[openssh.git] / README

[ A Japanese translation of this document is available at
[ http://www.unixuser.org/%7Eharuyama/security/openssh/index.html
[ Thanks to HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>

******* IMPORTANT
* On systmes which lack a /dev/random driver, version of this port
* prior to 1.2.2 were not correctly seeding OpenSSL's random number
* pool. This resulted in lower quality RSA keys being generated. If
* you generated host or user keys with v1.2.2 or previous versions, 
* please generate new ones using a more recent version.

This is the port of OpenBSD's excellent OpenSSH to Linux and other
Unices.

OpenSSH is based on the last free version of Tatu Ylonen's SSH with
all patent-encumbered algorithms removed (to external libraries), all
known security bugs fixed, new features reintroduced and many other
clean-ups. More information about SSH itself can be found in the file
README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck,
Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a
homepage at http://www.openssh.com/

This port consists of the re-introduction of autoconf support, PAM
support (for Linux and Solaris), EGD[1] support and replacements for 
OpenBSD library functions that are (regrettably) absent from other 
unices. This port has been best tested on Linux, Solaris, HPUX, NetBSD 
and Irix. Support for AIX, SCO, NeXT and other Unices is underway. 
This version actively tracks changes in the OpenBSD CVS repository.

The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
all logins, not just when using password authentication.

OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4].

There is now several mailing lists for this port of OpenSSH. Please
refer to http://www.openssh.com/list.html for details on how to join.

Please send bug reports and patches to the mailing list
openssh-unix-dev@mindrot.org. The list is open to posting by
unsubscribed users.

If you are a citizen of the USA or another country which restricts 
export of cryptographic products, then please refrain from sending 
crypto-related code or patches to the list. We cannot accept them.
Other code contribution are accepted, but please follow the OpenBSD
style guidelines[5].

Please refer to the INSTALL document for information on how to install
OpenSSH on your system. The UPGRADING document details differences 
between this port of OpenSSH and F-Secure SSH 1.x.

Damien Miller <djm@ibs.com.au>
Internet Business Solutions

Miscellania - 

This version of SSH is based upon code retrieved from the OpenBSD CVS
repository which in turn was based on the last free 
version of SSH released by Tatu Ylonen.

References -

[1] http://www.lothar.com/tech/crypto/
[2] ftp://ftp.freesoftware.com/pub/infozip/zlib/
[3] http://www.openssl.org/
[4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris)
[5] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9&apropos=0&manpath=OpenBSD+Current
Commit	Line	Data
6b1f3fdb	1	[ A Japanese translation of this document is available at
	2	[ http://www.unixuser.org/%7Eharuyama/security/openssh/index.html
	3	[ Thanks to HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
	4
e21f1caa	5	******* IMPORTANT
e93ee87a	6	* On systmes which lack a /dev/random driver, version of this port
e93ee87a	7	* prior to 1.2.2 were not correctly seeding OpenSSL's random number
e21f1caa	8	* pool. This resulted in lower quality RSA keys being generated. If
e93ee87a	9	* you generated host or user keys with v1.2.2 or previous versions,
e93ee87a	10	* please generate new ones using a more recent version.
e21f1caa	11
06479889	12	This is the port of OpenBSD's excellent OpenSSH to Linux and other
06479889	13	Unices.
8efc0c15	14
97784962	15	OpenSSH is based on the last free version of Tatu Ylonen's SSH with
1cbe6fb2	16	all patent-encumbered algorithms removed (to external libraries), all
	17	known security bugs fixed, new features reintroduced and many other
	18	clean-ups. More information about SSH itself can be found in the file
	19	README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck,
	20	Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a
	21	homepage at http://www.openssh.com/
8efc0c15	22
4f6716dc	23	This port consists of the re-introduction of autoconf support, PAM
e93ee87a	24	support (for Linux and Solaris), EGD[1] support and replacements for
	25	OpenBSD library functions that are (regrettably) absent from other
	26	unices. This port has been best tested on Linux, Solaris, HPUX, NetBSD
	27	and Irix. Support for AIX, SCO, NeXT and other Unices is underway.
	28	This version actively tracks changes in the OpenBSD CVS repository.
8efc0c15	29
97784962	30	The PAM support is now more functional than the popular packages of
97784962	31	commercial ssh-1.2.x. It checks "account" and "session" modules for
4ae1982f	32	all logins, not just when using password authentication.
8efc0c15	33
e93ee87a	34	OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4].
aa51e7cc	35
1cbe6fb2	36	There is now several mailing lists for this port of OpenSSH. Please
a905808d	37	refer to http://www.openssh.com/list.html for details on how to join.
c6ab4a33	38
1cbe6fb2	39	Please send bug reports and patches to the mailing list
be0b9bb7	40	openssh-unix-dev@mindrot.org. The list is open to posting by
1cbe6fb2	41	unsubscribed users.
7303768f	42
be0b9bb7	43	If you are a citizen of the USA or another country which restricts
	44	export of cryptographic products, then please refrain from sending
	45	crypto-related code or patches to the list. We cannot accept them.
	46	Other code contribution are accepted, but please follow the OpenBSD
	47	style guidelines[5].
	48
8bc7973f	49	Please refer to the INSTALL document for information on how to install
1cbe6fb2	50	OpenSSH on your system. The UPGRADING document details differences
1cbe6fb2	51	between this port of OpenSSH and F-Secure SSH 1.x.
4ae1982f	52
97784962	53	Damien Miller <djm@ibs.com.au>
97784962	54	Internet Business Solutions
8efc0c15	55
97784962	56	Miscellania -
8efc0c15	57
97784962	58	This version of SSH is based upon code retrieved from the OpenBSD CVS
1cbe6fb2	59	repository which in turn was based on the last free
4f080ebe	60	version of SSH released by Tatu Ylonen.
8efc0c15	61
e1a9c08d	62	References -
e1a9c08d	63
4f6716dc	64	[1] http://www.lothar.com/tech/crypto/
b57eed4f	65	[2] ftp://ftp.freesoftware.com/pub/infozip/zlib/
4f6716dc	66	[3] http://www.openssl.org/
4f6716dc	67	[4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris)
be0b9bb7	68	[5] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9&apropos=0&manpath=OpenBSD+Current
4f080ebe	69