Big rename ssh* -> openssh*

This commit is contained in:
Damien Miller 1999-10-28 14:03:14 +10:00
parent 7f6ea0264d
commit 062307657e
14 changed files with 196 additions and 133 deletions

View File

@ -1,13 +1,75 @@
# $OpenBSD: Makefile,v 1.5 1999/10/25 20:27:26 markus Exp $ # Generated automatically from Makefile.in by configure.
prefix=/usr/local
exec_prefix=${prefix}
bindir=${exec_prefix}/bin
sbindir=${exec_prefix}/sbin
libdir=${exec_prefix}/lib
.include <bsd.own.mk> CC=gcc
OPT_FLAGS=-g
CFLAGS=$(OPT_FLAGS) -Wall -DETCDIR=\"${prefix}/etc\" -DHAVE_CONFIG_H
TARGETS=bin/libopenssh.a bin/openssh bin/opensshd bin/openssh-add bin/openssh-keygen bin/openssh-agent bin/openscp
LFLAGS=-L./bin
LIBS=-lopenssh -lpam -ldl -lpwdb -lz -lutil -lcrypto
AR=ar
RANLIB=ranlib
SUBDIR= lib ssh sshd ssh-add ssh-keygen ssh-agent scp OBJS= authfd.o authfile.o auth-passwd.o auth-rhosts.o auth-rh-rsa.o \
auth-rsa.o bufaux.o buffer.o canohost.o channels.o cipher.o \
clientloop.o compress.o crc32.o deattack.o helper.o hostfile.o \
log-client.o login.o log-server.o match.o mpaux.o packet.o pty.o \
readconf.o readpass.o rsa.o servconf.o serverloop.o \
sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o \
helper.o mktemp.o strlcpy.o rc4.o
distribution: all: $(OBJS) $(TARGETS)
install -C -o root -g wheel -m 0644 ${.CURDIR}/ssh_config \
${DESTDIR}/etc/ssh_config
install -C -o root -g wheel -m 0644 ${.CURDIR}/sshd_config \
${DESTDIR}/etc/sshd_config
.include <bsd.subdir.mk> bin/libopenssh.a: authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o hostfile.o match.o mpaux.o nchan.o packet.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o helper.o rc4.o mktemp.o strlcpy.o
[ -d bin ] || mkdir bin
$(AR) rv $@ $^
$(RANLIB) $@
bin/openssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o
[ -d bin ] || mkdir bin
$(CC) -o $@ $^ $(LFLAGS) $(LIBS)
bin/opensshd: sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o
[ -d bin ] || mkdir bin
$(CC) -o $@ $^ $(LFLAGS) $(LIBS)
bin/openscp: scp.o
[ -d bin ] || mkdir bin
$(CC) -o $@ $^ $(LFLAGS) $(LIBS)
bin/openssh-add: ssh-add.o log-client.o
[ -d bin ] || mkdir bin
$(CC) -o $@ $^ $(LFLAGS) $(LIBS)
bin/openssh-agent: ssh-agent.o log-client.o
[ -d bin ] || mkdir bin
$(CC) -o $@ $^ $(LFLAGS) $(LIBS)
bin/openssh-keygen: ssh-keygen.o log-client.o
[ -d bin ] || mkdir bin
$(CC) -o $@ $^ $(LFLAGS) $(LIBS)
clean:
rm -f *.o core bin/* config.status config.cache config.log
install:
install -d $(bindir)
install -d $(sbindir)
install -d $(libdir)
install -c bin/openssh $(bindir)/openssh
install -c bin/openscp $(bindir)/openscp
install -c bin/openssh-add $(bindir)/openssh-add
install -c bin/openssh-agent $(bindir)/openssh-agent
install -c bin/openssh-keygen $(bindir)/openssh-keygen
install -c bin/opensshd $(sbindir)/opensshd
install -c bin/libopenssh.a $(libdir)/libopenssh.a
distclean: clean
rm -f Makefile config.h *~
rm -rf bin
mrproper: distclean

