[openssh.git] / pathnames.h

/*	$OpenBSD: pathnames.h,v 1.10 2001/12/08 17:49:28 stevesk Exp $	*/

/*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 *
 * As far as I am concerned, the code I have written for this software
 * can be used freely for any purpose.  Any derived versions of this
 * software must be clearly marked as such, and if the derived work is
 * incompatible with the protocol description in the RFC file, it must be
 * called by a name other than "ssh" or "Secure Shell".
 */

#ifndef ETCDIR
#define ETCDIR				"/etc"
#endif

#ifndef _PATH_SSH_PIDDIR
#define _PATH_SSH_PIDDIR		"/var/run"
#endif

/*
 * System-wide file containing host keys of known hosts.  This file should be
 * world-readable.
 */
#define _PATH_SSH_SYSTEM_HOSTFILE	ETCDIR "/ssh_known_hosts"
/* backward compat for protocol 2 */
#define _PATH_SSH_SYSTEM_HOSTFILE2	ETCDIR "/ssh_known_hosts2"

/*
 * Of these, ssh_host_key must be readable only by root, whereas ssh_config
 * should be world-readable.
 */
#define _PATH_SERVER_CONFIG_FILE	ETCDIR "/sshd_config"
#define _PATH_HOST_CONFIG_FILE		ETCDIR "/ssh_config"
#define _PATH_HOST_KEY_FILE		ETCDIR "/ssh_host_key"
#define _PATH_HOST_DSA_KEY_FILE		ETCDIR "/ssh_host_dsa_key"
#define _PATH_HOST_RSA_KEY_FILE		ETCDIR "/ssh_host_rsa_key"
#define _PATH_DH_MODULI			ETCDIR "/moduli"
/* Backwards compatibility */
#define _PATH_DH_PRIMES			ETCDIR "/primes"

#ifndef _PATH_SSH_PROGRAM
#define _PATH_SSH_PROGRAM		"/usr/bin/ssh"
#endif

/*
 * The process id of the daemon listening for connections is saved here to
 * make it easier to kill the correct daemon when necessary.
 */
#define _PATH_SSH_DAEMON_PID_FILE	_PATH_SSH_PIDDIR "/sshd.pid"

/*
 * The directory in user\'s home directory in which the files reside. The
 * directory should be world-readable (though not all files are).
 */
#define _PATH_SSH_USER_DIR		".ssh"

/*
 * Per-user file containing host keys of known hosts.  This file need not be
 * readable by anyone except the user him/herself, though this does not
 * contain anything particularly secret.
 */
#define _PATH_SSH_USER_HOSTFILE		"~/.ssh/known_hosts"
/* backward compat for protocol 2 */
#define _PATH_SSH_USER_HOSTFILE2	"~/.ssh/known_hosts2"

/*
 * Name of the default file containing client-side authentication key. This
 * file should only be readable by the user him/herself.
 */
#define _PATH_SSH_CLIENT_IDENTITY	".ssh/identity"
#define _PATH_SSH_CLIENT_ID_DSA		".ssh/id_dsa"
#define _PATH_SSH_CLIENT_ID_RSA		".ssh/id_rsa"

/*
 * Configuration file in user\'s home directory.  This file need not be
 * readable by anyone but the user him/herself, but does not contain anything
 * particularly secret.  If the user\'s home directory resides on an NFS
 * volume where root is mapped to nobody, this may need to be world-readable.
 */
#define _PATH_SSH_USER_CONFFILE		".ssh/config"

/*
 * File containing a list of those rsa keys that permit logging in as this
 * user.  This file need not be readable by anyone but the user him/herself,
 * but does not contain anything particularly secret.  If the user\'s home
 * directory resides on an NFS volume where root is mapped to nobody, this
 * may need to be world-readable.  (This file is read by the daemon which is
 * running as root.)
 */
#define _PATH_SSH_USER_PERMITTED_KEYS	".ssh/authorized_keys"

/* backward compat for protocol v2 */
#define _PATH_SSH_USER_PERMITTED_KEYS2	".ssh/authorized_keys2"

/*
 * Per-user and system-wide ssh "rc" files.  These files are executed with
 * /bin/sh before starting the shell or command if they exist.  They will be
 * passed "proto cookie" as arguments if X11 forwarding with spoofing is in
 * use.  xauth will be run if neither of these exists.
 */
#define _PATH_SSH_USER_RC		".ssh/rc"
#define _PATH_SSH_SYSTEM_RC		ETCDIR "/sshrc"

/*
 * Ssh-only version of /etc/hosts.equiv.  Additionally, the daemon may use
 * ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled.
 */
#define _PATH_SSH_HOSTS_EQUIV		ETCDIR "/shosts.equiv"
#define _PATH_RHOSTS_EQUIV		"/etc/hosts.equiv"

