2002-05-15 16:07:11 +00:00
|
|
|
/* $OpenBSD: ssh.h,v 1.67 2002/05/07 19:54:36 deraadt Exp $ */
|
2002-03-05 01:53:02 +00:00
|
|
|
|
1999-10-27 03:42:43 +00:00
|
|
|
/*
|
1999-11-24 13:26:21 +00:00
|
|
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
|
|
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
|
|
|
* All rights reserved
|
2000-04-16 01:18:38 +00:00
|
|
|
*
|
2000-09-16 02:29:08 +00:00
|
|
|
* As far as I am concerned, the code I have written for this software
|
|
|
|
* can be used freely for any purpose. Any derived versions of this
|
|
|
|
* software must be clearly marked as such, and if the derived work is
|
|
|
|
* incompatible with the protocol description in the RFC file, it must be
|
|
|
|
* called by a name other than "ssh" or "Secure Shell".
|
1999-11-24 13:26:21 +00:00
|
|
|
*/
|
|
|
|
|
1999-10-27 03:42:43 +00:00
|
|
|
#ifndef SSH_H
|
|
|
|
#define SSH_H
|
|
|
|
|
1999-11-10 23:40:23 +00:00
|
|
|
#include <netinet/in.h> /* For struct sockaddr_in */
|
|
|
|
#include <pwd.h> /* For struct pw */
|
1999-11-11 06:57:39 +00:00
|
|
|
#include <stdarg.h> /* For va_list */
|
2000-11-29 02:51:06 +00:00
|
|
|
#include <syslog.h> /* For LOG_AUTH and friends */
|
2000-01-14 04:45:46 +00:00
|
|
|
#include <sys/socket.h> /* For struct sockaddr_storage */
|
2001-03-14 00:39:45 +00:00
|
|
|
#include "openbsd-compat/fake-socket.h" /* For struct sockaddr_storage */
|
1999-12-21 13:12:38 +00:00
|
|
|
#ifdef HAVE_SYS_SELECT_H
|
|
|
|
# include <sys/select.h>
|
|
|
|
#endif
|
2001-01-22 05:34:40 +00:00
|
|
|
|
1999-10-27 03:42:43 +00:00
|
|
|
/* Cipher used for encrypting authentication files. */
|
|
|
|
#define SSH_AUTHFILE_CIPHER SSH_CIPHER_3DES
|
|
|
|
|
|
|
|
/* Default port number. */
|
|
|
|
#define SSH_DEFAULT_PORT 22
|
|
|
|
|
|
|
|
/* Maximum number of TCP/IP ports forwarded per direction. */
|
|
|
|
#define SSH_MAX_FORWARDS_PER_DIRECTION 100
|
|
|
|
|
1999-11-25 00:54:57 +00:00
|
|
|
/*
|
|
|
|
* Maximum number of RSA authentication identity files that can be specified
|
|
|
|
* in configuration files or on the command line.
|
|
|
|
*/
|
1999-10-27 03:42:43 +00:00
|
|
|
#define SSH_MAX_IDENTITY_FILES 100
|
|
|
|
|
1999-11-25 00:54:57 +00:00
|
|
|
/*
|
|
|
|
* Major protocol version. Different version indicates major incompatiblity
|
|
|
|
* that prevents communication.
|
2000-04-12 10:17:38 +00:00
|
|
|
*
|
1999-11-25 00:54:57 +00:00
|
|
|
* Minor protocol version. Different version indicates minor incompatibility
|
|
|
|
* that does not prevent interoperation.
|
|
|
|
*/
|
2000-04-12 10:17:38 +00:00
|
|
|
#define PROTOCOL_MAJOR_1 1
|
|
|
|
#define PROTOCOL_MINOR_1 5
|
|
|
|
|
|
|
|
/* We support both SSH1 and SSH2 */
|
|
|
|
#define PROTOCOL_MAJOR_2 2
|
|
|
|
#define PROTOCOL_MINOR_2 0
|
1999-10-27 03:42:43 +00:00
|
|
|
|
1999-11-25 00:54:57 +00:00
|
|
|
/*
|
|
|
|
* Name for the service. The port named by this service overrides the
|
|
|
|
* default port if present.