View File

@ -5,7 +5,8 @@ sbindir=@sbindir@
libdir=@libdir@ libdir=@libdir@
CC=@CC@ CC=@CC@
CFLAGS=-g -Wall -DETCDIR=\"/etc/ssh\" @DEFS@ OPT_FLAGS=-g
CFLAGS=$(OPT_FLAGS) -Wall -DETCDIR=\"@sysconfdir@\" @DEFS@
TARGETS=bin/libopenssh.a bin/openssh bin/opensshd bin/openssh-add bin/openssh-keygen bin/openssh-agent bin/openscp TARGETS=bin/libopenssh.a bin/openssh bin/opensshd bin/openssh-add bin/openssh-keygen bin/openssh-agent bin/openscp
LFLAGS=-L./bin LFLAGS=-L./bin
LIBS=-lopenssh @LIBS@ LIBS=-lopenssh @LIBS@

View File

@ -57,15 +57,17 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
#include "version.h" #include "version.h"
#include "config.h"
#include "helper.h" #include "helper.h"
#include "mktemp.h" #include "mktemp.h"
#include "strlcpy.h" #include "strlcpy.h"
#ifdef HAVE_PAM #ifdef HAVE_LIBPAM
#include <security/pam_appl.h> #include <security/pam_appl.h>
#endif /* HAVE_PAM */ #endif /* HAVE_PAM */
#ifdef HAVE_PWDB #ifdef HAVE_LIBPWDB
#include <pwdb/pwdb_map.h> #include <pwdb/pwdb_map.h>
#endif /* HAVE_PWDB */ #endif /* HAVE_PWDB */
@ -83,10 +85,4 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
client program. Socketpairs do not seem to work on all systems. */ client program. Socketpairs do not seem to work on all systems. */
#define USE_PIPES 1 #define USE_PIPES 1
#ifndef SHUT_RD
#define SHUT_RD 0
#define SHUT_WR 1
#define SHUT_RDWR 2
#endif /* SHUT_RD */
#endif /* INCLUDES_H */ #endif /* INCLUDES_H */

View File

@ -9,7 +9,7 @@
.\" .\"
.\" Created: Sun May 7 00:14:37 1995 ylo .\" Created: Sun May 7 00:14:37 1995 ylo
.\" .\"
.\" $Id: scp.1,v 1.1 1999/10/27 03:42:44 damien Exp $ .\" $Id: openscp.1,v 1.1 1999/10/28 04:03:14 damien Exp $
.\" .\"
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SCP 1 .Dt SCP 1

View File

@ -9,7 +9,7 @@
.\" .\"
.\" Created: Sat Apr 22 23:55:14 1995 ylo .\" Created: Sat Apr 22 23:55:14 1995 ylo
.\" .\"
.\" $Id: ssh-add.1,v 1.1 1999/10/27 03:42:45 damien Exp $ .\" $Id: openssh-add.1,v 1.1 1999/10/28 04:03:14 damien Exp $
.\" .\"
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSH-ADD 1 .Dt SSH-ADD 1

View File

@ -9,7 +9,7 @@
.\" .\"
.\" Created: Sat Apr 23 20:10:43 1995 ylo .\" Created: Sat Apr 23 20:10:43 1995 ylo
.\" .\"
.\" $Id: ssh-agent.1,v 1.1 1999/10/27 03:42:45 damien Exp $ .\" $Id: openssh-agent.1,v 1.1 1999/10/28 04:03:14 damien Exp $
.\" .\"
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSH-AGENT 1 .Dt SSH-AGENT 1

View File

@ -9,7 +9,7 @@
.\" .\"
.\" Created: Sat Apr 22 23:55:14 1995 ylo .\" Created: Sat Apr 22 23:55:14 1995 ylo
.\" .\"
.\" $Id: ssh-keygen.1,v 1.1 1999/10/27 03:42:45 damien Exp $ .\" $Id: openssh-keygen.1,v 1.1 1999/10/28 04:03:14 damien Exp $
.\" .\"
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSH-KEYGEN 1 .Dt SSH-KEYGEN 1