/*
 * Default location of askpass
 */
#ifndef _PATH_SSH_ASKPASS_DEFAULT
#define _PATH_SSH_ASKPASS_DEFAULT	"/usr/X11R6/bin/ssh-askpass"
#endif

/* xauth for X11 forwarding */
#ifndef _PATH_XAUTH
#define _PATH_XAUTH			"/usr/X11R6/bin/xauth"
#endif

/* UNIX domain socket for X11 server; displaynum will replace %u */
#ifndef _PATH_UNIX_X
#define _PATH_UNIX_X "/tmp/.X11-unix/X%u"
#endif

/* for scp */
#ifndef _PATH_CP
#define _PATH_CP			"cp"
#endif

/* for sftp */
#ifndef _PATH_SFTP_SERVER
#define _PATH_SFTP_SERVER		"/usr/libexec/sftp-server"
#endif
#ifndef _PATH_LS
#define _PATH_LS			"ls"
#endif

/* path to login program */
#ifndef LOGIN_PROGRAM
# ifdef LOGIN_PROGRAM_FALLBACK
#  define LOGIN_PROGRAM         LOGIN_PROGRAM_FALLBACK
# else
#  define LOGIN_PROGRAM         "/usr/bin/login"
# endif
#endif /* LOGIN_PROGRAM */

