2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * Functions for reading the configuration files.
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
15 RCSID("$OpenBSD: readconf.c,v 1.78 2001/05/18 14:13:28 markus Exp $");
21 #include "pathnames.h"
29 /* Format of the configuration file:
31 # Configuration data is parsed as follows:
32 # 1. command line options
33 # 2. user-specific file
35 # Any configuration value is only changed the first time it is set.
36 # Thus, host-specific definitions should be at the beginning of the
37 # configuration file, and defaults at the end.
39 # Host-specific declarations. These may override anything above. A single
40 # host may match multiple declarations; these are processed in the order
41 # that they are given in.
47 HostName another.host.name.real.org
54 RemoteForward 9999 shadows.cs.hut.fi:9999
60 RhostsAuthentication no
61 PasswordAuthentication no
65 ProxyCommand ssh-proxy %h %p
72 PasswordAuthentication no
74 # Defaults for various options
78 RhostsAuthentication yes
79 PasswordAuthentication yes
81 RhostsRSAAuthentication yes
84 StrictHostKeyChecking yes
86 IdentityFile ~/.ssh/identity
96 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
97 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
98 oChallengeResponseAuthentication, oXAuthLocation,
100 oKerberosAuthentication,
103 oKerberosTgtPassing, oAFSTokenPassing,
105 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
106 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
107 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
108 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
109 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
110 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
111 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
112 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
113 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
114 oHostKeyAlgorithms, oBindAddress
117 /* Textual representations of the tokens. */
123 { "forwardagent", oForwardAgent },
124 { "forwardx11", oForwardX11 },
125 { "xauthlocation", oXAuthLocation },
126 { "gatewayports", oGatewayPorts },
127 { "useprivilegedport", oUsePrivilegedPort },
128 { "rhostsauthentication", oRhostsAuthentication },
129 { "passwordauthentication", oPasswordAuthentication },
130 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
131 { "kbdinteractivedevices", oKbdInteractiveDevices },
132 { "rsaauthentication", oRSAAuthentication },
133 { "pubkeyauthentication", oPubkeyAuthentication },
134 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
135 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
136 { "hostbasedauthentication", oHostbasedAuthentication },
137 { "challengeresponseauthentication", oChallengeResponseAuthentication },
138 { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
139 { "tisauthentication", oChallengeResponseAuthentication }, /* alias */
141 { "kerberosauthentication", oKerberosAuthentication },
144 { "kerberostgtpassing", oKerberosTgtPassing },
145 { "afstokenpassing", oAFSTokenPassing },
147 { "fallbacktorsh", oFallBackToRsh },
148 { "usersh", oUseRsh },
149 { "identityfile", oIdentityFile },
150 { "identityfile2", oIdentityFile }, /* alias */
151 { "hostname", oHostName },
152 { "hostkeyalias", oHostKeyAlias },
153 { "proxycommand", oProxyCommand },
155 { "cipher", oCipher },
156 { "ciphers", oCiphers },
158 { "protocol", oProtocol },
159 { "remoteforward", oRemoteForward },
160 { "localforward", oLocalForward },
163 { "escapechar", oEscapeChar },
164 { "globalknownhostsfile", oGlobalKnownHostsFile },
165 { "userknownhostsfile", oUserKnownHostsFile },
166 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
167 { "userknownhostsfile2", oUserKnownHostsFile2 },
168 { "connectionattempts", oConnectionAttempts },
169 { "batchmode", oBatchMode },
170 { "checkhostip", oCheckHostIP },
171 { "stricthostkeychecking", oStrictHostKeyChecking },
172 { "compression", oCompression },
173 { "compressionlevel", oCompressionLevel },
174 { "keepalive", oKeepAlives },
175 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
176 { "loglevel", oLogLevel },
177 { "dynamicforward", oDynamicForward },
178 { "preferredauthentications", oPreferredAuthentications },
179 { "hostkeyalgorithms", oHostKeyAlgorithms },
180 { "bindaddress", oBindAddress },
185 * Adds a local TCP/IP port forward to options. Never returns if there is an
190 add_local_forward(Options *options, u_short port, const char *host,
195 extern uid_t original_real_uid;
196 if (port < IPPORT_RESERVED && original_real_uid != 0)
197 fatal("Privileged ports can only be forwarded by root.");
199 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
200 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
201 fwd = &options->local_forwards[options->num_local_forwards++];
203 fwd->host = xstrdup(host);
204 fwd->host_port = host_port;
208 * Adds a remote TCP/IP port forward to options. Never returns if there is
213 add_remote_forward(Options *options, u_short port, const char *host,
217 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
218 fatal("Too many remote forwards (max %d).",
219 SSH_MAX_FORWARDS_PER_DIRECTION);
220 fwd = &options->remote_forwards[options->num_remote_forwards++];
222 fwd->host = xstrdup(host);
223 fwd->host_port = host_port;
227 * Returns the number of the token pointed to by cp or oBadOption.