View File

@ -9,7 +9,7 @@
.\" .\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo .\" Created: Sat Apr 22 21:55:14 1995 ylo
.\" .\"
.\" $Id: ssh.1,v 1.1 1999/10/27 03:42:45 damien Exp $ .\" $Id: openssh.1,v 1.1 1999/10/28 04:03:14 damien Exp $
.\" .\"
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSH 1 .Dt SSH 1
@ -66,7 +66,7 @@ his/her identity to the remote machine using one of several methods.
First, if the machine the user logs in from is listed in First, if the machine the user logs in from is listed in
.Pa /etc/hosts.equiv .Pa /etc/hosts.equiv
or or
.Pa /etc/shosts.equiv .Pa /etc/openssh/shosts.equiv
on the remote machine, and the user names are on the remote machine, and the user names are
the same on both sides, the user is immediately permitted to log in. the same on both sides, the user is immediately permitted to log in.
Second, if Second, if
@ -89,10 +89,10 @@ means that if the login would be permitted by
.Pa \&.shosts , .Pa \&.shosts ,
.Pa /etc/hosts.equiv , .Pa /etc/hosts.equiv ,
or or
.Pa /etc/shosts.equiv , .Pa /etc/openssh/shosts.equiv ,
and if additionally the server can verify the client's and if additionally the server can verify the client's
host key (see host key (see
.Pa /etc/ssh_known_hosts .Pa /etc/openssh/ssh_known_hosts
in the in the
.Sx FILES .Sx FILES
section), only then login is section), only then login is
@ -248,7 +248,7 @@ identifications for all hosts it has ever been used with. The
database is stored in database is stored in
.Pa \&.ssh/known_hosts .Pa \&.ssh/known_hosts
in the user's home directory. Additionally, the file in the user's home directory. Additionally, the file
.Pa /etc/ssh_known_hosts .Pa /etc/openssh/ssh_known_hosts
is automatically checked for known hosts. Any new hosts are is automatically checked for known hosts. Any new hosts are
automatically added to the user's file. If a host's identification automatically added to the user's file. If a host's identification
ever changes, ever changes,
@ -416,7 +416,7 @@ obtains configuration data from the following sources (in this order):
command line options, user's configuration file command line options, user's configuration file
.Pq Pa $HOME/.ssh/config , .Pq Pa $HOME/.ssh/config ,
and system-wide configuration file and system-wide configuration file
.Pq Pa /etc/ssh_config . .Pq Pa /etc/openssh/ssh_config .
For each parameter, the first obtained value For each parameter, the first obtained value
will be used. The configuration files contain sections bracketed by will be used. The configuration files contain sections bracketed by
"Host" specifications, and that section is only applied for hosts that "Host" specifications, and that section is only applied for hosts that
@ -540,7 +540,7 @@ The default is
.Dq no . .Dq no .
.It Cm GlobalKnownHostsFile .It Cm GlobalKnownHostsFile
Specifies a file to use instead of Specifies a file to use instead of
.Pa /etc/ssh_known_hosts . .Pa /etc/openssh/ssh_known_hosts .
.It Cm HostName .It Cm HostName
Specifies the real host name to log into. This can be used to specify Specifies the real host name to log into. This can be used to specify
nicnames or abbreviations for hosts. Default is the name given on the nicnames or abbreviations for hosts. Default is the name given on the
@ -672,7 +672,7 @@ ssh will never automatically add host keys to the
file, and refuses to connect hosts whose host key has changed. This file, and refuses to connect hosts whose host key has changed. This
provides maximum protection against trojan horse attacks. However, it provides maximum protection against trojan horse attacks. However, it
can be somewhat annoying if you don't have good can be somewhat annoying if you don't have good
.Pa /etc/ssh_known_hosts .Pa /etc/openssh/ssh_known_hosts
files installed and frequently files installed and frequently
connect new hosts. Basically this option forces the user to manually connect new hosts. Basically this option forces the user to manually
add any new hosts. Normally this option is disabled, and new hosts add any new hosts. Normally this option is disabled, and new hosts
