[openssh.git] / ssh.h

/* $OpenBSD: ssh.h,v 1.77 2006/03/25 22:22:43 djm Exp $ */

/*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 *
 * As far as I am concerned, the code I have written for this software
 * can be used freely for any purpose.  Any derived versions of this
 * software must be clearly marked as such, and if the derived work is
 * incompatible with the protocol description in the RFC file, it must be
 * called by a name other than "ssh" or "Secure Shell".
 */

#ifndef SSH_H
#define SSH_H

#include <netinet/in.h> /* For struct sockaddr_in */
#include <pwd.h> /* For struct pw */
#include <stdarg.h> /* For va_list */
#include <syslog.h> /* For LOG_AUTH and friends */
#include <sys/socket.h> /* For struct sockaddr_storage */
#ifdef HAVE_SYS_SELECT_H
# include <sys/select.h>
#endif

/* Cipher used for encrypting authentication files. */
#define SSH_AUTHFILE_CIPHER	SSH_CIPHER_3DES

/* Default port number. */
#define SSH_DEFAULT_PORT	22

/* Maximum number of TCP/IP ports forwarded per direction. */
#define SSH_MAX_FORWARDS_PER_DIRECTION	100

/*
 * Maximum number of RSA authentication identity files that can be specified
 * in configuration files or on the command line.
 */
#define SSH_MAX_IDENTITY_FILES		100

/*
 * Maximum length of lines in authorized_keys file.
 * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
 * some room for options and comments.
 */
#define SSH_MAX_PUBKEY_BYTES		8192

/*
 * Major protocol version.  Different version indicates major incompatibility
 * that prevents communication.
 *
 * Minor protocol version.  Different version indicates minor incompatibility
 * that does not prevent interoperation.
 */
#define PROTOCOL_MAJOR_1	1
#define PROTOCOL_MINOR_1	5

/* We support both SSH1 and SSH2 */
#define PROTOCOL_MAJOR_2	2
#define PROTOCOL_MINOR_2	0

/*
 * Name for the service.  The port named by this service overrides the
 * default port if present.
 */
#define SSH_SERVICE_NAME	"ssh"

/*
 * Name of the environment variable containing the process ID of the
 * authentication agent.
 */
#define SSH_AGENTPID_ENV_NAME	"SSH_AGENT_PID"

/*
 * Name of the environment variable containing the pathname of the
 * authentication socket.
 */
#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"

/*
 * Environment variable for overwriting the default location of askpass
 */
#define SSH_ASKPASS_ENV		"SSH_ASKPASS"

/*
 * Force host key length and server key length to differ by at least this
 * many bits.  This is to make double encryption with rsaref work.
 */
#define SSH_KEY_BITS_RESERVED		128

/*
 * Length of the session key in bytes.  (Specified as 256 bits in the
 * protocol.)
 */
#define SSH_SESSION_KEY_LENGTH		32

/* Used to identify ``EscapeChar none'' */
#define SSH_ESCAPECHAR_NONE		-2

/*
 * unprivileged user when UsePrivilegeSeparation=yes;
 * sshd will change its privileges to this user and its
 * primary group.
 */
#ifndef SSH_PRIVSEP_USER
#define SSH_PRIVSEP_USER		"sshd"
#endif

/* Minimum modulus size (n) for RSA keys. */
#define SSH_RSA_MINIMUM_MODULUS_SIZE	768

/* Listen backlog for sshd, ssh-agent and forwarding sockets */
#define SSH_LISTEN_BACKLOG		128

