Portable OpenSSH
Go to file
Damien Miller 1383bd8eb9 - OpenBSD CVS update:
- [channels.c]
     close efd on eof
   - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h]
     ssh2 client implementation, interops w/ ssh.com and lsh servers.
   - [sshconnect.c]
     missing free.
   - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c]
     remove unused argument, split cipher_mask()
   - [clientloop.c]
     re-order: group ssh1 vs. ssh2
 - Make Redhat spec require openssl >= 0.9.5a
2000-04-06 12:32:37 +10:00
contrib - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
COPYING.Ylonen Updated COPYING file with usage of RC4 1999-10-30 09:46:20 +10:00
CREDITS - Configure fix from Bratislav ILICH <bilic@zepter.ru> 2000-03-15 21:18:10 +11:00
ChangeLog - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
INSTALL - Clarified --with-default-path option. 2000-03-17 10:54:15 +11:00
Makefile.in - Generate manpages before make install not at the end of make all 2000-04-04 15:04:09 +10:00
OVERVIEW - [OVERVIEW README] typos; green@freebsd 1999-11-21 18:31:57 +11:00
README - Wrote entropy collection routines for systems that lack /dev/random 2000-04-03 14:50:43 +10:00
README.Ylonen - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
RFC.nroff Initial revision 1999-10-27 13:42:43 +10:00
TODO - Big cleanup of autoconf code 2000-03-02 23:09:20 +11:00
UPGRADING - Clarified --with-default-path option. 2000-03-17 10:54:15 +11:00
acconfig.h - Wrote entropy collection routines for systems that lack /dev/random 2000-04-03 14:50:43 +10:00
atomicio.c - OpenBSD CVS updates: 2000-03-17 23:40:15 +11:00
auth-krb4.c - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
auth-pam.c Add const to suppress compiler warning 2000-01-27 10:55:38 +11:00
auth-pam.h Add const to suppress compiler warning 2000-01-27 10:55:38 +11:00
auth-passwd.c - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin 2000-01-23 10:32:03 +11:00
auth-rh-rsa.c - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
auth-rhosts.c - OpenBSD CVS updates: 1999-12-27 23:54:55 +11:00
auth-rsa.c - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
auth-skey.c - Fixes to auth-skey to enable it to use the standard OpenSSL libraries 2000-01-11 10:59:47 +11:00
auth.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
auth.h - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
authfd.c - Merged OpenBSD CVS changes: 1999-12-16 13:18:04 +11:00
authfd.h - More reformatting merged from OpenBSD CVS 1999-11-25 11:54:57 +11:00
authfile.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
bsd-bindresvport.c - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp 2000-01-22 18:17:42 +11:00
bsd-bindresvport.h - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
bsd-daemon.c - Merged more Solaris support from Marc G. Fournier 1999-11-20 12:18:40 +11:00
bsd-daemon.h - Renamed BSD helper function files to bsd-* 1999-11-19 15:32:34 +11:00
bsd-login.c 19991226 1999-12-26 10:21:48 +11:00
bsd-login.h - Prepare for 1.2.1pre20 1999-12-25 10:11:29 +11:00
bsd-misc.c Removed excess seed_rng calls 2000-04-04 14:57:08 +10:00
bsd-misc.h - Wrote entropy collection routines for systems that lack /dev/random 2000-04-03 14:50:43 +10:00
bsd-mktemp.c - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] 1999-12-29 19:56:30 +11:00
bsd-mktemp.h - Renamed BSD helper function files to bsd-* 1999-11-19 15:32:34 +11:00
bsd-rresvport.c - SCO compile fixes from Gary E. Miller <gem@rellim.com> 2000-01-19 13:45:07 +11:00
bsd-rresvport.h - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
bsd-setenv.c - Better tests for OpenSSL w/ RSAref 2000-03-26 12:12:34 +10:00
bsd-setenv.h - Better tests for OpenSSL w/ RSAref 2000-03-26 12:12:34 +10:00
bsd-snprintf.c - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au> 2000-03-03 22:48:49 +11:00
bsd-snprintf.h - Fix DEC compile fix 2000-03-05 16:10:03 +11:00
bsd-strlcat.c - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h 1999-11-22 13:57:07 +11:00
bsd-strlcat.h - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h 1999-11-22 13:57:07 +11:00
bsd-strlcpy.c - Renamed BSD helper function files to bsd-* 1999-11-19 15:32:34 +11:00
bsd-strlcpy.h - Renamed BSD helper function files to bsd-* 1999-11-19 15:32:34 +11:00
bufaux.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
bufaux.h - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
buffer.c - More reformatting merged from OpenBSD CVS 1999-11-25 11:54:57 +11:00
buffer.h - More reformatting merged from OpenBSD CVS 1999-11-25 11:54:57 +11:00
canohost.c - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> 2000-03-11 20:45:40 +11:00
channels.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
channels.h - OpenBSD CVS update: 2000-04-04 14:38:59 +10:00
cipher.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
cipher.h - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
clientloop.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
compat.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
compat.h - OpenBSD CVS update: 2000-04-04 14:38:59 +10:00
compress.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
compress.h - More reformatting merged from OpenBSD CVS 1999-11-25 11:54:57 +11:00
config.guess - New config.sub and config.guess to fix problems on SCO. Supplied 2000-01-07 08:56:05 +11:00
config.sub - New config.sub and config.guess to fix problems on SCO. Supplied 2000-01-07 08:56:05 +11:00
configure.in - Add tests for RAND_add function when searching for OpenSSL 2000-04-04 10:21:09 +10:00
crc32.c - Merged very large OpenBSD source code reformat 1999-11-25 00:26:21 +11:00
crc32.h - More reformatting merged from OpenBSD CVS 1999-11-25 11:54:57 +11:00
deattack.c - Merged very large OpenBSD source code reformat 1999-11-25 00:26:21 +11:00
deattack.h - Merged very large OpenBSD source code reformat 1999-11-25 00:26:21 +11:00
