X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/aa51e7cc089c6aaf136a29c954aeee067cbd742f..60688ef9ba2f7c18351abc5cf7506e8afe3e5c87:/README diff --git a/README b/README index 6a3c94c9..c8898410 100644 --- a/README +++ b/README @@ -1,66 +1,62 @@ -This is a Linux port of OpenBSD's excellent OpenSSH. +[ A Japanese translation of this document is available at +[ http://www.unixuser.org/%7Eharuyama/security/openssh/index.html +[ Thanks to HARUYAMA Seigo -OpenSSH is based on the last free version of Tatu Ylonen's SSH with -all patent-encumbered algorithms removed, all known security bugs -fixed, new features reintroduced and many other clean-ups. +******* IMPORTANT +* On systmes which lack a /dev/random driver, version of this port +* prior to 1.2.2 were not correctly seeding OpenSSL's random number +* pool. This resulted in lower quality RSA keys being generated. If +* you generated host or user keys with v1.2.2 or previous versions, +* please generate new ones using a more recent version. + +This is the port of OpenBSD's excellent OpenSSH to Linux and other +Unices. -This Linux port basically consists of a few fixes to deal with -the way that OpenSSL is usually installed on Linux systems, a few -replacements for OpenBSD library functions and the introduction of PAM -support. This version tracks changes made to the OpenBSD CVS version. +OpenSSH is based on the last free version of Tatu Ylonen's SSH with +all patent-encumbered algorithms removed (to external libraries), all +known security bugs fixed, new features reintroduced and many other +clean-ups. More information about SSH itself can be found in the file +README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck, +Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a +homepage at http://www.openssh.com/ + +This port consists of the re-introduction of autoconf support, PAM +support (for Linux and Solaris), EGD[1] support and replacements for +OpenBSD library functions that are (regrettably) absent from other +unices. This port has been best tested on Linux, Solaris, HPUX, NetBSD +and Irix. Support for AIX, SCO, NeXT and other Unices is underway. +This version actively tracks changes in the OpenBSD CVS repository. The PAM support is now more functional than the popular packages of commercial ssh-1.2.x. It checks "account" and "session" modules for -all logins, not just when using password authentication. This code is -very new and needs further testing. +all logins, not just when using password authentication. -All new code is released under a XFree style license, which is very -liberal. Please refer to the source files for details. The code in -strlcpy.c and mktemp.c is from the OpenBSD project and has its own -license (again, see source file for details). +OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4]. -OpenSSH depends on Zlib[1], OpenSSL[2] and optionally PAM[3]. To build -the GNOME[1] passphrase requestor (--with-gnome-askpass), you will -need the GNOME libraries installed. +There is now several mailing lists for this port of OpenSSH. Please +refer to http://www.openssh.com/list.html for details on how to join. -To build OpenSSH, use the configure script provided. For example: +Please send bug reports and patches to the mailing list +openssh-unix-dev@mindrot.org. The list is currently open to posting by +unsubscribed users. -./configure --prefix=/opt/openssh -make -make install - -Will install the OpenSSH binaries in /opt/openssh/bin, the -configuration files in /opt/openssh/etc, and so forth. +Please refer to the INSTALL document for information on how to install +OpenSSH on your system. The UPGRADING document details differences +between this port of OpenSSH and F-Secure SSH 1.x. Damien Miller Internet Business Solutions - -Credits - - -The OpenBSD team -'jonchen' - the original author of PAM support of SSH -Dan Brosemer - Autoconf and build fixes & Debian scripts -Niels Kristian Bech Jensen - Makefile patch -Nalin Dahyabhai - PAM environment patch -Phil Hands - Debian scripts, assorted patches -Niels Kristian Bech Jensen - Makefile patches - Miscellania - This version of SSH is based upon code retrieved from the OpenBSD CVS -repository on 1999-10-30 patched by Damien Miller , -which in turn was based on the last free version of SSH released by -Tatu Ylonen. - -Code in helper.[ch] is Copyright 1999 Internet Business Solutions and -is released under a X11-style license (see source file for details). - -(A)RC4 code in rc4.[ch] is Copyright 1999 Damien Miller. It too is -under a X11-style license (see source file for details). +repository which in turn was based on the last free +version of SSH released by Tatu Ylonen. References - -[1] http://www.cdrom.com/pub/infozip/zlib/ -[2] http://www.openssl.org/ -[3] http://www.kernel.org/pub/linux/libs/pam/ +[1] http://www.lothar.com/tech/crypto/ +[2] http://www.cdrom.com/pub/infozip/zlib/ +[3] http://www.openssl.org/ +[4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris) +