5) BSD File Formats Manual SSHD_CONFIG(5)
NAME
sshd_config - OpenSSH SSH daemon configuration file
DESCRIPTION
sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file
specified with -f on the command line). The file contains keyword-argu-
- ment pairs, one per line. Lines starting with `#' and empty lines are
+ ment pairs, one per line. Lines starting with '#' and empty lines are
interpreted as comments. Arguments may optionally be enclosed in double
quotes (") in order to represent arguments containing spaces.
copied into the session's environ(7). See SendEnv in
ssh_config(5) for how to configure the client. Note that envi-
ronment passing is only supported for protocol 2. Variables are
- specified by name, which may contain the wildcard characters `*'
- and `?'. Multiple environment variables may be separated by
+ specified by name, which may contain the wildcard characters '*'
+ and '?'. Multiple environment variables may be separated by
whitespace or spread across multiple AcceptEnv directives. Be
warned that some environment variables could be used to bypass
restricted user environments. For this reason, care should be
AllowTcpForwarding
Specifies whether TCP forwarding is permitted. The default is
- ``yes''. Note that disabling TCP forwarding does not improve se-
- curity unless users are also denied shell access, as they can al-
- ways install their own forwarders.
+ ``yes''. Note that disabling TCP forwarding does not improve
+ security unless users are also denied shell access, as they can
+ always install their own forwarders.
AllowUsers
This keyword can be followed by a list of user name patterns,
- separated by spaces. If specified, login is allowed only for us-
- er names that match one of the patterns. Only user names are
+ separated by spaces. If specified, login is allowed only for
+ user names that match one of the patterns. Only user names are
valid; a numerical user ID is not recognized. By default, login
- is allowed for all users. If the pattern takes the form US-
- ER@HOST then USER and HOST are separately checked, restricting
+ is allowed for all users. If the pattern takes the form
+ USER@HOST then USER and HOST are separately checked, restricting
logins to particular users from particular hosts. The allow/deny
directives are processed in the following order: DenyUsers,
AllowUsers, DenyGroups, and finally AllowGroups.
for user authentication. AuthorizedKeysFile may contain tokens
of the form %T which are substituted during connection setup.
The following tokens are defined: %% is replaced by a literal
- '%', %h is replaced by the home directory of the user being au-
- thenticated, and %u is replaced by the username of that user.
+ '%', %h is replaced by the home directory of the user being
+ authenticated, and %u is replaced by the username of that user.
After expansion, AuthorizedKeysFile is taken to be an absolute
path or one relative to the user's home directory. The default
is ``.ssh/authorized_keys''.
ClientAliveCountMax
Sets the number of client alive messages (see below) which may be
sent without sshd(8) receiving any messages back from the client.
- If this threshold is reached while client alive messages are be-
- ing sent, sshd will disconnect the client, terminating the ses-
+ If this threshold is reached while client alive messages are
+ being sent, sshd will disconnect the client, terminating the ses-
sion. It is important to note that the use of client alive mes-
sages is very different from TCPKeepAlive (below). The client
alive messages are sent through the encrypted channel and there-
separated by spaces. Login is disallowed for users whose primary
group or supplementary group list matches one of the patterns.
Only group names are valid; a numerical group ID is not recog-
- nized. By default, login is allowed for all groups. The al-
- low/deny directives are processed in the following order:
+ nized. By default, login is allowed for all groups. The
+ allow/deny directives are processed in the following order:
DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.
See PATTERNS in ssh_config(5) for more information on patterns.
ForceCommand
Forces the execution of the command specified by ForceCommand,
- ignoring any command supplied by the client. The command is in-
- voked by using the user's login shell with the -c option. This
+ ignoring any command supplied by the client. The command is
+ invoked by using the user's login shell with the -c option. This
applies to shell, command, or subsystem execution. It is most
useful inside a Match block. The command originally supplied by
the client is available in the SSH_ORIGINAL_COMMAND environment
used to specify that sshd should allow remote port forwardings to
bind to non-loopback addresses, thus allowing other hosts to con-
nect. The argument may be ``no'' to force remote port forward-
- ings to be available to the local host only, ``yes'' to force re-
- mote port forwardings to bind to the wildcard address, or
+ ings to be available to the local host only, ``yes'' to force
+ remote port forwardings to bind to the wildcard address, or
``clientspecified'' to allow the client to select the address to
which the forwarding is bound. The default is ``no''.
GSSAPIAuthentication
Specifies whether user authentication based on GSSAPI is allowed.
