2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * Functions for reading the configuration files.
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
15 RCSID("$OpenBSD: readconf.c,v 1.90 2001/09/19 19:24:18 stevesk Exp $");
21 #include "pathnames.h"
29 /* Format of the configuration file:
31 # Configuration data is parsed as follows:
32 # 1. command line options
33 # 2. user-specific file
35 # Any configuration value is only changed the first time it is set.
36 # Thus, host-specific definitions should be at the beginning of the
37 # configuration file, and defaults at the end.
39 # Host-specific declarations. These may override anything above. A single
40 # host may match multiple declarations; these are processed in the order
41 # that they are given in.
47 HostName another.host.name.real.org
54 RemoteForward 9999 shadows.cs.hut.fi:9999
60 RhostsAuthentication no
61 PasswordAuthentication no
65 ProxyCommand ssh-proxy %h %p
72 PasswordAuthentication no
74 # Defaults for various options
78 RhostsAuthentication yes
79 PasswordAuthentication yes
81 RhostsRSAAuthentication yes
84 StrictHostKeyChecking yes
86 IdentityFile ~/.ssh/identity
96 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
97 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
98 oChallengeResponseAuthentication, oXAuthLocation,
99 #if defined(KRB4) || defined(KRB5)
100 oKerberosAuthentication,
102 #if defined(AFS) || defined(KRB5)
108 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
109 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
110 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
111 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
112 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
113 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
114 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
115 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
116 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
117 oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
121 /* Textual representations of the tokens. */
127 { "forwardagent", oForwardAgent },
128 { "forwardx11", oForwardX11 },
129 { "xauthlocation", oXAuthLocation },
130 { "gatewayports", oGatewayPorts },
131 { "useprivilegedport", oUsePrivilegedPort },
132 { "rhostsauthentication", oRhostsAuthentication },
133 { "passwordauthentication", oPasswordAuthentication },
134 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
135 { "kbdinteractivedevices", oKbdInteractiveDevices },
136 { "rsaauthentication", oRSAAuthentication },
137 { "pubkeyauthentication", oPubkeyAuthentication },
138 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
139 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
140 { "hostbasedauthentication", oHostbasedAuthentication },
141 { "challengeresponseauthentication", oChallengeResponseAuthentication },
142 { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
143 { "tisauthentication", oChallengeResponseAuthentication }, /* alias */
144 #if defined(KRB4) || defined(KRB5)
145 { "kerberosauthentication", oKerberosAuthentication },
147 #if defined(AFS) || defined(KRB5)
148 { "kerberostgtpassing", oKerberosTgtPassing },
151 { "afstokenpassing", oAFSTokenPassing },
153 { "fallbacktorsh", oFallBackToRsh },
154 { "usersh", oUseRsh },
155 { "identityfile", oIdentityFile },
156 { "identityfile2", oIdentityFile }, /* alias */
157 { "hostname", oHostName },
158 { "hostkeyalias", oHostKeyAlias },
159 { "proxycommand", oProxyCommand },
161 { "cipher", oCipher },
162 { "ciphers", oCiphers },
164 { "protocol", oProtocol },
165 { "remoteforward", oRemoteForward },
166 { "localforward", oLocalForward },
169 { "escapechar", oEscapeChar },
170 { "globalknownhostsfile", oGlobalKnownHostsFile },
171 { "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */
172 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
173 { "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */
174 { "connectionattempts", oConnectionAttempts },
175 { "batchmode", oBatchMode },
176 { "checkhostip", oCheckHostIP },
177 { "stricthostkeychecking", oStrictHostKeyChecking },
178 { "compression", oCompression },
179 { "compressionlevel", oCompressionLevel },
180 { "keepalive", oKeepAlives },
181 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
182 { "loglevel", oLogLevel },
183 { "dynamicforward", oDynamicForward },
184 { "preferredauthentications", oPreferredAuthentications },
185 { "hostkeyalgorithms", oHostKeyAlgorithms },
186 { "bindaddress", oBindAddress },
187 { "smartcarddevice", oSmartcardDevice },
188 { "clearallforwardings", oClearAllForwardings },
193 * Adds a local TCP/IP port forward to options. Never returns if there is an
198 add_local_forward(Options *options, u_short port, const char *host,
203 extern uid_t original_real_uid;
204 if (port < IPPORT_RESERVED && original_real_uid != 0)
205 fatal("Privileged ports can only be forwarded by root.");
207 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
208 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
209 fwd = &options->local_forwards[options->num_local_forwards++];
211 fwd->host = xstrdup(host);
212 fwd->host_port = host_port;
216 * Adds a remote TCP/IP port forward to options. Never returns if there is
221 add_remote_forward(Options *options, u_short port, const char *host,
225 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
226 fatal("Too many remote forwards (max %d).",
227 SSH_MAX_FORWARDS_PER_DIRECTION);
228 fwd = &options->remote_forwards[options->num_remote_forwards++];
230 fwd->host = xstrdup(host);
231 fwd->host_port = host_port;
235 clear_forwardings(Options *options)
239 for (i = 0; i < options->num_local_forwards; i++)
240 xfree(options->local_forwards[i].host);
241 options->num_local_forwards = 0;
242 for (i = 0; i < options->num_remote_forwards; i++)
243 xfree(options->remote_forwards[i].host);
244 options->num_remote_forwards = 0;
248 * Returns the number of the token pointed to by cp or oBadOption.