@ -779,7 +779,7 @@ to the environment.
.It Pa $HOME/.ssh/known_hosts .It Pa $HOME/.ssh/known_hosts
Records host keys for all hosts the user has logged into (that are not Records host keys for all hosts the user has logged into (that are not
in in
.Pa /etc/ssh_known_hosts ) . .Pa /etc/openssh/ssh_known_hosts ) .
See See
.Xr sshd 8 . .Xr sshd 8 .
.It Pa $HOME/.ssh/random_seed .It Pa $HOME/.ssh/random_seed
@ -824,7 +824,7 @@ identity files (that is, each line contains the number of bits in
modulus, public exponent, modulus, and comment fields, separated by modulus, public exponent, modulus, and comment fields, separated by
spaces). This file is not highly sensitive, but the recommended spaces). This file is not highly sensitive, but the recommended
permissions are read/write for the user, and not accessible by others. permissions are read/write for the user, and not accessible by others.
.It Pa /etc/ssh_known_hosts .It Pa /etc/openssh/ssh_known_hosts
Systemwide list of known host keys. This file should be prepared by the Systemwide list of known host keys. This file should be prepared by the
system administrator to contain the public host keys of all machines in the system administrator to contain the public host keys of all machines in the
organization. This file should be world-readable. This file contains organization. This file should be world-readable. This file contains
@ -843,7 +843,7 @@ to verify the client host when logging in; other names are needed because
does not convert the user-supplied name to a canonical name before does not convert the user-supplied name to a canonical name before
checking the key, because someone with access to the name servers checking the key, because someone with access to the name servers
would then be able to fool host authentication. would then be able to fool host authentication.
.It Pa /etc/ssh_config .It Pa /etc/openssh/ssh_config
Systemwide configuration file. This file provides defaults for those Systemwide configuration file. This file provides defaults for those
values that are not specified in the user's configuration file, and values that are not specified in the user's configuration file, and
for those users who do not have a configuration file. This file must for those users who do not have a configuration file. This file must
@ -870,7 +870,7 @@ Note that by default
will be installed so that it requires successful RSA host will be installed so that it requires successful RSA host
authentication before permitting \s+2.\s0rhosts authentication. If your authentication before permitting \s+2.\s0rhosts authentication. If your
server machine does not have the client's host key in server machine does not have the client's host key in
.Pa /etc/ssh_known_hosts , .Pa /etc/openssh/ssh_known_hosts ,
you can store it in you can store it in
.Pa $HOME/.ssh/known_hosts . .Pa $HOME/.ssh/known_hosts .
The easiest way to do this is to The easiest way to do this is to
@ -897,13 +897,13 @@ manual page). If the client host is found in this file, login is
automatically permitted provided client and server user names are the automatically permitted provided client and server user names are the
same. Additionally, successful RSA host authentication is normally same. Additionally, successful RSA host authentication is normally
required. This file should only be writable by root. required. This file should only be writable by root.
.It Pa /etc/shosts.equiv .It Pa /etc/openssh/shosts.equiv
This file is processed exactly as This file is processed exactly as
.Pa /etc/hosts.equiv . .Pa /etc/hosts.equiv .
This file may be useful to permit logins using This file may be useful to permit logins using
.Nm .Nm
but not using rsh/rlogin. but not using rsh/rlogin.
.It Pa /etc/sshrc .It Pa /etc/openssh/sshrc
Commands in this file are executed by Commands in this file are executed by
.Nm .Nm
when the user logs in just before the user's shell (or command) is started. when the user logs in just before the user's shell (or command) is started.

