X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/0c16a097de377575e0625f8d2295b4f5b43767c0..be0b9bb72147c9ea8bfb2fac41d4c3feff1ca312:/README diff --git a/README b/README index 06080b0d..54adb10e 100644 --- a/README +++ b/README @@ -1,82 +1,69 @@ -This is the Unix port of OpenBSD's excellent OpenSSH. +[ A Japanese translation of this document is available at +[ http://www.unixuser.org/%7Eharuyama/security/openssh/index.html +[ Thanks to HARUYAMA Seigo + +******* IMPORTANT +* On systmes which lack a /dev/random driver, version of this port +* prior to 1.2.2 were not correctly seeding OpenSSL's random number +* pool. This resulted in lower quality RSA keys being generated. If +* you generated host or user keys with v1.2.2 or previous versions, +* please generate new ones using a more recent version. + +This is the port of OpenBSD's excellent OpenSSH to Linux and other +Unices. OpenSSH is based on the last free version of Tatu Ylonen's SSH with -all patent-encumbered algorithms removed, all known security bugs -fixed, new features reintroduced and many other clean-ups. More -information about SSH itself can be found in the file README.Ylonen. -OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl, -Niels Provos, Theo de Raadt, and Dug Song. It has a homepage at -http://www.openssh.com/ +all patent-encumbered algorithms removed (to external libraries), all +known security bugs fixed, new features reintroduced and many other +clean-ups. More information about SSH itself can be found in the file +README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck, +Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a +homepage at http://www.openssh.com/ This port consists of the re-introduction of autoconf support, PAM -support (for Linux and Solaris), EGD[1] support, and replacements for -OpenBSD library functions that are (regrettably) absent from most -other unices. This patch has been best tested on Linux, though some -Solaris support is beginning to filter in. This version actively -tracks changes in the OpenBSD CVS repository. +support (for Linux and Solaris), EGD[1] support and replacements for +OpenBSD library functions that are (regrettably) absent from other +unices. This port has been best tested on Linux, Solaris, HPUX, NetBSD +and Irix. Support for AIX, SCO, NeXT and other Unices is underway. +This version actively tracks changes in the OpenBSD CVS repository. The PAM support is now more functional than the popular packages of commercial ssh-1.2.x. It checks "account" and "session" modules for all logins, not just when using password authentication. -All new code is released under a XFree style license, which is very -liberal. Please refer to the source files for details. The code in -strlcpy.c and mktemp.c is from the OpenBSD project and has its own -license (again, see source file for details). - -OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4]. To build -the GNOME[5] pass-phrase requester (--with-gnome-askpass), you will -need the GNOME libraries installed. If you are building OpenSSH on a -Unix which lacks a kernel random number pool (/dev/random), you will -need to install EGD[1]. - -There is now a mailing list for this port of OpenSSH. To -subscribe, send a message consisting of the word 'SUBSCRIBE' to -openssh-unix-dev-request@mindrot.org. This mailing list is intended -for developers who wish to improve on this port or extend it to other -Unices. +OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4]. -Please refer to the INSTALL document for information on how to install -OpenSSH on your system. +There is now several mailing lists for this port of OpenSSH. Please +refer to http://www.openssh.com/list.html for details on how to join. -This patch is developed primarily on Linux, but I am including patches -which improve compatability with other unices. The beginnings of -Solaris support have already been included. +Please send bug reports and patches to the mailing list +openssh-unix-dev@mindrot.org. The list is open to posting by +unsubscribed users. -Damien Miller -Internet Business Solutions +If you are a citizen of the USA or another country which restricts +export of cryptographic products, then please refrain from sending +crypto-related code or patches to the list. We cannot accept them. +Other code contribution are accepted, but please follow the OpenBSD +style guidelines[5]. -Credits - +Please refer to the INSTALL document for information on how to install +OpenSSH on your system. The UPGRADING document details differences +between this port of OpenSSH and F-Secure SSH 1.x. -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, -Theo de Raadt, and Dug Song - Creators of OpenSSH -'jonchen' - the original author of PAM support of SSH -Dan Brosemer - Autoconf and build fixes & Debian scripts -Nalin Dahyabhai - PAM environment patch -Phil Hands - Debian scripts, assorted patches -Niels Kristian Bech Jensen - Assorted patches -Marc G. Fournier - Solaris patches -Thomas Neumann - Shadow passwords -Jim Knoble - RPM spec file fixes +Damien Miller +Internet Business Solutions Miscellania - This version of SSH is based upon code retrieved from the OpenBSD CVS -repository on 1999-11-09 which in turn was based on the last free +repository which in turn was based on the last free version of SSH released by Tatu Ylonen. -Code in helper.[ch] and gnome-ssh-askpass.c is Copyright 1999 -Internet Business Solutions and is released under a X11-style -license (see source files for details). - -(A)RC4 code in rc4.[ch] is Copyright 1999 Damien Miller. It too is -under a X11-style license (see source file for details). - References - [1] http://www.lothar.com/tech/crypto/ -[2] http://www.cdrom.com/pub/infozip/zlib/ +[2] ftp://ftp.freesoftware.com/pub/infozip/zlib/ [3] http://www.openssl.org/ [4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris) -[5] http://www.gnome.org/ +[5] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9&apropos=0&manpath=OpenBSD+Current