- The default is ``no''. Note that this option applies to protocol
- version 2 only.
+ The default is ``yes''. Note that this option applies to proto-
+ col version 2 only.
+
+ GSSAPIKeyExchange
+ Specifies whether key exchange based on GSSAPI is allowed. GSSAPI
+ key exchange doesn't rely on ssh keys to verify host identity.
+ The default is ``yes''. Note that this option applies to proto-
+ col version 2 only.
GSSAPICleanupCredentials
Specifies whether to automatically destroy the user's credentials
cache on logout. The default is ``yes''. Note that this option
applies to protocol version 2 only.
+ GSSAPIStrictAcceptorCheck
+ Determines whether to be strict about the identity of the GSSAPI
+ acceptor a client authenticates against. If ``yes'' then the
+ client must authenticate against the host service on the current
+ hostname. If ``no'' then the client may authenticate against any
+ service key stored in the machine's default store. This facility
+ is provided to assist with operation on multi homed machines.
+ The default is ``yes''. Note that this option applies only to
+ protocol version 2 GSSAPI connections, and setting it to ``no''
+ may only work with recent Kerberos GSSAPI libraries.
+
+ GSIAllowLimitedProxy
+ Specifies whether to accept limited proxy credentials for authen-
+ tication. The default is ``no''.
+
HostbasedAuthentication
- Specifies whether rhosts or /etc/hosts.equiv authentication to-
- gether with successful public key client host authentication is
+ Specifies whether rhosts or /etc/hosts.equiv authentication
+ together with successful public key client host authentication is
allowed (host-based authentication). This option is similar to
RhostsRSAAuthentication and applies to protocol version 2 only.
The default is ``no''.
HostbasedUsesNameFromPacketOnly
- Specifies whether or not the server will attempt to perform a re-
- verse name lookup when matching the name in the ~/.shosts,
+ Specifies whether or not the server will attempt to perform a
+ reverse name lookup when matching the name in the ~/.shosts,
~/.rhosts, and /etc/hosts.equiv files during
HostbasedAuthentication. A setting of ``yes'' means that sshd(8)
uses the name supplied by the client rather than attempting to
Specifies that .rhosts and .shosts files will not be used in
RhostsRSAAuthentication or HostbasedAuthentication.
- /etc/hosts.equiv and /etc/shosts.equiv are still used. The de-
- fault is ``yes''.
+ /etc/hosts.equiv and /etc/shosts.equiv are still used. The
+ default is ``yes''.
IgnoreUserKnownHosts
Specifies whether sshd(8) should ignore the user's
MACs Specifies the available MAC (message authentication code) algo-
rithms. The MAC algorithm is used in protocol version 2 for data
- integrity protection. Multiple algorithms must be comma-separat-
- ed. The default is: ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
- sha1-96,hmac-md5-96''.
+ integrity protection. Multiple algorithms must be comma-sepa-
+ rated. The default is:
+ ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96''.
Match Introduces a conditional block. If all of the criteria on the
Match line are satisfied, the keywords on the following lines
- override those set in the global section of the config file, un-
- til either another Match line or the end of the file. The argu-
- ments to Match are one or more criteria-pattern pairs. The
+ override those set in the global section of the config file,
+ until either another Match line or the end of the file. The
+ arguments to Match are one or more criteria-pattern pairs. The
available criteria are User, Group, Host, and Address. Only a
subset of keywords may be used on the lines following a Match
keyword. Available keywords are AllowTcpForwarding,
MaxStartups
Specifies the maximum number of concurrent unauthenticated con-
nections to the SSH daemon. Additional connections will be
- dropped until authentication succeeds or the LoginGraceTime ex-
- pires for a connection. The default is 10.
+ dropped until authentication succeeds or the LoginGraceTime
+ expires for a connection. The default is 10.
Alternatively, random early drop can be enabled by specifying the
three colon separated values ``start:rate:full'' (e.g.
"10:30:60"). sshd(8) will refuse connection attempts with a
probability of ``rate/100'' (30%) if there are currently
- ``start'' (10) unauthenticated connections. The probability in-
- creases linearly and all connection attempts are refused if the
+ ``start'' (10) unauthenticated connections. The probability
+ increases linearly and all connection attempts are refused if the
number of unauthenticated connections reaches ``full'' (60).
PasswordAuthentication
- Specifies whether password authentication is allowed. The de-
- fault is ``yes''.