252 parse_token(const char *cp, const char *filename, int linenum)
256 for (i = 0; keywords[i].name; i++)
257 if (strcasecmp(cp, keywords[i].name) == 0)
258 return keywords[i].opcode;
260 error("%s: line %d: Bad configuration option: %s",
261 filename, linenum, cp);
266 * Processes a single option line as used in the configuration files. This
267 * only sets those values that have not already been set.
271 process_config_line(Options *options, const char *host,
272 char *line, const char *filename, int linenum,
275 char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
276 int opcode, *intptr, value;
277 u_short fwd_port, fwd_host_port;
278 char sfwd_host_port[6];
281 /* Get the keyword. (Each line is supposed to begin with a keyword). */
282 keyword = strdelim(&s);
283 /* Ignore leading whitespace. */
284 if (*keyword == '\0')
285 keyword = strdelim(&s);
286 if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
289 opcode = parse_token(keyword, filename, linenum);
293 /* don't panic, but count bad options */
297 intptr = &options->forward_agent;
300 if (!arg || *arg == '\0')
301 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
302 value = 0; /* To avoid compiler warning... */
303 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
305 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
308 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
309 if (*activep && *intptr == -1)
314 intptr = &options->forward_x11;
318 intptr = &options->gateway_ports;
321 case oUsePrivilegedPort:
322 intptr = &options->use_privileged_port;
325 case oRhostsAuthentication:
326 intptr = &options->rhosts_authentication;
329 case oPasswordAuthentication:
330 intptr = &options->password_authentication;
333 case oKbdInteractiveAuthentication:
334 intptr = &options->kbd_interactive_authentication;
337 case oKbdInteractiveDevices:
338 charptr = &options->kbd_interactive_devices;
341 case oPubkeyAuthentication:
342 intptr = &options->pubkey_authentication;
345 case oRSAAuthentication:
346 intptr = &options->rsa_authentication;
349 case oRhostsRSAAuthentication:
350 intptr = &options->rhosts_rsa_authentication;
353 case oHostbasedAuthentication:
354 intptr = &options->hostbased_authentication;
357 case oChallengeResponseAuthentication:
358 intptr = &options->challenge_response_authentication;
360 #if defined(KRB4) || defined(KRB5)
361 case oKerberosAuthentication:
362 intptr = &options->kerberos_authentication;
365 #if defined(AFS) || defined(KRB5)
366 case oKerberosTgtPassing:
367 intptr = &options->kerberos_tgt_passing;
371 case oAFSTokenPassing:
372 intptr = &options->afs_token_passing;
376 intptr = &options->fallback_to_rsh;
380 intptr = &options->use_rsh;
384 intptr = &options->batch_mode;
388 intptr = &options->check_host_ip;
391 case oStrictHostKeyChecking:
392 intptr = &options->strict_host_key_checking;
394 if (!arg || *arg == '\0')
395 fatal("%.200s line %d: Missing yes/no/ask argument.",
397 value = 0; /* To avoid compiler warning... */
398 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
400 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
402 else if (strcmp(arg, "ask") == 0)
405 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
406 if (*activep && *intptr == -1)
411 intptr = &options->compression;
415 intptr = &options->keepalives;
418 case oNumberOfPasswordPrompts:
419 intptr = &options->number_of_password_prompts;
422 case oCompressionLevel:
423 intptr = &options->compression_level;
428 if (!arg || *arg == '\0')
429 fatal("%.200s line %d: Missing argument.", filename, linenum);
431 intptr = &options->num_identity_files;
432 if (*intptr >= SSH_MAX_IDENTITY_FILES)
433 fatal("%.200s line %d: Too many identity files specified (max %d).",
434 filename, linenum, SSH_MAX_IDENTITY_FILES);
435 charptr = &options->identity_files[*intptr];
436 *charptr = xstrdup(arg);
437 *intptr = *intptr + 1;
442 charptr=&options->xauth_location;
446 charptr = &options->user;
449 if (!arg || *arg == '\0')
450 fatal("%.200s line %d: Missing argument.", filename, linenum);
451 if (*activep && *charptr == NULL)
452 *charptr = xstrdup(arg);
455 case oGlobalKnownHostsFile:
