2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * Functions for reading the configuration files.
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
15 RCSID("$OpenBSD: readconf.c,v 1.82 2001/06/26 16:15:23 dugsong Exp $");
21 #include "pathnames.h"
29 /* Format of the configuration file:
31 # Configuration data is parsed as follows:
32 # 1. command line options
33 # 2. user-specific file
35 # Any configuration value is only changed the first time it is set.
36 # Thus, host-specific definitions should be at the beginning of the
37 # configuration file, and defaults at the end.
39 # Host-specific declarations. These may override anything above. A single
40 # host may match multiple declarations; these are processed in the order
41 # that they are given in.
47 HostName another.host.name.real.org
54 RemoteForward 9999 shadows.cs.hut.fi:9999
60 RhostsAuthentication no
61 PasswordAuthentication no
65 ProxyCommand ssh-proxy %h %p
72 PasswordAuthentication no
74 # Defaults for various options
78 RhostsAuthentication yes
79 PasswordAuthentication yes
81 RhostsRSAAuthentication yes
84 StrictHostKeyChecking yes
86 IdentityFile ~/.ssh/identity
96 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
97 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
98 oChallengeResponseAuthentication, oXAuthLocation,
99 #if defined(KRB4) || defined(KRB5)
100 oKerberosAuthentication,
102 #if defined(AFS) || defined(KRB5)
108 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
109 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
110 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
111 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
112 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
113 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
114 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
115 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
116 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
117 oHostKeyAlgorithms, oBindAddress
120 /* Textual representations of the tokens. */
126 { "forwardagent", oForwardAgent },
127 { "forwardx11", oForwardX11 },
128 { "xauthlocation", oXAuthLocation },
129 { "gatewayports", oGatewayPorts },
130 { "useprivilegedport", oUsePrivilegedPort },
131 { "rhostsauthentication", oRhostsAuthentication },
132 { "passwordauthentication", oPasswordAuthentication },
133 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
134 { "kbdinteractivedevices", oKbdInteractiveDevices },
135 { "rsaauthentication", oRSAAuthentication },
136 { "pubkeyauthentication", oPubkeyAuthentication },
137 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
138 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
139 { "hostbasedauthentication", oHostbasedAuthentication },
140 { "challengeresponseauthentication", oChallengeResponseAuthentication },
141 { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
142 { "tisauthentication", oChallengeResponseAuthentication }, /* alias */
143 #if defined(KRB4) || defined(KRB5)
144 { "kerberosauthentication", oKerberosAuthentication },
146 #if defined(AFS) || defined(KRB5)
147 { "kerberostgtpassing", oKerberosTgtPassing },
150 { "afstokenpassing", oAFSTokenPassing },
152 { "fallbacktorsh", oFallBackToRsh },
153 { "usersh", oUseRsh },
154 { "identityfile", oIdentityFile },
155 { "identityfile2", oIdentityFile }, /* alias */
156 { "hostname", oHostName },
157 { "hostkeyalias", oHostKeyAlias },
158 { "proxycommand", oProxyCommand },
160 { "cipher", oCipher },
161 { "ciphers", oCiphers },
163 { "protocol", oProtocol },
164 { "remoteforward", oRemoteForward },
165 { "localforward", oLocalForward },
168 { "escapechar", oEscapeChar },
169 { "globalknownhostsfile", oGlobalKnownHostsFile },
170 { "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */
171 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
172 { "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */
173 { "connectionattempts", oConnectionAttempts },
174 { "batchmode", oBatchMode },
175 { "checkhostip", oCheckHostIP },
176 { "stricthostkeychecking", oStrictHostKeyChecking },
177 { "compression", oCompression },
178 { "compressionlevel", oCompressionLevel },
179 { "keepalive", oKeepAlives },
180 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
181 { "loglevel", oLogLevel },
182 { "dynamicforward", oDynamicForward },
183 { "preferredauthentications", oPreferredAuthentications },
184 { "hostkeyalgorithms", oHostKeyAlgorithms },
185 { "bindaddress", oBindAddress },
190 * Adds a local TCP/IP port forward to options. Never returns if there is an
195 add_local_forward(Options *options, u_short port, const char *host,
200 extern uid_t original_real_uid;
201 if (port < IPPORT_RESERVED && original_real_uid != 0)
202 fatal("Privileged ports can only be forwarded by root.");
204 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
205 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
206 fwd = &options->local_forwards[options->num_local_forwards++];
208 fwd->host = xstrdup(host);
209 fwd->host_port = host_port;
213 * Adds a remote TCP/IP port forward to options. Never returns if there is
218 add_remote_forward(Options *options, u_short port, const char *host,
222 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
223 fatal("Too many remote forwards (max %d).",
224 SSH_MAX_FORWARDS_PER_DIRECTION);
225 fwd = &options->remote_forwards[options->num_remote_forwards++];
227 fwd->host = xstrdup(host);
228 fwd->host_port = host_port;
232 * Returns the number of the token pointed to by cp or oBadOption.