View File

@ -1,6 +1,6 @@
Summary: OpenSSH free Secure Shell (SSH) implementation Summary: OpenSSH free Secure Shell (SSH) implementation
Name: openssh Name: openssh
Version: 1.2pre3 Version: 1.2pre4
Release: 1 Release: 1
Packager: Damien Miller <djm@ibs.com.au> Packager: Damien Miller <djm@ibs.com.au>
Source0: openssh-%{version}-linux.tar.gz Source0: openssh-%{version}-linux.tar.gz
@ -20,6 +20,9 @@ up to date in terms of security and features, as well as removing all
patented algorithms to seperate libraries (OpenSSL). patented algorithms to seperate libraries (OpenSSL).
%changelog %changelog
* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
- Use autoconf
- New binary names
* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> * Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
@ -29,7 +32,8 @@ patented algorithms to seperate libraries (OpenSSL).
%build %build
make -f Makefile.GNU OPT_FLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --sysconfdir=/etc/openssh
make OPT_FLAGS="$RPM_OPT_FLAGS"
%install %install
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
@ -37,69 +41,69 @@ mkdir -p $RPM_BUILD_ROOT/usr/bin
mkdir -p $RPM_BUILD_ROOT/usr/sbin mkdir -p $RPM_BUILD_ROOT/usr/sbin
mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
mkdir -p $RPM_BUILD_ROOT/etc/pam.d mkdir -p $RPM_BUILD_ROOT/etc/pam.d
mkdir -p $RPM_BUILD_ROOT/etc/ssh mkdir -p $RPM_BUILD_ROOT/etc/openssh
mkdir -p $RPM_BUILD_ROOT/usr/man/man1 mkdir -p $RPM_BUILD_ROOT/usr/man/man1
mkdir -p $RPM_BUILD_ROOT/usr/man/man8 mkdir -p $RPM_BUILD_ROOT/usr/man/man8
install -m644 ssh.pam $RPM_BUILD_ROOT/etc/pam.d/ssh install -m644 opensshd.pam $RPM_BUILD_ROOT/etc/pam.d/opensshd
install -m755 sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd install -m755 opensshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/opensshd
install -m600 ssh_config $RPM_BUILD_ROOT/etc/ssh/ssh_config install -m600 ssh_config $RPM_BUILD_ROOT/etc/openssh/ssh_config
install -m600 sshd_config $RPM_BUILD_ROOT/etc/ssh/sshd_config install -m600 sshd_config $RPM_BUILD_ROOT/etc/openssh/sshd_config
install -s -m755 bin/sshd $RPM_BUILD_ROOT/usr/sbin install -s -m755 bin/opensshd $RPM_BUILD_ROOT/usr/sbin
install -s -m755 bin/ssh $RPM_BUILD_ROOT/usr/bin install -s -m755 bin/openssh $RPM_BUILD_ROOT/usr/bin
install -s -m755 bin/scp $RPM_BUILD_ROOT/usr/bin install -s -m755 bin/openscp $RPM_BUILD_ROOT/usr/bin
install -s -m755 bin/ssh-agent $RPM_BUILD_ROOT/usr/bin install -s -m755 bin/openssh-agent $RPM_BUILD_ROOT/usr/bin
install -s -m755 bin/ssh-add $RPM_BUILD_ROOT/usr/bin install -s -m755 bin/openssh-add $RPM_BUILD_ROOT/usr/bin
install -s -m755 bin/ssh-keygen $RPM_BUILD_ROOT/usr/bin install -s -m755 bin/openssh-keygen $RPM_BUILD_ROOT/usr/bin
install -m644 sshd.8 $RPM_BUILD_ROOT/usr/man/man8 install -m644 opensshd.8 $RPM_BUILD_ROOT/usr/man/man8
install -m644 ssh.1 $RPM_BUILD_ROOT/usr/man/man1 install -m644 openssh.1 $RPM_BUILD_ROOT/usr/man/man1