|
|
|
|
*/
|
1999-10-27 03:42:43 +00:00
|
|
|
#define SSH_SERVICE_NAME "ssh"
|
|
|
|
|
2000-04-20 13:12:58 +00:00
|
|
|
#if defined(USE_PAM) && !defined(SSHD_PAM_SERVICE)
|
2001-04-20 17:43:47 +00:00
|
|
|
# define SSHD_PAM_SERVICE __progname
|
2000-04-20 13:12:58 +00:00
|
|
|
#endif
|
|
|
|
|
1999-11-25 00:54:57 +00:00
|
|
|
/*
|
|
|
|
* Name of the environment variable containing the pathname of the
|
|
|
|
* authentication socket.
|
|
|
|
*/
|
2001-02-05 15:43:59 +00:00
|
|
|
#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
|
1999-10-27 03:42:43 +00:00
|
|
|
|
1999-11-25 00:54:57 +00:00
|
|
|
/*
|
|
|
|
* Name of the environment variable containing the pathname of the
|
|
|
|
* authentication socket.
|
|
|
|
*/
|
2001-01-22 05:34:40 +00:00
|
|
|
#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
|
1999-10-29 00:21:15 +00:00
|
|
|
|
1999-12-06 00:47:28 +00:00
|
|
|
/*
|
2001-01-22 05:34:40 +00:00
|
|
|
* Environment variable for overwriting the default location of askpass
|
1999-12-06 00:47:28 +00:00
|
|
|
*/
|
|
|
|
#define SSH_ASKPASS_ENV "SSH_ASKPASS"
|
|
|
|
|
1999-11-25 00:54:57 +00:00
|
|
|
/*
|
|
|
|
* Force host key length and server key length to differ by at least this
|
|
|
|
* many bits. This is to make double encryption with rsaref work.
|
|
|
|
*/
|
1999-10-27 03:42:43 +00:00
|
|
|
#define SSH_KEY_BITS_RESERVED 128
|
|
|
|
|
1999-11-25 00:54:57 +00:00
|
|
|
/*
|
|
|
|
* Length of the session key in bytes. (Specified as 256 bits in the
|
|
|
|
* protocol.)
|
|
|
|
*/
|
1999-10-27 03:42:43 +00:00
|
|
|
#define SSH_SESSION_KEY_LENGTH 32
|
|
|
|
|
|
|
|
/* Name of Kerberos service for SSH to use. */
|
|
|
|
#define KRB4_SERVICE_NAME "rcmd"
|
|
|
|
|
2001-06-05 20:32:21 +00:00
|
|
|
/* Used to identify ``EscapeChar none'' */
|
|
|
|
#define SSH_ESCAPECHAR_NONE -2
|
|
|
|
|
2002-03-22 03:11:49 +00:00
|
|
|
/*
|
|
|
|
* unprivileged user when UsePrivilegeSeparation=yes;
|
|
|
|
* sshd will change its pivileges to this user and its
|
|
|
|
* primary group.
|
|
|
|
*/
|
2002-04-07 19:22:54 +00:00
|
|
|
#ifndef SSH_PRIVSEP_USER
|
2002-05-15 16:07:11 +00:00
|
|
|
#define SSH_PRIVSEP_USER "ssh"
|
2002-04-07 19:22:54 +00:00
|
|
|
#endif
|
2002-03-22 03:11:49 +00:00
|
|
|
|
2002-04-02 20:43:11 +00:00
|
|
|
/* Minimum modulus size (n) for RSA keys. */
|
|
|
|
#define SSH_RSA_MINIMUM_MODULUS_SIZE 768
|
|
|
|
|
1999-11-24 13:26:21 +00:00
|
|
|
#endif /* SSH_H */
|