/* Askpass program define */
#ifndef ASKPASS_PROGRAM
#define ASKPASS_PROGRAM         "/usr/lib/ssh/ssh-askpass"
#endif /* ASKPASS_PROGRAM */
Commit	Line	Data
805e659f	1	/* $OpenBSD: pathnames.h,v 1.10 2001/12/08 17:49:28 stevesk Exp $ */
23c2a7a5	2
42f11eb2	3	/*
	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	5	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	6	* All rights reserved
	7	*
	8	* As far as I am concerned, the code I have written for this software
	9	* can be used freely for any purpose. Any derived versions of this
	10	* software must be clearly marked as such, and if the derived work is
	11	* incompatible with the protocol description in the RFC file, it must be
	12	* called by a name other than "ssh" or "Secure Shell".
	13	*/
	14
	15	#ifndef ETCDIR
	16	#define ETCDIR "/etc"
	17	#endif
	18
	19	#ifndef _PATH_SSH_PIDDIR
	20	#define _PATH_SSH_PIDDIR "/var/run"
	21	#endif
	22
	23	/*
	24	* System-wide file containing host keys of known hosts. This file should be
	25	* world-readable.
	26	*/
	27	#define _PATH_SSH_SYSTEM_HOSTFILE ETCDIR "/ssh_known_hosts"
f49bc4f7	28	/* backward compat for protocol 2 */
42f11eb2	29	#define _PATH_SSH_SYSTEM_HOSTFILE2 ETCDIR "/ssh_known_hosts2"
	30
	31	/*
	32	* Of these, ssh_host_key must be readable only by root, whereas ssh_config
	33	* should be world-readable.
	34	*/
42f11eb2	35	#define _PATH_SERVER_CONFIG_FILE ETCDIR "/sshd_config"
42f11eb2	36	#define _PATH_HOST_CONFIG_FILE ETCDIR "/ssh_config"
8002af61	37	#define _PATH_HOST_KEY_FILE ETCDIR "/ssh_host_key"
42f11eb2	38	#define _PATH_HOST_DSA_KEY_FILE ETCDIR "/ssh_host_dsa_key"
8002af61	39	#define _PATH_HOST_RSA_KEY_FILE ETCDIR "/ssh_host_rsa_key"
e2854364	40	#define _PATH_DH_MODULI ETCDIR "/moduli"
e2854364	41	/* Backwards compatibility */
42f11eb2	42	#define _PATH_DH_PRIMES ETCDIR "/primes"
42f11eb2	43
c9606e03	44	#ifndef _PATH_SSH_PROGRAM
42f11eb2	45	#define _PATH_SSH_PROGRAM "/usr/bin/ssh"
c9606e03	46	#endif
42f11eb2	47
	48	/*
	49	* The process id of the daemon listening for connections is saved here to
	50	* make it easier to kill the correct daemon when necessary.
	51	*/
	52	#define _PATH_SSH_DAEMON_PID_FILE _PATH_SSH_PIDDIR "/sshd.pid"
	53
	54	/*
	55	* The directory in user\'s home directory in which the files reside. The
	56	* directory should be world-readable (though not all files are).
	57	*/
	58	#define _PATH_SSH_USER_DIR ".ssh"
	59
	60	/*
	61	* Per-user file containing host keys of known hosts. This file need not be
	62	* readable by anyone except the user him/herself, though this does not
	63	* contain anything particularly secret.
	64	*/
	65	#define _PATH_SSH_USER_HOSTFILE "~/.ssh/known_hosts"
f49bc4f7	66	/* backward compat for protocol 2 */
42f11eb2	67	#define _PATH_SSH_USER_HOSTFILE2 "~/.ssh/known_hosts2"
	68
	69	/*
	70	* Name of the default file containing client-side authentication key. This
	71	* file should only be readable by the user him/herself.
	72	*/
	73	#define _PATH_SSH_CLIENT_IDENTITY ".ssh/identity"
	74	#define _PATH_SSH_CLIENT_ID_DSA ".ssh/id_dsa"
	75	#define _PATH_SSH_CLIENT_ID_RSA ".ssh/id_rsa"
	76
	77	/*
	78	* Configuration file in user\'s home directory. This file need not be
	79	* readable by anyone but the user him/herself, but does not contain anything
	80	* particularly secret. If the user\'s home directory resides on an NFS
	81	* volume where root is mapped to nobody, this may need to be world-readable.
	82	*/
	83	#define _PATH_SSH_USER_CONFFILE ".ssh/config"
	84
	85	/*
	86	* File containing a list of those rsa keys that permit logging in as this
	87	* user. This file need not be readable by anyone but the user him/herself,
	88	* but does not contain anything particularly secret. If the user\'s home
	89	* directory resides on an NFS volume where root is mapped to nobody, this
	90	* may need to be world-readable. (This file is read by the daemon which is
	91	* running as root.)
	92	*/
	93	#define _PATH_SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys"
96a7b0cc	94
96a7b0cc	95	/* backward compat for protocol v2 */
42f11eb2	96	#define _PATH_SSH_USER_PERMITTED_KEYS2 ".ssh/authorized_keys2"
	97
	98	/*
	99	* Per-user and system-wide ssh "rc" files. These files are executed with
	100	* /bin/sh before starting the shell or command if they exist. They will be
	101	* passed "proto cookie" as arguments if X11 forwarding with spoofing is in
	102	* use. xauth will be run if neither of these exists.
	103	*/
	104	#define _PATH_SSH_USER_RC ".ssh/rc"
	105	#define _PATH_SSH_SYSTEM_RC ETCDIR "/sshrc"
	106
	107	/*
	108	* Ssh-only version of /etc/hosts.equiv. Additionally, the daemon may use
	109	* ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled.
	110	*/
	111	#define _PATH_SSH_HOSTS_EQUIV ETCDIR "/shosts.equiv"
	112	#define _PATH_RHOSTS_EQUIV "/etc/hosts.equiv"
	113
	114	/*
	115	* Default location of askpass
	116	*/
effa6591	117	#ifndef _PATH_SSH_ASKPASS_DEFAULT
42f11eb2	118	#define _PATH_SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass"
effa6591	119	#endif
42f11eb2	120
fef01705	121	/* xauth for X11 forwarding */
	122	#ifndef _PATH_XAUTH
	123	#define _PATH_XAUTH "/usr/X11R6/bin/xauth"
	124	#endif
	125
805e659f	126	/* UNIX domain socket for X11 server; displaynum will replace %u */
	127	#ifndef _PATH_UNIX_X
	128	#define _PATH_UNIX_X "/tmp/.X11-unix/X%u"
	129	#endif
	130
42f11eb2	131	/* for scp */
	132	#ifndef _PATH_CP
	133	#define _PATH_CP "cp"
	134	#endif
	135
0426a3b4	136	/* for sftp */
	137	#ifndef _PATH_SFTP_SERVER
	138	#define _PATH_SFTP_SERVER "/usr/libexec/sftp-server"
	139	#endif
a0aede1b	140	#ifndef _PATH_LS
0426a3b4	141	#define _PATH_LS "ls"
a0aede1b	142	#endif
0426a3b4	143
42f11eb2	144	/* path to login program */
	145	#ifndef LOGIN_PROGRAM
	146	# ifdef LOGIN_PROGRAM_FALLBACK
	147	# define LOGIN_PROGRAM LOGIN_PROGRAM_FALLBACK
	148	# else
	149	# define LOGIN_PROGRAM "/usr/bin/login"
	150	# endif
	151	#endif /* LOGIN_PROGRAM */
	152
	153	/* Askpass program define */
	154	#ifndef ASKPASS_PROGRAM
	155	#define ASKPASS_PROGRAM "/usr/lib/ssh/ssh-askpass"
	156	#endif /* ASKPASS_PROGRAM */