231 parse_token(const char *cp, const char *filename, int linenum)
235 for (i = 0; keywords[i].name; i++)
236 if (strcasecmp(cp, keywords[i].name) == 0)
237 return keywords[i].opcode;
239 error("%s: line %d: Bad configuration option: %s",
240 filename, linenum, cp);
245 * Processes a single option line as used in the configuration files. This
246 * only sets those values that have not already been set.
250 process_config_line(Options *options, const char *host,
251 char *line, const char *filename, int linenum,
254 char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
255 int opcode, *intptr, value;
256 u_short fwd_port, fwd_host_port;
259 /* Get the keyword. (Each line is supposed to begin with a keyword). */
260 keyword = strdelim(&s);
261 /* Ignore leading whitespace. */
262 if (*keyword == '\0')
263 keyword = strdelim(&s);
264 if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
267 opcode = parse_token(keyword, filename, linenum);
271 /* don't panic, but count bad options */
275 intptr = &options->forward_agent;
278 if (!arg || *arg == '\0')
279 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
280 value = 0; /* To avoid compiler warning... */
281 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
283 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
286 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
287 if (*activep && *intptr == -1)
292 intptr = &options->forward_x11;
296 intptr = &options->gateway_ports;
299 case oUsePrivilegedPort:
300 intptr = &options->use_privileged_port;
303 case oRhostsAuthentication:
304 intptr = &options->rhosts_authentication;
307 case oPasswordAuthentication:
308 intptr = &options->password_authentication;
311 case oKbdInteractiveAuthentication:
312 intptr = &options->kbd_interactive_authentication;
315 case oKbdInteractiveDevices:
316 charptr = &options->kbd_interactive_devices;
319 case oPubkeyAuthentication:
320 intptr = &options->pubkey_authentication;
323 case oRSAAuthentication:
324 intptr = &options->rsa_authentication;
327 case oRhostsRSAAuthentication:
328 intptr = &options->rhosts_rsa_authentication;
331 case oHostbasedAuthentication:
332 intptr = &options->hostbased_authentication;
335 case oChallengeResponseAuthentication:
336 intptr = &options->challenge_response_authentication;
340 case oKerberosAuthentication:
341 intptr = &options->kerberos_authentication;
346 case oKerberosTgtPassing:
347 intptr = &options->kerberos_tgt_passing;
350 case oAFSTokenPassing:
351 intptr = &options->afs_token_passing;
356 intptr = &options->fallback_to_rsh;
360 intptr = &options->use_rsh;
364 intptr = &options->batch_mode;
368 intptr = &options->check_host_ip;
371 case oStrictHostKeyChecking:
372 intptr = &options->strict_host_key_checking;
374 if (!arg || *arg == '\0')
375 fatal("%.200s line %d: Missing yes/no/ask argument.",
377 value = 0; /* To avoid compiler warning... */
378 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
380 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
382 else if (strcmp(arg, "ask") == 0)
385 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
386 if (*activep && *intptr == -1)
391 intptr = &options->compression;
395 intptr = &options->keepalives;
398 case oNumberOfPasswordPrompts:
399 intptr = &options->number_of_password_prompts;
402 case oCompressionLevel:
403 intptr = &options->compression_level;
408 if (!arg || *arg == '\0')
409 fatal("%.200s line %d: Missing argument.", filename, linenum);
411 intptr = &options->num_identity_files;
412 if (*intptr >= SSH_MAX_IDENTITY_FILES)
413 fatal("%.200s line %d: Too many identity files specified (max %d).",
414 filename, linenum, SSH_MAX_IDENTITY_FILES);
415 charptr = &options->identity_files[*intptr];
416 *charptr = xstrdup(arg);
417 *intptr = *intptr + 1;
422 charptr=&options->xauth_location;
426 charptr = &options->user;
429 if (!arg || *arg == '\0')
430 fatal("%.200s line %d: Missing argument.", filename, linenum);
431 if (*activep && *charptr == NULL)
432 *charptr = xstrdup(arg);
435 case oGlobalKnownHostsFile:
436 charptr = &options->system_hostfile;