456 charptr = &options->system_hostfile;
459 case oUserKnownHostsFile:
460 charptr = &options->user_hostfile;
463 case oGlobalKnownHostsFile2:
464 charptr = &options->system_hostfile2;
467 case oUserKnownHostsFile2:
468 charptr = &options->user_hostfile2;
472 charptr = &options->hostname;
476 charptr = &options->host_key_alias;
479 case oPreferredAuthentications:
480 charptr = &options->preferred_authentications;
484 charptr = &options->bind_address;
487 case oSmartcardDevice:
488 charptr = &options->smartcard_device;
492 charptr = &options->proxy_command;
493 string = xstrdup("");
494 while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
495 string = xrealloc(string, strlen(string) + strlen(arg) + 2);
499 if (*activep && *charptr == NULL)
506 intptr = &options->port;
509 if (!arg || *arg == '\0')
510 fatal("%.200s line %d: Missing argument.", filename, linenum);
511 if (arg[0] < '0' || arg[0] > '9')
512 fatal("%.200s line %d: Bad number.", filename, linenum);
514 /* Octal, decimal, or hex format? */
515 value = strtol(arg, &endofnumber, 0);
516 if (arg == endofnumber)
517 fatal("%.200s line %d: Bad number.", filename, linenum);
518 if (*activep && *intptr == -1)
522 case oConnectionAttempts:
523 intptr = &options->connection_attempts;
527 intptr = &options->cipher;
529 if (!arg || *arg == '\0')
530 fatal("%.200s line %d: Missing argument.", filename, linenum);
531 value = cipher_number(arg);
533 fatal("%.200s line %d: Bad cipher '%s'.",
534 filename, linenum, arg ? arg : "<NONE>");
535 if (*activep && *intptr == -1)
541 if (!arg || *arg == '\0')
542 fatal("%.200s line %d: Missing argument.", filename, linenum);
543 if (!ciphers_valid(arg))
544 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
545 filename, linenum, arg ? arg : "<NONE>");
546 if (*activep && options->ciphers == NULL)
547 options->ciphers = xstrdup(arg);
552 if (!arg || *arg == '\0')
553 fatal("%.200s line %d: Missing argument.", filename, linenum);
555 fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
556 filename, linenum, arg ? arg : "<NONE>");
557 if (*activep && options->macs == NULL)
558 options->macs = xstrdup(arg);
561 case oHostKeyAlgorithms:
563 if (!arg || *arg == '\0')
564 fatal("%.200s line %d: Missing argument.", filename, linenum);
565 if (!key_names_valid2(arg))
566 fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
567 filename, linenum, arg ? arg : "<NONE>");
568 if (*activep && options->hostkeyalgorithms == NULL)
569 options->hostkeyalgorithms = xstrdup(arg);
573 intptr = &options->protocol;
575 if (!arg || *arg == '\0')
576 fatal("%.200s line %d: Missing argument.", filename, linenum);
577 value = proto_spec(arg);
578 if (value == SSH_PROTO_UNKNOWN)
579 fatal("%.200s line %d: Bad protocol spec '%s'.",
580 filename, linenum, arg ? arg : "<NONE>");
581 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
586 intptr = (int *) &options->log_level;
588 value = log_level_number(arg);
589 if (value == (LogLevel) - 1)
590 fatal("%.200s line %d: unsupported log level '%s'",
591 filename, linenum, arg ? arg : "<NONE>");
592 if (*activep && (LogLevel) * intptr == -1)
593 *intptr = (LogLevel) value;
599 if (!arg || *arg == '\0')
600 fatal("%.200s line %d: Missing port argument.",
602 if ((fwd_port = a2port(arg)) == 0)
603 fatal("%.200s line %d: Bad listen port.",
606 if (!arg || *arg == '\0')
607 fatal("%.200s line %d: Missing second argument.",
609 if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 &&
610 sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2)
611 fatal("%.200s line %d: Bad forwarding specification.",
613 if ((fwd_host_port = a2port(sfwd_host_port)) == 0)
614 fatal("%.200s line %d: Bad forwarding port.",
617 if (opcode == oLocalForward)
618 add_local_forward(options, fwd_port, buf,
620 else if (opcode == oRemoteForward)
621 add_remote_forward(options, fwd_port, buf,
626 case oDynamicForward:
628 if (!arg || *arg == '\0')
629 fatal("%.200s line %d: Missing port argument.",
631 fwd_port = a2port(arg);
633 fatal("%.200s line %d: Badly formatted port number.",
636 add_local_forward(options, fwd_port, "socks4", 0);
639 case oClearAllForwardings:
640 intptr = &options->clear_forwardings;