defines.h - Disable tests and typedefs for 64 bit types. They are currently unused. 2000-04-03 15:57:06 +10:00
dispatch.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
dispatch.h - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
dsa.c Include fix 2000-04-04 14:52:38 +10:00
dsa.h - OpenBSD CVS update: 2000-04-04 14:38:59 +10:00
entropy.c - Generate manpages before make install not at the end of make all 2000-04-04 15:04:09 +10:00
entropy.h - Wrote entropy collection routines for systems that lack /dev/random 2000-04-03 14:50:43 +10:00
fake-gai-errnos.h - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
fake-getaddrinfo.c - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
fake-getaddrinfo.h - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> 2000-01-16 18:19:25 +11:00
fake-getnameinfo.c - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
fake-getnameinfo.h - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
fake-socket.h - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
fingerprint.c - OpenBSD CVS updates: 2000-03-17 23:40:15 +11:00
fingerprint.h Third time lucky 1999-12-07 17:03:33 +11:00
fixpaths - Big manpage and config file cleanup from Andre Lucas 2000-01-20 23:13:36 +11:00
getput.h - Merged very large OpenBSD source code reformat 1999-11-25 00:26:21 +11:00
hmac.c - OpenBSD CVS update: 2000-04-04 14:38:59 +10:00
hmac.h - OpenBSD CVS update: 2000-04-04 14:38:59 +10:00
hostfile.c - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
hostfile.h - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
includes.h - Use socket pairs by default (instead of pipes). Prevents race condition 2000-02-01 23:05:30 +11:00
install-sh - Added BSD compatible install program and autoconf test, thanks to 1999-11-25 12:31:26 +11:00
kex.c Removed excess seed_rng calls 2000-04-04 14:57:08 +10:00
kex.h - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
key.c - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
key.h - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
log-client.c - OpenBSD CVS updates to v1.2.3 2000-03-09 21:27:49 +11:00
log-server.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
log.c - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
login.c - Fix lastlog code for directory based lastlogs. Fix from Josh Durham 2000-02-02 19:17:40 +11:00
match.c - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
match.h - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
md5crypt.c - Portability fixes for Irix 5.3 (now compiles OK!) 1999-12-28 15:09:35 +11:00
md5crypt.h - Portability fixes for Irix 5.3 (now compiles OK!) 1999-12-28 15:09:35 +11:00
mpaux.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
mpaux.h - More reformatting merged from OpenBSD CVS 1999-11-25 11:54:57 +11:00
myproposal.h - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
nchan.c - OpenBSD CVS update: 2000-04-04 14:38:59 +10:00
nchan.h - OpenBSD CVS update: 2000-04-04 14:38:59 +10:00
nchan.ms - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
nchan2.ms - OpenBSD CVS update: 2000-04-04 14:38:59 +10:00
packet.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
packet.h - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
pty.c - Runtime error fix for HPUX from Otmar Stahl 2000-03-17 23:58:59 +11:00
pty.h - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
radix.c - OpenBSD CVS updates: 2000-03-17 23:40:15 +11:00
readconf.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
readconf.h - Merged OpenBSD CVS changes: 1999-12-06 11:47:28 +11:00
readpass.c - OpenBSD CVS updates: 2000-01-22 19:47:21 +11:00
rsa.c Removed excess seed_rng calls 2000-04-04 14:57:08 +10:00
rsa.h - Seed OpenSSL's random number generator before generating RSA keypairs 2000-01-29 20:40:22 +11:00
scp.1 - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
scp.c - OpenBSD CVS updates: 2000-03-17 23:40:15 +11:00
servconf.c - OpenBSD CVS updates to v1.2.3 2000-03-09 21:27:49 +11:00
servconf.h - Merged OpenBSD IPv6 patch: 2000-01-14 15:45:46 +11:00
serverloop.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
session.c - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
session.h - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
ssh-add.1 - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
ssh-add.c - Merged OpenBSD CVS changes: 1999-12-06 11:47:28 +11:00
ssh-agent.1 - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
ssh-agent.c - OpenBSD CVS updates: 2000-03-17 23:40:15 +11:00
ssh-askpass Lots of changes: 1999-11-08 15:30:59 +11:00
ssh-keygen.1 - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
ssh-keygen.c - OpenBSD CVS updates: 2000-03-17 23:40:15 +11:00
ssh.1 - OpenBSD CVS update 2000-03-26 13:04:51 +10:00
ssh.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
ssh.h - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
ssh2.h - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
ssh_config - Big manpage and config file cleanup from Andre Lucas 2000-01-20 23:13:36 +11:00
sshconnect.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
sshd.8 - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 2000-04-01 11:09:21 +10:00
sshd.c - OpenBSD CVS update: 2000-04-06 12:32:37 +10:00
sshd_config - Big manpage and config file cleanup from Andre Lucas 2000-01-20 23:13:36 +11:00
tildexpand.c - Merged more OpenBSD changes: 1999-12-07 15:38:31 +11:00
ttymodes.c - More reformatting merged from OpenBSD CVS 1999-11-25 11:54:57 +11:00
ttymodes.h - More reformatting merged from OpenBSD CVS 1999-11-25 11:54:57 +11:00
uidswap.c - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and 2000-01-21 00:18:15 +11:00
uidswap.h - Merged very large OpenBSD source code reformat 1999-11-25 00:26:21 +11:00
version.h - OpenBSD CVS updates to v1.2.3 2000-03-09 21:27:49 +11:00
xmalloc.c - Merged very large OpenBSD source code reformat 1999-11-25 00:26:21 +11:00
xmalloc.h - Merged very large OpenBSD source code reformat 1999-11-25 00:26:21 +11:00