#endif				/* SSH_H */
Commit	Line	Data
56f824f3	1	/* $OpenBSD: ssh.h,v 1.77 2006/03/25 22:22:43 djm Exp $ */
93c3b6de	2
8efc0c15	3	/*
5260325f	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
5260325f	5	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5260325f	6	* All rights reserved
6ae2364d	7	*
bcbf86ec	8	* As far as I am concerned, the code I have written for this software
	9	* can be used freely for any purpose. Any derived versions of this
	10	* software must be clearly marked as such, and if the derived work is
	11	* incompatible with the protocol description in the RFC file, it must be
	12	* called by a name other than "ssh" or "Secure Shell".
5260325f	13	*/
8efc0c15	14
8efc0c15	15	#ifndef SSH_H
	16	#define SSH_H
	17
4cca272e	18	#include <netinet/in.h> /* For struct sockaddr_in */
4cca272e	19	#include <pwd.h> /* For struct pw */
6a17f9c2	20	#include <stdarg.h> /* For va_list */
57ce3f00	21	#include <syslog.h> /* For LOG_AUTH and friends */
48e671d5	22	#include <sys/socket.h> /* For struct sockaddr_storage */
eef6f7e9	23	#ifdef HAVE_SYS_SELECT_H
	24	# include <sys/select.h>
	25	#endif
42f11eb2	26
8efc0c15	27	/* Cipher used for encrypting authentication files. */
	28	#define SSH_AUTHFILE_CIPHER SSH_CIPHER_3DES
	29
	30	/* Default port number. */
	31	#define SSH_DEFAULT_PORT 22
	32
	33	/* Maximum number of TCP/IP ports forwarded per direction. */
	34	#define SSH_MAX_FORWARDS_PER_DIRECTION 100
	35
aa3378df	36	/*
	37	* Maximum number of RSA authentication identity files that can be specified
	38	* in configuration files or on the command line.
	39	*/
8efc0c15	40	#define SSH_MAX_IDENTITY_FILES 100
8efc0c15	41
ea067773	42	/*
	43	* Maximum length of lines in authorized_keys file.
	44	* Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
	45	* some room for options and comments.
	46	*/
	47	#define SSH_MAX_PUBKEY_BYTES 8192
	48
aa3378df	49	/*
7f056bc5	50	* Major protocol version. Different version indicates major incompatibility
aa3378df	51	* that prevents communication.
a8be9f80	52	*
aa3378df	53	* Minor protocol version. Different version indicates minor incompatibility
	54	* that does not prevent interoperation.
	55	*/
a8be9f80	56	#define PROTOCOL_MAJOR_1 1
	57	#define PROTOCOL_MINOR_1 5
	58
	59	/* We support both SSH1 and SSH2 */
	60	#define PROTOCOL_MAJOR_2 2
	61	#define PROTOCOL_MINOR_2 0
8efc0c15	62
aa3378df	63	/*
	64	* Name for the service. The port named by this service overrides the
	65	* default port if present.
	66	*/
8efc0c15	67	#define SSH_SERVICE_NAME "ssh"
8efc0c15	68
aa3378df	69	/*
a8bbdc75	70	* Name of the environment variable containing the process ID of the
a8bbdc75	71	* authentication agent.
aa3378df	72	*/
b705bea0	73	#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
8efc0c15	74
aa3378df	75	/*
	76	* Name of the environment variable containing the pathname of the
	77	* authentication socket.
	78	*/
42f11eb2	79	#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
50da1126	80
57112b5a	81	/*
42f11eb2	82	* Environment variable for overwriting the default location of askpass
57112b5a	83	*/
57112b5a	84	#define SSH_ASKPASS_ENV "SSH_ASKPASS"
57112b5a	85
aa3378df	86	/*
	87	* Force host key length and server key length to differ by at least this
	88	* many bits. This is to make double encryption with rsaref work.
	89	*/
8efc0c15	90	#define SSH_KEY_BITS_RESERVED 128
8efc0c15	91
aa3378df	92	/*
	93	* Length of the session key in bytes. (Specified as 256 bits in the
	94	* protocol.)
	95	*/
8efc0c15	96	#define SSH_SESSION_KEY_LENGTH 32
8efc0c15	97
4bf9c10e	98	/* Used to identify ``EscapeChar none'' */
	99	#define SSH_ESCAPECHAR_NONE -2
	100
2ea6de2b	101	/*
2ea6de2b	102	* unprivileged user when UsePrivilegeSeparation=yes;
5de727d6	103	* sshd will change its privileges to this user and its
2ea6de2b	104	* primary group.
2ea6de2b	105	*/
9a0fbcb3	106	#ifndef SSH_PRIVSEP_USER
897fecd3	107	#define SSH_PRIVSEP_USER "sshd"
9a0fbcb3	108	#endif
2ea6de2b	109
82b00264	110	/* Minimum modulus size (n) for RSA keys. */
	111	#define SSH_RSA_MINIMUM_MODULUS_SIZE 768
	112
fce39749	113	/* Listen backlog for sshd, ssh-agent and forwarding sockets */
	114	#define SSH_LISTEN_BACKLOG 128
	115
5260325f	116	#endif /* SSH_H */