645 while ((arg = strdelim(&s)) != NULL && *arg != '\0')
646 if (match_pattern(host, arg)) {
647 debug("Applying options for %.100s", arg);
651 /* Avoid garbage check below, as strdelim is done. */
655 intptr = &options->escape_char;
657 if (!arg || *arg == '\0')
658 fatal("%.200s line %d: Missing argument.", filename, linenum);
659 if (arg[0] == '^' && arg[2] == 0 &&
660 (u_char) arg[1] >= 64 && (u_char) arg[1] < 128)
661 value = (u_char) arg[1] & 31;
662 else if (strlen(arg) == 1)
663 value = (u_char) arg[0];
664 else if (strcmp(arg, "none") == 0)
665 value = SSH_ESCAPECHAR_NONE;
667 fatal("%.200s line %d: Bad escape character.",
670 value = 0; /* Avoid compiler warning. */
672 if (*activep && *intptr == -1)
677 fatal("process_config_line: Unimplemented opcode %d", opcode);
680 /* Check that there is no garbage at end of line. */
681 if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
682 fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
683 filename, linenum, arg);
690 * Reads the config file and modifies the options accordingly. Options
691 * should already be initialized before this call. This never returns if
692 * there is an error. If the file does not exist, this returns 0.
696 read_config_file(const char *filename, const char *host, Options *options)
704 f = fopen(filename, "r");
708 debug("Reading configuration data %.200s", filename);
711 * Mark that we are now processing the options. This flag is turned
712 * on/off by Host specifications.
716 while (fgets(line, sizeof(line), f)) {
717 /* Update line number counter. */
719 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
724 fatal("%s: terminating, %d bad configuration options",
725 filename, bad_options);
730 * Initializes options to special values that indicate that they have not yet
731 * been set. Read_config_file will only set options with this value. Options
732 * are processed in the following order: command line, user config file,
733 * system config file. Last, fill_default_options is called.
737 initialize_options(Options * options)
739 memset(options, 'X', sizeof(*options));
740 options->forward_agent = -1;
741 options->forward_x11 = -1;
742 options->xauth_location = NULL;
743 options->gateway_ports = -1;
744 options->use_privileged_port = -1;
745 options->rhosts_authentication = -1;
746 options->rsa_authentication = -1;
747 options->pubkey_authentication = -1;
748 options->challenge_response_authentication = -1;
749 #if defined(KRB4) || defined(KRB5)
750 options->kerberos_authentication = -1;
752 #if defined(AFS) || defined(KRB5)
753 options->kerberos_tgt_passing = -1;
756 options->afs_token_passing = -1;
758 options->password_authentication = -1;
759 options->kbd_interactive_authentication = -1;
760 options->kbd_interactive_devices = NULL;
761 options->rhosts_rsa_authentication = -1;
762 options->hostbased_authentication = -1;
763 options->fallback_to_rsh = -1;
764 options->use_rsh = -1;
765 options->batch_mode = -1;
766 options->check_host_ip = -1;
767 options->strict_host_key_checking = -1;
768 options->compression = -1;
769 options->keepalives = -1;
770 options->compression_level = -1;
772 options->connection_attempts = -1;
773 options->number_of_password_prompts = -1;
774 options->cipher = -1;
775 options->ciphers = NULL;
776 options->macs = NULL;
777 options->hostkeyalgorithms = NULL;
778 options->protocol = SSH_PROTO_UNKNOWN;
779 options->num_identity_files = 0;
780 options->hostname = NULL;
781 options->host_key_alias = NULL;
782 options->proxy_command = NULL;
783 options->user = NULL;
784 options->escape_char = -1;
785 options->system_hostfile = NULL;
786 options->user_hostfile = NULL;
787 options->system_hostfile2 = NULL;
788 options->user_hostfile2 = NULL;
789 options->num_local_forwards = 0;
790 options->num_remote_forwards = 0;
791 options->clear_forwardings = -1;
792 options->log_level = (LogLevel) - 1;
793 options->preferred_authentications = NULL;
794 options->bind_address = NULL;
795 options->smartcard_device = NULL;
799 * Called after processing other sources of option data, this fills those
800 * options for which no value has been specified with their default values.
