Portable OpenSSH
Go to file
Damien Miller ccf7e224ab - djm@cvs.openbsd.org 2009/01/01 21:17:36
[kexgexs.c]
     fix hash calculation for KEXGEX: hash over the original client-supplied
     values and not the sanity checked versions that we acutally use;
     bz#1540 reported by john.smith AT arrows.demon.co.uk
     ok markus@
2009-01-28 16:23:06 +11:00
contrib
openbsd-compat
regress
scard
.cvsignore
CREDITS
ChangeLog
INSTALL
LICENCE
Makefile.in
OVERVIEW
PROTOCOL
PROTOCOL.agent
README
README.dns
README.platform
README.privsep
README.smartcard
README.tun
TODO
WARNING.RNG
aclocal.m4
acss.c
acss.h
addrmatch.c
atomicio.c
atomicio.h
audit-bsm.c
audit.c
audit.h
auth-bsdauth.c
auth-chall.c
auth-krb5.c
auth-options.c
auth-options.h
auth-pam.c
auth-pam.h
auth-passwd.c
auth-rh-rsa.c
auth-rhosts.c
auth-rsa.c
auth-shadow.c
auth-sia.c
auth-sia.h
auth-skey.c
auth.c
auth.h
auth1.c
auth2-chall.c
auth2-gss.c
auth2-hostbased.c
auth2-jpake.c
auth2-kbdint.c
auth2-none.c
auth2-passwd.c
auth2-pubkey.c
auth2.c
authfd.c
authfd.h
authfile.c
authfile.h
bufaux.c
bufbn.c
buffer.c
buffer.h
buildpkg.sh.in
canohost.c
canohost.h
channels.c
channels.h
cipher-3des1.c
cipher-acss.c
cipher-aes.c
cipher-bf1.c
cipher-ctr.c
cipher.c
cipher.h
cleanup.c
clientloop.c
clientloop.h
compat.c
compat.h
compress.c
compress.h
config.guess
config.sub
configure.ac
crc32.c
crc32.h
deattack.c
deattack.h
defines.h
dh.c
dh.h
dispatch.c
dispatch.h
dns.c
dns.h
entropy.c
entropy.h
fatal.c
fixpaths
fixprogs
groupaccess.c
groupaccess.h
gss-genr.c
gss-serv-krb5.c
gss-serv.c
hostfile.c
hostfile.h
includes.h
install-sh
jpake.c
jpake.h
kex.c
kex.h
kexdh.c
kexdhc.c
kexdhs.c
kexgex.c
kexgexc.c
kexgexs.c
key.c
key.h
log.c
log.h
loginrec.c
loginrec.h
logintest.c
mac.c
mac.h
match.c
match.h
md-sha256.c
md5crypt.c
md5crypt.h
mdoc2man.awk
misc.c
misc.h
mkinstalldirs
moduli
moduli.5
moduli.c
monitor.c
monitor.h
monitor_fdpass.c
monitor_fdpass.h
monitor_mm.c
monitor_mm.h
monitor_wrap.c
monitor_wrap.h
msg.c
msg.h
mux.c
myproposal.h
nchan.c
nchan.ms
nchan2.ms
openssh.xml.in
opensshd.init.in
packet.c
packet.h
pathnames.h
platform.c
platform.h
progressmeter.c
progressmeter.h
readconf.c
readconf.h
readpass.c
rijndael.c
rijndael.h
rsa.c
rsa.h
scard-opensc.c
scard.c
scard.h
schnorr.c
scp.1
scp.c
servconf.c
servconf.h
serverloop.c
serverloop.h
session.c
session.h
sftp-client.c
sftp-client.h
sftp-common.c
sftp-common.h
sftp-glob.c
sftp-server-main.c
sftp-server.8
sftp-server.c
sftp.1
sftp.c
sftp.h
ssh-add.1
ssh-add.c
ssh-agent.1
ssh-agent.c
ssh-dss.c
ssh-gss.h
ssh-keygen.1
ssh-keygen.c
ssh-keyscan.1
ssh-keyscan.c
ssh-keysign.8
ssh-keysign.c
ssh-rand-helper.8
ssh-rand-helper.c
ssh-rsa.c
ssh.1
ssh.c
ssh.h
ssh1.h
ssh2.h
ssh_config
ssh_config.5
ssh_prng_cmds.in
sshconnect.c
sshconnect.h
sshconnect1.c
sshconnect2.c
sshd.8
sshd.c
sshd_config
sshd_config.5
sshlogin.c
sshlogin.h
sshpty.c
sshpty.h
sshtty.c
survey.sh.in
ttymodes.c
ttymodes.h
uidswap.c
uidswap.h
umac.c
umac.h
uuencode.c
uuencode.h
version.h
xmalloc.c
xmalloc.h

README

See http://www.openssh.com/txt/release-5.1 for the release notes.

- A Japanese translation of this document and of the OpenSSH FAQ is
- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
- Thanks to HARUYAMA Seigo <haruyama@unixuser.org>

This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other
Unices.

OpenSSH is based on the last free version of Tatu Ylonen's sample
implementation with all patent-encumbered algorithms removed (to
external libraries), all known security bugs fixed, new features
reintroduced and many other clean-ups.  OpenSSH has been created by
Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt,
and Dug Song. It has a homepage at http://www.openssh.com/

This port consists of the re-introduction of autoconf support, PAM
support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library
functions that are (regrettably) absent from other unices. This port
has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X,
NetBSD, OpenBSD, OpenServer, Solaris, Unicos, and UnixWare.

This version actively tracks changes in the OpenBSD CVS repository.

The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
all logins, not just when using password authentication.

OpenSSH depends on Zlib[3], OpenSSL[4] and optionally PAM[5].

There is now several mailing lists for this port of OpenSSH. Please
refer to http://www.openssh.com/list.html for details on how to join.

Please send bug reports and patches to the mailing list
openssh-unix-dev@mindrot.org. The list is open to posting by
unsubscribed users.Code contribution are welcomed, but please follow the 
OpenBSD style guidelines[6].

Please refer to the INSTALL document for information on how to install
OpenSSH on your system. There are a number of differences between this
port of OpenSSH and F-Secure SSH 1.x, please refer to the OpenSSH FAQ[7]
for details and general tips.

Damien Miller <djm@mindrot.org>

Miscellania -

This version of OpenSSH is based upon code retrieved from the OpenBSD
CVS repository which in turn was based on the last free sample
implementation released by Tatu Ylonen.

References -

[0] http://www.openssh.com/faq.html
[1] http://www.lothar.com/tech/crypto/
[2] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
[3] http://www.gzip.org/zlib/
[4] http://www.openssl.org/
[5] http://www.openpam.org
    http://www.kernel.org/pub/linux/libs/pam/ 
    (PAM also is standard on Solaris and HP-UX 11)
[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
[7] http://www.openssh.com/faq.html

$Id: README,v 1.69 2008/07/21 08:21:52 djm Exp $