RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-12-14 22:24:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
78928793fb
openssh/README.openssh2
Damien Miller 78928793fb - OpenBSD CVS updates: 
- [channels.c]
     repair x11-fwd
   - [sshconnect.c]
     fix passwd prompt for ssh2, less debugging output.
   - [clientloop.c compat.c dsa.c kex.c sshd.c]
     less debugging output
   - [kex.c kex.h sshconnect.c sshd.c]
     check for reasonable public DH values
   - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
     [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
     add Cipher and Protocol options to ssh/sshd, e.g.:
     ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
     arcfour,3des-cbc'
   - [sshd.c]
     print 1.99 only if server supports both
2000-04-12 20:17:38 +10:00

42 lines
1.2 KiB
Plaintext
Raw Blame History

$Id: README.openssh2,v 1.3 2000/04/12 07:45:43 markus Exp $
howto:
1) generate server key:
$ umask 077
$ openssl dsaparam 1024 -out dsa1024.pem
$ openssl gendsa -out /etc/ssh_dsa_key dsa1024.pem -rand /dev/arandom
2) enable ssh2:
server: add 'Protocol 2,1' to /etc/sshd_config
client: ssh -o 'Protocol 2,1', or add to .ssh/config
works:
secsh-transport: works w/o rekey
proposal exchange, i.e. different enc/mac/comp per direction
encryption: blowfish-cbc, 3des-cbc, arcfour, cast128-cbc
mac: hmac-md5, hmac-sha1, (hmac-ripemd160)
compression: zlib, none
secsh-userauth: passwd only
secsh-connection: pty+shell or command, flow control works (window adjust)
tcp-forwarding: -L works
dss: verification works,
key database in ~/.ssh/known_hosts with bits == 0 hack
dss: signature works, keygen w/ openssl
client interops w/ sshd2, lshd
server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT
server supports multiple concurrent sessions (e.g. with SSH.com Windows client)
todo:
re-keying
secsh-connection features:
tcp-forwarding, agent-fwd, x11-fwd
auth other than passwd:
pubkey, keyboard-interactive
config
server-auth w/ old host-keys
cleanup
advanced key storage?
keynote
sftp
-markus
$Date: 2000/04/12 07:45:43 $
Reference in New Issue View Git Blame Copy Permalink