236 parse_token(const char *cp, const char *filename, int linenum)
240 for (i = 0; keywords[i].name; i++)
241 if (strcasecmp(cp, keywords[i].name) == 0)
242 return keywords[i].opcode;
244 error("%s: line %d: Bad configuration option: %s",
245 filename, linenum, cp);
250 * Processes a single option line as used in the configuration files. This
251 * only sets those values that have not already been set.
255 process_config_line(Options *options, const char *host,
256 char *line, const char *filename, int linenum,
259 char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
260 int opcode, *intptr, value;
261 u_short fwd_port, fwd_host_port;
264 /* Get the keyword. (Each line is supposed to begin with a keyword). */
265 keyword = strdelim(&s);
266 /* Ignore leading whitespace. */
267 if (*keyword == '\0')
268 keyword = strdelim(&s);
269 if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
272 opcode = parse_token(keyword, filename, linenum);
276 /* don't panic, but count bad options */
280 intptr = &options->forward_agent;
283 if (!arg || *arg == '\0')
284 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
285 value = 0; /* To avoid compiler warning... */
286 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
288 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
291 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
292 if (*activep && *intptr == -1)
297 intptr = &options->forward_x11;
301 intptr = &options->gateway_ports;
304 case oUsePrivilegedPort:
305 intptr = &options->use_privileged_port;
308 case oRhostsAuthentication:
309 intptr = &options->rhosts_authentication;
312 case oPasswordAuthentication:
313 intptr = &options->password_authentication;
316 case oKbdInteractiveAuthentication:
317 intptr = &options->kbd_interactive_authentication;
320 case oKbdInteractiveDevices:
321 charptr = &options->kbd_interactive_devices;
324 case oPubkeyAuthentication:
325 intptr = &options->pubkey_authentication;
328 case oRSAAuthentication:
329 intptr = &options->rsa_authentication;
332 case oRhostsRSAAuthentication:
333 intptr = &options->rhosts_rsa_authentication;
336 case oHostbasedAuthentication:
337 intptr = &options->hostbased_authentication;
340 case oChallengeResponseAuthentication:
341 intptr = &options->challenge_response_authentication;
343 #if defined(KRB4) || defined(KRB5)
344 case oKerberosAuthentication:
345 intptr = &options->kerberos_authentication;
348 #if defined(AFS) || defined(KRB5)
349 case oKerberosTgtPassing:
350 intptr = &options->kerberos_tgt_passing;
354 case oAFSTokenPassing:
355 intptr = &options->afs_token_passing;
359 intptr = &options->fallback_to_rsh;
363 intptr = &options->use_rsh;
367 intptr = &options->batch_mode;
371 intptr = &options->check_host_ip;
374 case oStrictHostKeyChecking:
375 intptr = &options->strict_host_key_checking;
377 if (!arg || *arg == '\0')
378 fatal("%.200s line %d: Missing yes/no/ask argument.",
380 value = 0; /* To avoid compiler warning... */
381 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
383 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
385 else if (strcmp(arg, "ask") == 0)
388 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
389 if (*activep && *intptr == -1)
394 intptr = &options->compression;
398 intptr = &options->keepalives;
401 case oNumberOfPasswordPrompts:
402 intptr = &options->number_of_password_prompts;
405 case oCompressionLevel:
406 intptr = &options->compression_level;
411 if (!arg || *arg == '\0')
412 fatal("%.200s line %d: Missing argument.", filename, linenum);
414 intptr = &options->num_identity_files;
415 if (*intptr >= SSH_MAX_IDENTITY_FILES)
416 fatal("%.200s line %d: Too many identity files specified (max %d).",
417 filename, linenum, SSH_MAX_IDENTITY_FILES);
418 charptr = &options->identity_files[*intptr];
419 *charptr = xstrdup(arg);
420 *intptr = *intptr + 1;
425 charptr=&options->xauth_location;
429 charptr = &options->user;
432 if (!arg || *arg == '\0')
433 fatal("%.200s line %d: Missing argument.", filename, linenum);
434 if (*activep && *charptr == NULL)
435 *charptr = xstrdup(arg);
438 case oGlobalKnownHostsFile:
439 charptr = &options->system_hostfile;