804 fill_default_options(Options * options)
808 if (options->forward_agent == -1)
809 options->forward_agent = 0;
810 if (options->forward_x11 == -1)
811 options->forward_x11 = 0;
813 if (options->xauth_location == NULL)
814 options->xauth_location = _PATH_XAUTH;
816 if (options->gateway_ports == -1)
817 options->gateway_ports = 0;
818 if (options->use_privileged_port == -1)
819 options->use_privileged_port = 0;
820 if (options->rhosts_authentication == -1)
821 options->rhosts_authentication = 1;
822 if (options->rsa_authentication == -1)
823 options->rsa_authentication = 1;
824 if (options->pubkey_authentication == -1)
825 options->pubkey_authentication = 1;
826 if (options->challenge_response_authentication == -1)
827 options->challenge_response_authentication = 1;
828 #if defined(KRB4) || defined(KRB5)
829 if (options->kerberos_authentication == -1)
830 options->kerberos_authentication = 1;
832 #if defined(AFS) || defined(KRB5)
833 if (options->kerberos_tgt_passing == -1)
834 options->kerberos_tgt_passing = 1;
837 if (options->afs_token_passing == -1)
838 options->afs_token_passing = 1;
840 if (options->password_authentication == -1)
841 options->password_authentication = 1;
842 if (options->kbd_interactive_authentication == -1)
843 options->kbd_interactive_authentication = 1;
844 if (options->rhosts_rsa_authentication == -1)
845 options->rhosts_rsa_authentication = 1;
846 if (options->hostbased_authentication == -1)
847 options->hostbased_authentication = 0;
848 if (options->fallback_to_rsh == -1)
849 options->fallback_to_rsh = 0;
850 if (options->use_rsh == -1)
851 options->use_rsh = 0;
852 if (options->batch_mode == -1)
853 options->batch_mode = 0;
854 if (options->check_host_ip == -1)
855 options->check_host_ip = 1;
856 if (options->strict_host_key_checking == -1)
857 options->strict_host_key_checking = 2; /* 2 is default */
858 if (options->compression == -1)
859 options->compression = 0;
860 if (options->keepalives == -1)
861 options->keepalives = 1;
862 if (options->compression_level == -1)
863 options->compression_level = 6;
864 if (options->port == -1)
865 options->port = 0; /* Filled in ssh_connect. */
866 if (options->connection_attempts == -1)
867 options->connection_attempts = 1;
868 if (options->number_of_password_prompts == -1)
869 options->number_of_password_prompts = 3;
870 /* Selected in ssh_login(). */
871 if (options->cipher == -1)
872 options->cipher = SSH_CIPHER_NOT_SET;
873 /* options->ciphers, default set in myproposals.h */
874 /* options->macs, default set in myproposals.h */
875 /* options->hostkeyalgorithms, default set in myproposals.h */
876 if (options->protocol == SSH_PROTO_UNKNOWN)
877 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
878 if (options->num_identity_files == 0) {
879 if (options->protocol & SSH_PROTO_1) {
880 len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
881 options->identity_files[options->num_identity_files] =
883 snprintf(options->identity_files[options->num_identity_files++],
884 len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
886 if (options->protocol & SSH_PROTO_2) {
887 len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
888 options->identity_files[options->num_identity_files] =
890 snprintf(options->identity_files[options->num_identity_files++],
891 len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
893 len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
894 options->identity_files[options->num_identity_files] =
896 snprintf(options->identity_files[options->num_identity_files++],
897 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
900 if (options->escape_char == -1)
901 options->escape_char = '~';
902 if (options->system_hostfile == NULL)
903 options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
904 if (options->user_hostfile == NULL)
905 options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
906 if (options->system_hostfile2 == NULL)
907 options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
908 if (options->user_hostfile2 == NULL)
909 options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
910 if (options->log_level == (LogLevel) - 1)
911 options->log_level = SYSLOG_LEVEL_INFO;
912 if (options->clear_forwardings == 1)
913 clear_forwardings(options);
914 /* options->proxy_command should not be set by default */
915 /* options->user will be set in the main program if appropriate */
916 /* options->hostname will be set in the main program if appropriate */
917 /* options->host_key_alias should not be set by default */
918 /* options->preferred_authentications will be set in ssh */