mirror of git://anongit.mindrot.org/openssh.git
7e8e820153
- [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] the keysize of rsa-parameter 'n' is passed implizit, a few more checks and warnings about 'pretended' keysizes. - [cipher.c cipher.h packet.c packet.h sshd.c] remove support for cipher RC4 - [ssh.c] a note for legay systems about secuity issues with permanently_set_uid(), the private hostkey and ptrace() - [sshconnect.c] more detailed messages about adding and checking hostkeys |
||
---|---|---|
COPYING.Ylonen | ||
ChangeLog | ||
ChangeLog.Ylonen | ||
INSTALL | ||
Makefile.in | ||
OVERVIEW | ||
README | ||
README.Ylonen | ||
RFC.nroff | ||
TODO | ||
UPGRADING | ||
acconfig.h | ||
auth-krb4.c | ||
auth-passwd.c | ||
auth-rh-rsa.c | ||
auth-rhosts.c | ||
auth-rsa.c | ||
auth-skey.c | ||
authfd.c | ||
authfd.h | ||
authfile.c | ||
bufaux.c | ||
bufaux.h | ||
buffer.c | ||
buffer.h | ||
canohost.c | ||
channels.c | ||
channels.h | ||
cipher.c | ||
cipher.h | ||
clientloop.c | ||
compat.c | ||
compat.h | ||
compress.c | ||
compress.h | ||
configure.in | ||
crc32.c | ||
crc32.h | ||
deattack.c | ||
deattack.h | ||
getput.h | ||
gnome-ssh-askpass.c | ||
helper.c | ||
helper.h | ||
hostfile.c | ||
includes.h | ||
log-client.c | ||
log-server.c | ||
log.c | ||
login.c | ||
match.c | ||
mktemp.c | ||
mktemp.h | ||
mpaux.c | ||
mpaux.h | ||
nchan.c | ||
nchan.h | ||
nchan.ms | ||
openssh.spec | ||
packet.c | ||
packet.h | ||
pty.c | ||
pty.h | ||
radix.c | ||
rc4.c | ||
rc4.h | ||
readconf.c | ||
readconf.h | ||
readpass.c | ||
rsa.c | ||
rsa.h | ||
scp.1 | ||
scp.c | ||
servconf.c | ||
servconf.h | ||
serverloop.c | ||
ssh-add.1 | ||
ssh-add.c | ||
ssh-agent.1 | ||
ssh-agent.c | ||
ssh-askpass | ||
ssh-keygen.1 | ||
ssh-keygen.c | ||
ssh.1 | ||
ssh.c | ||
ssh.h | ||
ssh_config | ||
sshconnect.c | ||
sshd.8 | ||
sshd.c | ||
sshd.init.redhat | ||
sshd.pam | ||
sshd_config | ||
strlcpy.c | ||
strlcpy.h | ||
tildexpand.c | ||
ttymodes.c | ||
ttymodes.h | ||
uidswap.c | ||
uidswap.h | ||
version.h | ||
xmalloc.c | ||
xmalloc.h |
README
This is the Unix port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced and many other clean-ups. More information about SSH itself can be found in the file README.Ylonen. This port consists of the re-introduction of autoconf support, PAM support (for Linux and Solaris), EGD[1] support, and replacements for OpenBSD library functions that are (regrettably) absent from most other unices. This patch has been best tested on Linux, though some Solaris support is beginning to filter in. This version actively tracks changes in the OpenBSD CVS repository. The PAM support is now more functional than the popular packages of commercial ssh-1.2.x. It checks "account" and "session" modules for all logins, not just when using password authentication. All new code is released under a XFree style license, which is very liberal. Please refer to the source files for details. The code in strlcpy.c and mktemp.c is from the OpenBSD project and has its own license (again, see source file for details). OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4]. To build the GNOME[5] pass-phrase requester (--with-gnome-askpass), you will need the GNOME libraries installed. If you are building OpenSSH on a Unix which lacks a kernel random number pool (/dev/random), you will need to install EGD[1]. There is now a mailing list for this port of OpenSSH. To subscribe, send a message consisting of the word 'SUBSCRIBE' to openssh-unix-dev-request@mindrot.org. This mailing list is intended for developers. Please refer to the INSTALL document for information on how to install OpenSSH on your system. This patch is developed primarily on Linux, but I am including patches which improve compatability with other unices. The beginnings of Solaris support have already been included. Damien Miller <djm@ibs.com.au> Internet Business Solutions Credits - The OpenBSD team 'jonchen' - the original author of PAM support of SSH Dan Brosemer <odin@linuxfreak.com> - Autoconf and build fixes & Debian scripts Nalin Dahyabhai <nalin.dahyabhai@pobox.com> - PAM environment patch Phil Hands <phil@hands.com> - Debian scripts, assorted patches Niels Kristian Bech Jensen <nkbj@image.dk> - Assorted patches Marc G. Fournier <marc.fournier@acadiau.ca> - Solaris patches Thomas Neumann <tom@smart.ruhr.de> - Shadow passwords Jim Knoble <jmknoble@pobox.com> - RPM spec file fixes Miscellania - This version of SSH is based upon code retrieved from the OpenBSD CVS repository on 1999-11-09 which in turn was based on the last free version of SSH released by Tatu Ylonen. Code in helper.[ch] and gnome-ssh-askpass.c is Copyright 1999 Internet Business Solutions and is released under a X11-style license (see source files for details). (A)RC4 code in rc4.[ch] is Copyright 1999 Damien Miller. It too is under a X11-style license (see source file for details). References - [1] http://www.lothar.com/tech/crypto/ [2] http://www.cdrom.com/pub/infozip/zlib/ [3] http://www.openssl.org/ [4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris) [5] http://www.gnome.org/