+ Specifies whether password authentication is allowed. The
+ default is ``yes''.
PermitEmptyPasswords
When password authentication is allowed, it specifies whether the
PermitOpen [IPv6_addr]:port
Multiple forwards may be specified by separating them with
- whitespace. An argument of ``any'' can be used to remove all re-
- strictions and permit any forwarding requests. By default all
+ whitespace. An argument of ``any'' can be used to remove all
+ restrictions and permit any forwarding requests. By default all
port forwarding requests are permitted.
PermitRootLogin
PermitTunnel
Specifies whether tun(4) device forwarding is allowed. The argu-
ment must be ``yes'', ``point-to-point'' (layer 3), ``ethernet''
- (layer 2), or ``no''. Specifying ``yes'' permits both ``point-
- to-point'' and ``ethernet''. The default is ``no''.
+ (layer 2), or ``no''. Specifying ``yes'' permits both
+ ``point-to-point'' and ``ethernet''. The default is ``no''.
PermitUserEnvironment
Specifies whether ~/.ssh/environment and environment= options in
~/.ssh/authorized_keys are processed by sshd(8). The default is
- ``no''. Enabling environment processing may enable users to by-
- pass access restrictions in some configurations using mechanisms
- such as LD_PRELOAD.
+ ``no''. Enabling environment processing may enable users to
+ bypass access restrictions in some configurations using mecha-
+ nisms such as LD_PRELOAD.
PidFile
Specifies the file that contains the process ID of the SSH dae-
Protocol
Specifies the protocol versions sshd(8) supports. The possible
- values are `1' and `2'. Multiple versions must be comma-separat-
- ed. The default is ``2,1''. Note that the order of the protocol
- list does not indicate preference, because the client selects
- among multiple protocol versions offered by the server. Specify-
- ing ``2,1'' is identical to ``1,2''.
+ values are '1' and '2'. Multiple versions must be comma-sepa-
+ rated. The default is ``2,1''. Note that the order of the pro-
+ tocol list does not indicate preference, because the client
+ selects among multiple protocol versions offered by the server.
+ Specifying ``2,1'' is identical to ``1,2''.
PubkeyAuthentication
- Specifies whether public key authentication is allowed. The de-
- fault is ``yes''. Note that this option applies to protocol ver-
- sion 2 only.
+ Specifies whether public key authentication is allowed. The
+ default is ``yes''. Note that this option applies to protocol
+ version 2 only.
RhostsRSAAuthentication
- Specifies whether rhosts or /etc/hosts.equiv authentication to-
- gether with successful RSA host authentication is allowed. The
- default is ``no''. This option applies to protocol version 1 on-
- ly.
+ Specifies whether rhosts or /etc/hosts.equiv authentication
+ together with successful RSA host authentication is allowed. The
+ default is ``no''. This option applies to protocol version 1
+ only.
RSAAuthentication
- Specifies whether pure RSA authentication is allowed. The de-
- fault is ``yes''. This option applies to protocol version 1 on-
- ly.
+ Specifies whether pure RSA authentication is allowed. The
+ default is ``yes''. This option applies to protocol version 1
+ only.
ServerKeyBits
Defines the number of bits in the ephemeral protocol version 1
Arguments should be a subsystem name and a command (with optional
arguments) to execute upon subsystem request. The command
sftp-server(8) implements the ``sftp'' file transfer subsystem.
- By default no subsystems are defined. Note that this option ap-
- plies to protocol version 2 only.
+ By default no subsystems are defined. Note that this option
+ applies to protocol version 2 only.
SyslogFacility
Gives the facility code that is used when logging messages from
sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0,
- LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The de-
- fault is AUTH.
+ LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The
+ default is AUTH.
TCPKeepAlive
Specifies whether the system should send TCP keepalive messages
this means that connections will die if the route is down tem-
porarily, and some people find it annoying. On the other hand,
if TCP keepalives are not sent, sessions may hang indefinitely on
- the server, leaving ``ghost'' users and consuming server re-
- sources.
+ the server, leaving ``ghost'' users and consuming server
+ resources.
The default is ``yes'' (to send TCP keepalive messages), and the
server will notice if the network goes down or the client host
UseLogin
Specifies whether login(1) is used for interactive login ses-
sions. The default is ``no''. Note that login(1) is never used
- for remote command execution. Note also, that if this is en-
- abled, X11Forwarding will be disabled because login(1) does not
+ for remote command execution. Note also, that if this is
+ enabled, X11Forwarding will be disabled because login(1) does not
know how to handle xauth(1) cookies. If UsePrivilegeSeparation
is specified, it will be disabled after authentication.