README

[ A Japanese translation of this document is available at
[ http://www.unixuser.org/%7Eharuyama/security/openssh/index.html
[ Thanks to HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>

******* IMPORTANT
* On systmes which lack a /dev/random driver, this port of
* OpenSSH-1.2.2 was not correctly seeding OpenSSL's random number
* pool. This resulted in lower quality RSA keys being generated. If
* you generated host or user keys with v1.2.2, please generate new
* ones using a more recent version.

This is the port of OpenBSD's excellent OpenSSH to Linux and other
Unices.

OpenSSH is based on the last free version of Tatu Ylonen's SSH with
all patent-encumbered algorithms removed (to external libraries), all
known security bugs fixed, new features reintroduced and many other
clean-ups. More information about SSH itself can be found in the file
README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck,
Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a
homepage at http://www.openssh.com/

This port consists of the re-introduction of autoconf support, PAM
support (for Linux and Solaris), EGD[1] support, SOCKS support (using
the Dante [6] libraries and replacements for OpenBSD library functions
that are (regrettably) absent from other unices. This port has been
best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX,
SCO, NeXT and other Unices is underway. This version actively tracks
changes in the OpenBSD CVS repository.

The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
all logins, not just when using password authentication.

OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4] and
Dante[6]. To build the GNOME[5] pass-phrase requester
(--with-gnome-askpass), you will need the GNOME libraries installed.
If you are building OpenSSH on a Unix which lacks a kernel random
number pool (/dev/random), you will need to install EGD[1]. 

There is now several mailing lists for this port of OpenSSH. Please
refer to http://violet.ibs.com.au/openssh/list.html for details on how
to join.

Please send bug reports and patches to the mailing list
openssh-unix-dev@mindrot.org. The list is currently open to posting by
unsubscribed users.

Please refer to the INSTALL document for information on how to install
OpenSSH on your system. The UPGRADING document details differences 
between this port of OpenSSH and F-Secure SSH 1.x.

Damien Miller <djm@ibs.com.au>
Internet Business Solutions

Miscellania - 

This version of SSH is based upon code retrieved from the OpenBSD CVS
repository which in turn was based on the last free 
version of SSH released by Tatu Ylonen.

References -

[1] http://www.lothar.com/tech/crypto/
[2] http://www.cdrom.com/pub/infozip/zlib/
[3] http://www.openssl.org/
[4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris)
[5] http://www.gnome.org/
[6] http://www.inet.no/dante