install -m644 scp.1 $RPM_BUILD_ROOT/usr/man/man1 install -m644 openscp.1 $RPM_BUILD_ROOT/usr/man/man1
install -m644 ssh-agent.1 $RPM_BUILD_ROOT/usr/man/man1 install -m644 openssh-agent.1 $RPM_BUILD_ROOT/usr/man/man1
install -m644 ssh-add.1 $RPM_BUILD_ROOT/usr/man/man1 install -m644 openssh-add.1 $RPM_BUILD_ROOT/usr/man/man1
install -m644 ssh-keygen.1 $RPM_BUILD_ROOT/usr/man/man1 install -m644 openssh-keygen.1 $RPM_BUILD_ROOT/usr/man/man1
%clean %clean
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
%post %post
/sbin/chkconfig --add sshd /sbin/chkconfig --add opensshd
if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then if [ ! -f /etc/openssh/ssh_host_key -o ! -s /etc/openssh/ssh_host_key ]; then
/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2 /usr/bin/openssh-keygen -b 1024 -f /etc/openssh/ssh_host_key -N '' >&2
fi fi
if test -r /var/run/sshd.pid if test -r /var/run/opensshd.pid
then then
/etc/rc.d/init.d/sshd restart >&2 /etc/rc.d/init.d/opensshd restart >&2
fi fi
%preun %preun
if [ "$1" = 0 ] if [ "$1" = 0 ]
then then
/etc/rc.d/init.d/sshd stop >&2 /etc/rc.d/init.d/opensshd stop >&2
/sbin/chkconfig --del sshd /sbin/chkconfig --del opensshd
fi fi
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%doc COPYING.Ylonen ChangeLog ChangeLog.linux OVERVIEW %doc COPYING.Ylonen ChangeLog ChangeLog.Ylonen OVERVIEW
%doc README README.openssh %doc README README.openssh
%attr(0755,root,root) /usr/sbin/sshd %attr(0755,root,root) /usr/sbin/opensshd
%attr(0755,root,root) /usr/bin/ssh %attr(0755,root,root) /usr/bin/openssh
%attr(0755,root,root) /usr/bin/ssh-agent %attr(0755,root,root) /usr/bin/openssh-agent
%attr(0755,root,root) /usr/bin/ssh-keygen %attr(0755,root,root) /usr/bin/openssh-keygen
%attr(0755,root,root) /usr/bin/ssh-add %attr(0755,root,root) /usr/bin/openssh-add
%attr(0755,root,root) /usr/bin/scp %attr(0755,root,root) /usr/bin/openscp
%attr(0755,root,root) /usr/man/man8/sshd.8 %attr(0755,root,root) /usr/man/man8/opensshd.8
%attr(0755,root,root) /usr/man/man1/ssh.1 %attr(0755,root,root) /usr/man/man1/openssh.1
%attr(0755,root,root) /usr/man/man1/ssh-agent.1 %attr(0755,root,root) /usr/man/man1/openssh-agent.1
%attr(0755,root,root) /usr/man/man1/ssh-keygen.1 %attr(0755,root,root) /usr/man/man1/openssh-keygen.1
%attr(0755,root,root) /usr/man/man1/ssh-add.1 %attr(0755,root,root) /usr/man/man1/openssh-add.1
%attr(0755,root,root) /usr/man/man1/scp.1 %attr(0755,root,root) /usr/man/man1/openscp.1
%attr(0600,root,root) %config /etc/ssh/sshd_config %attr(0600,root,root) %config /etc/openssh/sshd_config
%attr(0600,root,root) %config /etc/pam.d/ssh %attr(0600,root,root) %config /etc/pam.d/opensshd
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd %attr(0755,root,root) %config /etc/rc.d/init.d/opensshd
%attr(0644,root,root) %config /etc/ssh/ssh_config %attr(0644,root,root) %config /etc/openssh/ssh_config