439 case oUserKnownHostsFile:
440 charptr = &options->user_hostfile;
443 case oGlobalKnownHostsFile2:
444 charptr = &options->system_hostfile2;
447 case oUserKnownHostsFile2:
448 charptr = &options->user_hostfile2;
452 charptr = &options->hostname;
456 charptr = &options->host_key_alias;
459 case oPreferredAuthentications:
460 charptr = &options->preferred_authentications;
464 charptr = &options->bind_address;
468 charptr = &options->proxy_command;
469 string = xstrdup("");
470 while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
471 string = xrealloc(string, strlen(string) + strlen(arg) + 2);
475 if (*activep && *charptr == NULL)
482 intptr = &options->port;
485 if (!arg || *arg == '\0')
486 fatal("%.200s line %d: Missing argument.", filename, linenum);
487 if (arg[0] < '0' || arg[0] > '9')
488 fatal("%.200s line %d: Bad number.", filename, linenum);
490 /* Octal, decimal, or hex format? */
491 value = strtol(arg, &endofnumber, 0);
492 if (arg == endofnumber)
493 fatal("%.200s line %d: Bad number.", filename, linenum);
494 if (*activep && *intptr == -1)
498 case oConnectionAttempts:
499 intptr = &options->connection_attempts;
503 intptr = &options->cipher;
505 if (!arg || *arg == '\0')
506 fatal("%.200s line %d: Missing argument.", filename, linenum);
507 value = cipher_number(arg);
509 fatal("%.200s line %d: Bad cipher '%s'.",
510 filename, linenum, arg ? arg : "<NONE>");
511 if (*activep && *intptr == -1)
517 if (!arg || *arg == '\0')
518 fatal("%.200s line %d: Missing argument.", filename, linenum);
519 if (!ciphers_valid(arg))
520 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
521 filename, linenum, arg ? arg : "<NONE>");
522 if (*activep && options->ciphers == NULL)
523 options->ciphers = xstrdup(arg);
528 if (!arg || *arg == '\0')
529 fatal("%.200s line %d: Missing argument.", filename, linenum);
531 fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
532 filename, linenum, arg ? arg : "<NONE>");
533 if (*activep && options->macs == NULL)
534 options->macs = xstrdup(arg);
537 case oHostKeyAlgorithms:
539 if (!arg || *arg == '\0')
540 fatal("%.200s line %d: Missing argument.", filename, linenum);
541 if (!key_names_valid2(arg))
542 fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
543 filename, linenum, arg ? arg : "<NONE>");
544 if (*activep && options->hostkeyalgorithms == NULL)
545 options->hostkeyalgorithms = xstrdup(arg);
549 intptr = &options->protocol;
551 if (!arg || *arg == '\0')
552 fatal("%.200s line %d: Missing argument.", filename, linenum);
553 value = proto_spec(arg);
554 if (value == SSH_PROTO_UNKNOWN)
555 fatal("%.200s line %d: Bad protocol spec '%s'.",
556 filename, linenum, arg ? arg : "<NONE>");
557 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
562 intptr = (int *) &options->log_level;
564 value = log_level_number(arg);
565 if (value == (LogLevel) - 1)
566 fatal("%.200s line %d: unsupported log level '%s'",
567 filename, linenum, arg ? arg : "<NONE>");
568 if (*activep && (LogLevel) * intptr == -1)
569 *intptr = (LogLevel) value;
574 if (!arg || *arg == '\0')
575 fatal("%.200s line %d: Missing argument.", filename, linenum);
576 fwd_port = a2port(arg);
578 fatal("%.200s line %d: Badly formatted port number.",
581 if (!arg || *arg == '\0')
582 fatal("%.200s line %d: Missing second argument.",
584 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
585 fatal("%.200s line %d: Badly formatted host:port.",
588 add_remote_forward(options, fwd_port, buf, fwd_host_port);
593 if (!arg || *arg == '\0')
594 fatal("%.200s line %d: Missing argument.", filename, linenum);
595 fwd_port = a2port(arg);
597 fatal("%.200s line %d: Badly formatted port number.",
600 if (!arg || *arg == '\0')
601 fatal("%.200s line %d: Missing second argument.",
603 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
604 fatal("%.200s line %d: Badly formatted host:port.",
607 add_local_forward(options, fwd_port, buf, fwd_host_port);
610 case oDynamicForward:
612 if (!arg || *arg == '\0')
613 fatal("%.200s line %d: Missing port argument.",
615 fwd_port = a2port(arg);