442 case oUserKnownHostsFile:
443 charptr = &options->user_hostfile;
446 case oGlobalKnownHostsFile2:
447 charptr = &options->system_hostfile2;
450 case oUserKnownHostsFile2:
451 charptr = &options->user_hostfile2;
455 charptr = &options->hostname;
459 charptr = &options->host_key_alias;
462 case oPreferredAuthentications:
463 charptr = &options->preferred_authentications;
467 charptr = &options->bind_address;
471 charptr = &options->proxy_command;
472 string = xstrdup("");
473 while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
474 string = xrealloc(string, strlen(string) + strlen(arg) + 2);
478 if (*activep && *charptr == NULL)
485 intptr = &options->port;
488 if (!arg || *arg == '\0')
489 fatal("%.200s line %d: Missing argument.", filename, linenum);
490 if (arg[0] < '0' || arg[0] > '9')
491 fatal("%.200s line %d: Bad number.", filename, linenum);
493 /* Octal, decimal, or hex format? */
494 value = strtol(arg, &endofnumber, 0);
495 if (arg == endofnumber)
496 fatal("%.200s line %d: Bad number.", filename, linenum);
497 if (*activep && *intptr == -1)
501 case oConnectionAttempts:
502 intptr = &options->connection_attempts;
506 intptr = &options->cipher;
508 if (!arg || *arg == '\0')
509 fatal("%.200s line %d: Missing argument.", filename, linenum);
510 value = cipher_number(arg);
512 fatal("%.200s line %d: Bad cipher '%s'.",
513 filename, linenum, arg ? arg : "<NONE>");
514 if (*activep && *intptr == -1)
520 if (!arg || *arg == '\0')
521 fatal("%.200s line %d: Missing argument.", filename, linenum);
522 if (!ciphers_valid(arg))
523 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
524 filename, linenum, arg ? arg : "<NONE>");
525 if (*activep && options->ciphers == NULL)
526 options->ciphers = xstrdup(arg);
531 if (!arg || *arg == '\0')
532 fatal("%.200s line %d: Missing argument.", filename, linenum);
534 fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
535 filename, linenum, arg ? arg : "<NONE>");
536 if (*activep && options->macs == NULL)
537 options->macs = xstrdup(arg);
540 case oHostKeyAlgorithms:
542 if (!arg || *arg == '\0')
543 fatal("%.200s line %d: Missing argument.", filename, linenum);
544 if (!key_names_valid2(arg))
545 fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
546 filename, linenum, arg ? arg : "<NONE>");
547 if (*activep && options->hostkeyalgorithms == NULL)
548 options->hostkeyalgorithms = xstrdup(arg);
552 intptr = &options->protocol;
554 if (!arg || *arg == '\0')
555 fatal("%.200s line %d: Missing argument.", filename, linenum);
556 value = proto_spec(arg);
557 if (value == SSH_PROTO_UNKNOWN)
558 fatal("%.200s line %d: Bad protocol spec '%s'.",
559 filename, linenum, arg ? arg : "<NONE>");
560 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
565 intptr = (int *) &options->log_level;
567 value = log_level_number(arg);
568 if (value == (LogLevel) - 1)
569 fatal("%.200s line %d: unsupported log level '%s'",
570 filename, linenum, arg ? arg : "<NONE>");
571 if (*activep && (LogLevel) * intptr == -1)
572 *intptr = (LogLevel) value;
577 if (!arg || *arg == '\0')
578 fatal("%.200s line %d: Missing argument.", filename, linenum);
579 fwd_port = a2port(arg);
581 fatal("%.200s line %d: Badly formatted port number.",
584 if (!arg || *arg == '\0')
585 fatal("%.200s line %d: Missing second argument.",
587 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
588 fatal("%.200s line %d: Badly formatted host:port.",
591 add_remote_forward(options, fwd_port, buf, fwd_host_port);
596 if (!arg || *arg == '\0')
597 fatal("%.200s line %d: Missing argument.", filename, linenum);
598 fwd_port = a2port(arg);
600 fatal("%.200s line %d: Badly formatted port number.",
603 if (!arg || *arg == '\0')
604 fatal("%.200s line %d: Missing second argument.",
606 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
607 fatal("%.200s line %d: Badly formatted host:port.",
610 add_local_forward(options, fwd_port, buf, fwd_host_port);
613 case oDynamicForward:
615 if (!arg || *arg == '\0')
616 fatal("%.200s line %d: Missing port argument.",
618 fwd_port = a2port(arg);
620 fatal("%.200s line %d: Badly formatted port number.",