View File

@ -9,7 +9,7 @@
.\" .\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo .\" Created: Sat Apr 22 21:55:14 1995 ylo
.\" .\"
.\" $Id: sshd.8,v 1.1 1999/10/27 03:42:46 damien Exp $ .\" $Id: opensshd.8,v 1.1 1999/10/28 04:03:14 damien Exp $
.\" .\"
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSHD 8 .Dt SSHD 8
@ -118,7 +118,7 @@ not fork and will only process one connection. This option is only
intended for debugging for the server. intended for debugging for the server.
.It Fl f Ar configuration_file .It Fl f Ar configuration_file
Specifies the name of the configuration file. The default is Specifies the name of the configuration file. The default is
.Pa /etc/sshd_config . .Pa /etc/openssh/sshd_config .
.Nm .Nm
refuses to start if there is no configuration file. refuses to start if there is no configuration file.
.It Fl g Ar login_grace_time .It Fl g Ar login_grace_time
@ -128,7 +128,7 @@ this many seconds, the server disconnects and exits. A value of zero
indicates no limit. indicates no limit.
.It Fl h Ar host_key_file .It Fl h Ar host_key_file
Specifies the file from which the host key is read (default Specifies the file from which the host key is read (default
.Pa /etc/ssh_host_key ) . .Pa /etc/openssh/ssh_host_key ) .
This option must be given if This option must be given if
.Nm .Nm
is not run as root (as the normal is not run as root (as the normal
@ -165,7 +165,7 @@ Do not print an error message if RSA support is missing.
.Sh CONFIGURATION FILE .Sh CONFIGURATION FILE
.Nm .Nm
reads configuration data from reads configuration data from
.Pa /etc/sshd_config .Pa /etc/openssh/sshd_config
(or the file specified with (or the file specified with
.Fl f .Fl f
on the command line). The file on the command line). The file
@ -242,7 +242,7 @@ The default is
.Dq no . .Dq no .
.It Cm HostKey .It Cm HostKey
Specifies the file containing the private host key (default Specifies the file containing the private host key (default
.Pa /etc/ssh_host_key ) . .Pa /etc/openssh/ssh_host_key ) .
Note that Note that
.Nm .Nm
does not start if this file is group/world-accessible. does not start if this file is group/world-accessible.
@ -251,7 +251,7 @@ Specifies that rhosts and shosts files will not be used in
authentication. authentication.
.Pa /etc/hosts.equiv .Pa /etc/hosts.equiv
and and
.Pa /etc/shosts.equiv .Pa /etc/openssh/shosts.equiv
are still used. The default is are still used. The default is
.Dq no . .Dq no .
.It Cm KeepAlive .It Cm KeepAlive
@ -455,7 +455,7 @@ Changes to user's home directory.
If If
.Pa $HOME/.ssh/rc .Pa $HOME/.ssh/rc
exists, runs it; else if exists, runs it; else if
.Pa /etc/sshrc .Pa /etc/openssh/sshrc
exists, runs exists, runs
it; otherwise runs xauth. The it; otherwise runs xauth. The
.Dq rc .Dq rc
@ -541,7 +541,7 @@ from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula
command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi
.Sh SSH_KNOWN_HOSTS FILE FORMAT .Sh SSH_KNOWN_HOSTS FILE FORMAT
The The
.Pa /etc/ssh_known_hosts .Pa /etc/openssh/ssh_known_hosts
and and
.Pa $HOME/.ssh/known_hosts .Pa $HOME/.ssh/known_hosts
files contain host public keys for all known hosts. The global file should files contain host public keys for all known hosts. The global file should
@ -564,7 +564,7 @@ pattern on the line.
.Pp .Pp
Bits, exponent, and modulus are taken directly from the host key; they Bits, exponent, and modulus are taken directly from the host key; they
can be obtained, e.g., from can be obtained, e.g., from
.Pa /etc/ssh_host_key.pub . .Pa /etc/openssh/ssh_host_key.pub .
The optional comment field continues to the end of the line, and is not used. The optional comment field continues to the end of the line, and is not used.
.Pp .Pp
Lines starting with Lines starting with
@ -583,25 +583,25 @@ Note that the lines in these files are typically hundreds of characters
long, and you definitely don't want to type in the host keys by hand. long, and you definitely don't want to type in the host keys by hand.
Rather, generate them by a script Rather, generate them by a script
or by taking or by taking
.Pa /etc/ssh_host_key.pub .Pa /etc/openssh/ssh_host_key.pub
and adding the host names at the front. and adding the host names at the front.
.Ss Examples .Ss Examples
closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi
.Sh FILES .Sh FILES
.Bl -tag -width Ds .Bl -tag -width Ds
.It Pa /etc/sshd_config .It Pa /etc/openssh/sshd_config
Contains configuration data for Contains configuration data for