UsePAM Enables the Pluggable Authentication Module interface. If set to
``yes'' this will enable PAM authentication using
- ChallengeResponseAuthentication and PasswordAuthentication in ad-
- dition to PAM account and session module processing for all au-
- thentication types.
+ ChallengeResponseAuthentication and PasswordAuthentication in
+ addition to PAM account and session module processing for all
+ authentication types.
Because PAM challenge-response authentication usually serves an
equivalent role to password authentication, you should disable
non-root user. The default is ``no''.
UsePrivilegeSeparation
- Specifies whether sshd(8) separates privileges by creating an un-
- privileged child process to deal with incoming network traffic.
+ Specifies whether sshd(8) separates privileges by creating an
+ unprivileged child process to deal with incoming network traffic.
After successful authentication, another process will be created
that has the privilege of the authenticated user. The goal of
privilege separation is to prevent privilege escalation by con-
is configured to listen on the wildcard address (see
X11UseLocalhost below), though this is not the default. Addi-
tionally, the authentication spoofing and authentication data
- verification and substitution occur on the client side. The se-
- curity risk of using X11 forwarding is that the client's X11 dis-
- play server may be exposed to attack when the SSH client requests
- forwarding (see the warnings for ForwardX11 in ssh_config(5)). A
- system administrator may have a stance in which they want to pro-
- tect clients that may expose themselves to attack by unwittingly
- requesting X11 forwarding, which can warrant a ``no'' setting.
+ verification and substitution occur on the client side. The
+ security risk of using X11 forwarding is that the client's X11
+ display server may be exposed to attack when the SSH client
+ requests forwarding (see the warnings for ForwardX11 in
+ ssh_config(5)). A system administrator may have a stance in
+ which they want to protect clients that may expose themselves to
+ attack by unwittingly requesting X11 forwarding, which can war-
+ rant a ``no'' setting.
Note that disabling X11 forwarding does not prevent users from
forwarding X11 traffic, as users can always install their own
proxy display. However, some older X11 clients may not function
with this configuration. X11UseLocalhost may be set to ``no'' to
specify that the forwarding server should be bound to the wild-
- card address. The argument must be ``yes'' or ``no''. The de-
- fault is ``yes''.
+ card address. The argument must be ``yes'' or ``no''. The
+ default is ``yes''.
XAuthLocation
Specifies the full pathname of the xauth(1) program. The default
is /usr/X11R6/bin/xauth.
TIME FORMATS
- sshd(8) command-line arguments and configuration file options that speci-
- fy time may be expressed using a sequence of the form: time[qualifier],
+ sshd(8) command-line arguments and configuration file options that spec-
+ ify time may be expressed using a sequence of the form: time[qualifier],
where time is a positive integer value and qualifier is one of the fol-
lowing:
versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
for privilege separation.
-OpenBSD 4.0 September 25, 1999 9
+BSD September 25, 1999 BSD
The default is
.Dq yes .
Note that this option applies to protocol version 2 only.
+.It Cm GSSAPIStrictAcceptorCheck
+Determines whether to be strict about the identity of the GSSAPI acceptor
+a client authenticates against. If
+.Dq yes
+then the client must authenticate against the
+.Pa host
+service on the current hostname. If
+.Dq no
+then the client may authenticate against any service key stored in the
+machine's default store. This facility is provided to assist with operation
+on multi homed machines.
+The default is
+.Dq yes .
+Note that this option applies only to protocol version 2 GSSAPI connections,
+and setting it to
+.Dq no
+may only work with recent Kerberos GSSAPI libraries.
.It Cm GSIAllowLimitedProxy
Specifies whether to accept limited proxy credentials for
authentication.
#define MGLUE_VERSION ""
#endif
-#define SSH_HPN "-hpn12"
-#define NCSA_VERSION " NCSA_GSSAPI_20060928"
+#define NCSA_VERSION " NCSA_GSSAPI_20061110"
#define SSH_VERSION "OpenSSH_4.4"
#define SSH_PORTABLE "p1"
-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE \
- SSH_HPN NCSA_VERSION GSI_VERSION KRB5_VERSION MGLUE_VERSION
+#define SSH_HPN "-hpn12v12"
+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN \
+ NCSA_VERSION GSI_VERSION KRB5_VERSION MGLUE_VERSION