617 fatal("%.200s line %d: Badly formatted port number.",
619 add_local_forward(options, fwd_port, "socks4", 0);
624 while ((arg = strdelim(&s)) != NULL && *arg != '\0')
625 if (match_pattern(host, arg)) {
626 debug("Applying options for %.100s", arg);
630 /* Avoid garbage check below, as strdelim is done. */
634 intptr = &options->escape_char;
636 if (!arg || *arg == '\0')
637 fatal("%.200s line %d: Missing argument.", filename, linenum);
638 if (arg[0] == '^' && arg[2] == 0 &&
639 (u_char) arg[1] >= 64 && (u_char) arg[1] < 128)
640 value = (u_char) arg[1] & 31;
641 else if (strlen(arg) == 1)
642 value = (u_char) arg[0];
643 else if (strcmp(arg, "none") == 0)
646 fatal("%.200s line %d: Bad escape character.",
649 value = 0; /* Avoid compiler warning. */
651 if (*activep && *intptr == -1)
656 fatal("process_config_line: Unimplemented opcode %d", opcode);
659 /* Check that there is no garbage at end of line. */
660 if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
661 fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
662 filename, linenum, arg);
669 * Reads the config file and modifies the options accordingly. Options
670 * should already be initialized before this call. This never returns if
671 * there is an error. If the file does not exist, this returns immediately.
675 read_config_file(const char *filename, const char *host, Options *options)
683 f = fopen(filename, "r");
687 debug("Reading configuration data %.200s", filename);
690 * Mark that we are now processing the options. This flag is turned
691 * on/off by Host specifications.
695 while (fgets(line, sizeof(line), f)) {
696 /* Update line number counter. */
698 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
703 fatal("%s: terminating, %d bad configuration options",
704 filename, bad_options);
708 * Initializes options to special values that indicate that they have not yet
709 * been set. Read_config_file will only set options with this value. Options
710 * are processed in the following order: command line, user config file,
711 * system config file. Last, fill_default_options is called.
715 initialize_options(Options * options)
717 memset(options, 'X', sizeof(*options));
718 options->forward_agent = -1;
719 options->forward_x11 = -1;
720 options->xauth_location = NULL;
721 options->gateway_ports = -1;
722 options->use_privileged_port = -1;
723 options->rhosts_authentication = -1;
724 options->rsa_authentication = -1;
725 options->pubkey_authentication = -1;
726 options->challenge_response_authentication = -1;
728 options->kerberos_authentication = -1;
731 options->kerberos_tgt_passing = -1;
732 options->afs_token_passing = -1;
734 options->password_authentication = -1;
735 options->kbd_interactive_authentication = -1;
736 options->kbd_interactive_devices = NULL;
737 options->rhosts_rsa_authentication = -1;
738 options->hostbased_authentication = -1;
739 options->fallback_to_rsh = -1;
740 options->use_rsh = -1;
741 options->batch_mode = -1;
742 options->check_host_ip = -1;
743 options->strict_host_key_checking = -1;
744 options->compression = -1;
745 options->keepalives = -1;
746 options->compression_level = -1;
748 options->connection_attempts = -1;
749 options->number_of_password_prompts = -1;
750 options->cipher = -1;
751 options->ciphers = NULL;
752 options->macs = NULL;
753 options->hostkeyalgorithms = NULL;
754 options->protocol = SSH_PROTO_UNKNOWN;
755 options->num_identity_files = 0;
756 options->hostname = NULL;
757 options->host_key_alias = NULL;
758 options->proxy_command = NULL;
759 options->user = NULL;
760 options->escape_char = -1;
761 options->system_hostfile = NULL;
762 options->user_hostfile = NULL;
763 options->system_hostfile2 = NULL;
764 options->user_hostfile2 = NULL;
765 options->num_local_forwards = 0;
766 options->num_remote_forwards = 0;
767 options->log_level = (LogLevel) - 1;
768 options->preferred_authentications = NULL;
769 options->bind_address = NULL;
773 * Called after processing other sources of option data, this fills those
774 * options for which no value has been specified with their default values.