622 add_local_forward(options, fwd_port, "socks4", 0);
627 while ((arg = strdelim(&s)) != NULL && *arg != '\0')
628 if (match_pattern(host, arg)) {
629 debug("Applying options for %.100s", arg);
633 /* Avoid garbage check below, as strdelim is done. */
637 intptr = &options->escape_char;
639 if (!arg || *arg == '\0')
640 fatal("%.200s line %d: Missing argument.", filename, linenum);
641 if (arg[0] == '^' && arg[2] == 0 &&
642 (u_char) arg[1] >= 64 && (u_char) arg[1] < 128)
643 value = (u_char) arg[1] & 31;
644 else if (strlen(arg) == 1)
645 value = (u_char) arg[0];
646 else if (strcmp(arg, "none") == 0)
647 value = SSH_ESCAPECHAR_NONE;
649 fatal("%.200s line %d: Bad escape character.",
652 value = 0; /* Avoid compiler warning. */
654 if (*activep && *intptr == -1)
659 fatal("process_config_line: Unimplemented opcode %d", opcode);
662 /* Check that there is no garbage at end of line. */
663 if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
664 fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
665 filename, linenum, arg);
672 * Reads the config file and modifies the options accordingly. Options
673 * should already be initialized before this call. This never returns if
674 * there is an error. If the file does not exist, this returns immediately.
678 read_config_file(const char *filename, const char *host, Options *options)
686 f = fopen(filename, "r");
690 debug("Reading configuration data %.200s", filename);
693 * Mark that we are now processing the options. This flag is turned
694 * on/off by Host specifications.
698 while (fgets(line, sizeof(line), f)) {
699 /* Update line number counter. */
701 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
706 fatal("%s: terminating, %d bad configuration options",
707 filename, bad_options);
711 * Initializes options to special values that indicate that they have not yet
712 * been set. Read_config_file will only set options with this value. Options
713 * are processed in the following order: command line, user config file,
714 * system config file. Last, fill_default_options is called.
718 initialize_options(Options * options)
720 memset(options, 'X', sizeof(*options));
721 options->forward_agent = -1;
722 options->forward_x11 = -1;
723 options->xauth_location = NULL;
724 options->gateway_ports = -1;
725 options->use_privileged_port = -1;
726 options->rhosts_authentication = -1;
727 options->rsa_authentication = -1;
728 options->pubkey_authentication = -1;
729 options->challenge_response_authentication = -1;
730 #if defined(KRB4) || defined(KRB5)
731 options->kerberos_authentication = -1;
733 #if defined(AFS) || defined(KRB5)
734 options->kerberos_tgt_passing = -1;
737 options->afs_token_passing = -1;
739 options->password_authentication = -1;
740 options->kbd_interactive_authentication = -1;
741 options->kbd_interactive_devices = NULL;
742 options->rhosts_rsa_authentication = -1;
743 options->hostbased_authentication = -1;
744 options->fallback_to_rsh = -1;
745 options->use_rsh = -1;
746 options->batch_mode = -1;
747 options->check_host_ip = -1;
748 options->strict_host_key_checking = -1;
749 options->compression = -1;
750 options->keepalives = -1;
751 options->compression_level = -1;
753 options->connection_attempts = -1;
754 options->number_of_password_prompts = -1;
755 options->cipher = -1;
756 options->ciphers = NULL;
757 options->macs = NULL;
758 options->hostkeyalgorithms = NULL;
759 options->protocol = SSH_PROTO_UNKNOWN;
760 options->num_identity_files = 0;
761 options->hostname = NULL;
762 options->host_key_alias = NULL;
763 options->proxy_command = NULL;
764 options->user = NULL;
765 options->escape_char = -1;
766 options->system_hostfile = NULL;
767 options->user_hostfile = NULL;
768 options->system_hostfile2 = NULL;
769 options->user_hostfile2 = NULL;
770 options->num_local_forwards = 0;
771 options->num_remote_forwards = 0;
772 options->log_level = (LogLevel) - 1;
773 options->preferred_authentications = NULL;
774 options->bind_address = NULL;
778 * Called after processing other sources of option data, this fills those
779 * options for which no value has been specified with their default values.
783 fill_default_options(Options * options)
787 if (options->forward_agent == -1)
788 options->forward_agent = 0;
789 if (options->forward_x11 == -1)
790 options->forward_x11 = 0;
792 if (options->xauth_location == NULL)
793 options->xauth_location = _PATH_XAUTH;
795 if (options->gateway_ports == -1)
796 options->gateway_ports = 0;
797 if (options->use_privileged_port == -1)
798 options->use_privileged_port = 0;
799 if (options->rhosts_authentication == -1)
800 options->rhosts_authentication = 1;
801 if (options->rsa_authentication == -1)
802 options->rsa_authentication = 1;
803 if (options->pubkey_authentication == -1)
804 options->pubkey_authentication = 1;
805 if (options->challenge_response_authentication == -1)
806 options->challenge_response_authentication = 0;
807 #if defined(KRB4) || defined(KRB5)
808 if (options->kerberos_authentication == -1)
809 options->kerberos_authentication = 1;
811 #if defined(AFS) || defined(KRB5)
812 if (options->kerberos_tgt_passing == -1)
813 options->kerberos_tgt_passing = 1;
816 if (options->afs_token_passing == -1)
817 options->afs_token_passing = 1;
819 if (options->password_authentication == -1)
820 options->password_authentication = 1;
821 if (options->kbd_interactive_authentication == -1)
822 options->kbd_interactive_authentication = 1;
823 if (options->rhosts_rsa_authentication == -1)
824 options->rhosts_rsa_authentication = 1;
825 if (options->hostbased_authentication == -1)
826 options->hostbased_authentication = 0;
827 if (options->fallback_to_rsh == -1)
828 options->fallback_to_rsh = 0;
829 if (options->use_rsh == -1)
830 options->use_rsh = 0;
831 if (options->batch_mode == -1)
832 options->batch_mode = 0;
833 if (options->check_host_ip == -1)
834 options->check_host_ip = 1;
835 if (options->strict_host_key_checking == -1)
836 options->strict_host_key_checking = 2; /* 2 is default */
837 if (options->compression == -1)
838 options->compression = 0;
839 if (options->keepalives == -1)
840 options->keepalives = 1;
841 if (options->compression_level == -1)
842 options->compression_level = 6;
843 if (options->port == -1)
844 options->port = 0; /* Filled in ssh_connect. */
845 if (options->connection_attempts == -1)
846 options->connection_attempts = 4;
847 if (options->number_of_password_prompts == -1)
848 options->number_of_password_prompts = 3;
849 /* Selected in ssh_login(). */
850 if (options->cipher == -1)
851 options->cipher = SSH_CIPHER_NOT_SET;
852 /* options->ciphers, default set in myproposals.h */
853 /* options->macs, default set in myproposals.h */
854 /* options->hostkeyalgorithms, default set in myproposals.h */
855 if (options->protocol == SSH_PROTO_UNKNOWN)
856 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
857 if (options->num_identity_files == 0) {
858 if (options->protocol & SSH_PROTO_1) {
859 len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
860 options->identity_files[options->num_identity_files] =
862 snprintf(options->identity_files[options->num_identity_files++],
863 len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
865 if (options->protocol & SSH_PROTO_2) {
866 len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
867 options->identity_files[options->num_identity_files] =
869 snprintf(options->identity_files[options->num_identity_files++],
870 len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
872 len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
873 options->identity_files[options->num_identity_files] =
875 snprintf(options->identity_files[options->num_identity_files++],
876 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
879 if (options->escape_char == -1)
880 options->escape_char = '~';
881 if (options->system_hostfile == NULL)
882 options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
883 if (options->user_hostfile == NULL)
884 options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
885 if (options->system_hostfile2 == NULL)
886 options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
887 if (options->user_hostfile2 == NULL)
888 options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
889 if (options->log_level == (LogLevel) - 1)
890 options->log_level = SYSLOG_LEVEL_INFO;
891 /* options->proxy_command should not be set by default */
892 /* options->user will be set in the main program if appropriate */
893 /* options->hostname will be set in the main program if appropriate */
894 /* options->host_key_alias should not be set by default */
895 /* options->preferred_authentications will be set in ssh */