778 fill_default_options(Options * options)
782 if (options->forward_agent == -1)
783 options->forward_agent = 0;
784 if (options->forward_x11 == -1)
785 options->forward_x11 = 0;
787 if (options->xauth_location == NULL)
788 options->xauth_location = XAUTH_PATH;
789 #endif /* XAUTH_PATH */
790 if (options->gateway_ports == -1)
791 options->gateway_ports = 0;
792 if (options->use_privileged_port == -1)
793 options->use_privileged_port = 0;
794 if (options->rhosts_authentication == -1)
795 options->rhosts_authentication = 1;
796 if (options->rsa_authentication == -1)
797 options->rsa_authentication = 1;
798 if (options->pubkey_authentication == -1)
799 options->pubkey_authentication = 1;
800 if (options->challenge_response_authentication == -1)
801 options->challenge_response_authentication = 0;
803 if (options->kerberos_authentication == -1)
804 options->kerberos_authentication = 1;
807 if (options->kerberos_tgt_passing == -1)
808 options->kerberos_tgt_passing = 1;
809 if (options->afs_token_passing == -1)
810 options->afs_token_passing = 1;
812 if (options->password_authentication == -1)
813 options->password_authentication = 1;
814 if (options->kbd_interactive_authentication == -1)
815 options->kbd_interactive_authentication = 1;
816 if (options->rhosts_rsa_authentication == -1)
817 options->rhosts_rsa_authentication = 1;
818 if (options->hostbased_authentication == -1)
819 options->hostbased_authentication = 0;
820 if (options->fallback_to_rsh == -1)
821 options->fallback_to_rsh = 0;
822 if (options->use_rsh == -1)
823 options->use_rsh = 0;
824 if (options->batch_mode == -1)
825 options->batch_mode = 0;
826 if (options->check_host_ip == -1)
827 options->check_host_ip = 1;
828 if (options->strict_host_key_checking == -1)
829 options->strict_host_key_checking = 2; /* 2 is default */
830 if (options->compression == -1)
831 options->compression = 0;
832 if (options->keepalives == -1)
833 options->keepalives = 1;
834 if (options->compression_level == -1)
835 options->compression_level = 6;
836 if (options->port == -1)
837 options->port = 0; /* Filled in ssh_connect. */
838 if (options->connection_attempts == -1)
839 options->connection_attempts = 4;
840 if (options->number_of_password_prompts == -1)
841 options->number_of_password_prompts = 3;
842 /* Selected in ssh_login(). */
843 if (options->cipher == -1)
844 options->cipher = SSH_CIPHER_NOT_SET;
845 /* options->ciphers, default set in myproposals.h */
846 /* options->macs, default set in myproposals.h */
847 /* options->hostkeyalgorithms, default set in myproposals.h */
848 if (options->protocol == SSH_PROTO_UNKNOWN)
849 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
850 if (options->num_identity_files == 0) {
851 if (options->protocol & SSH_PROTO_1) {
852 len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
853 options->identity_files[options->num_identity_files] =
855 snprintf(options->identity_files[options->num_identity_files++],
856 len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
858 if (options->protocol & SSH_PROTO_2) {
859 len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
860 options->identity_files[options->num_identity_files] =
862 snprintf(options->identity_files[options->num_identity_files++],
863 len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
865 len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
866 options->identity_files[options->num_identity_files] =
868 snprintf(options->identity_files[options->num_identity_files++],
869 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
872 if (options->escape_char == -1)
873 options->escape_char = '~';
874 if (options->system_hostfile == NULL)
875 options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
876 if (options->user_hostfile == NULL)
877 options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
878 if (options->system_hostfile2 == NULL)
879 options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
880 if (options->user_hostfile2 == NULL)
881 options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
882 if (options->log_level == (LogLevel) - 1)
883 options->log_level = SYSLOG_LEVEL_INFO;
884 /* options->proxy_command should not be set by default */
885 /* options->user will be set in the main program if appropriate */
886 /* options->hostname will be set in the main program if appropriate */
887 /* options->host_key_alias should not be set by default */
888 /* options->preferred_authentications will be set in ssh */