.Nm sshd . .Nm sshd .
This file should be writable by root only, but it is recommended This file should be writable by root only, but it is recommended
(though not necessary) that it be world-readable. (though not necessary) that it be world-readable.
.It Pa /etc/ssh_host_key .It Pa /etc/openssh/ssh_host_key
Contains the private part of the host key. Contains the private part of the host key.
This file should only be owned by root, readable only by root, and not This file should only be owned by root, readable only by root, and not
accessible to others. accessible to others.
Note that Note that
.Nm .Nm
does not start if this file is group/world-accessible. does not start if this file is group/world-accessible.
.It Pa /etc/ssh_host_key.pub .It Pa /etc/openssh/ssh_host_key.pub
Contains the public part of the host key. Contains the public part of the host key.
This file should be world-readable but writable only by This file should be world-readable but writable only by
root. Its contents should match the private part. This file is not root. Its contents should match the private part. This file is not
@ -622,17 +622,17 @@ This file must be readable by root (which may on some machines imply
it being world-readable if the user's home directory resides on an NFS it being world-readable if the user's home directory resides on an NFS
volume). It is recommended that it not be accessible by others. The volume). It is recommended that it not be accessible by others. The
format of this file is described above. format of this file is described above.
.It Pa /etc/ssh_known_hosts .It Pa /etc/openssh/ssh_known_hosts
This file is consulted when using rhosts with RSA host This file is consulted when using rhosts with RSA host
authentication to check the public key of the host. The key must be authentication to check the public key of the host. The key must be
listed in this file to be accepted. listed in this file to be accepted.
.It Pa $HOME/.ssh/known_hosts .It Pa $HOME/.ssh/known_hosts
The client uses this file The client uses this file
and and
.Pa /etc/ssh_known_hosts .Pa /etc/openssh/ssh_known_hosts
to verify that the remote host is the one we intended to to verify that the remote host is the one we intended to
connect. These files should be writable only by root/the owner. connect. These files should be writable only by root/the owner.
.Pa /etc/ssh_known_hosts .Pa /etc/openssh/ssh_known_hosts
should be world-readable, and should be world-readable, and
.Pa $HOME/.ssh/known_hosts .Pa $HOME/.ssh/known_hosts
can but need not be world-readable. can but need not be world-readable.
@ -694,7 +694,7 @@ user root access. The only valid use for user names that I can think
of is in negative entries. of is in negative entries.
.Pp .Pp
Note that this warning also applies to rsh/rlogin. Note that this warning also applies to rsh/rlogin.
.It Pa /etc/shosts.equiv .It Pa /etc/openssh/shosts.equiv
This is processed exactly as This is processed exactly as
.Pa /etc/hosts.equiv . .Pa /etc/hosts.equiv .
However, this file may be useful in environments that want to run both However, this file may be useful in environments that want to run both
@ -724,13 +724,13 @@ something similar to: "if read proto cookie; then echo add $DISPLAY
$proto $cookie | xauth -q -; fi". $proto $cookie | xauth -q -; fi".
.Pp .Pp
If this file does not exist, If this file does not exist,
.Pa /etc/sshrc .Pa /etc/openssh/sshrc
is run, and if that is run, and if that
does not exist either, xauth is used to store the cookie. does not exist either, xauth is used to store the cookie.
.Pp .Pp
This file should be writable only by the user, and need not be This file should be writable only by the user, and need not be
readable by anyone else. readable by anyone else.
.It Pa /etc/sshrc .It Pa /etc/openssh/sshrc
Like Like
.Pa $HOME/.ssh/rc . .Pa $HOME/.ssh/rc .
This can be used to specify This can be used to specify

View File

@ -1,16 +1,16 @@
#!/bin/bash #!/bin/bash
# Init file for OpenSSH sshd # Init file for OpenSSH server daemon
# #
# chkconfig: 2345 55 25 # chkconfig: 2345 55 25
# description: OpenSSH server daemon # description: OpenSSH server daemon
# #
# processname: sshd # processname: opensshd
# config: /etc/ssh/ssh_host_key # config: /etc/openssh/ssh_host_key
# config: /etc/ssh/ssh_host_key.pub # config: /etc/openssh/ssh_host_key.pub
# config: /etc/ssh/ssh_random_seed # config: /etc/openssh/ssh_random_seed
# config: /etc/ssh/sshd_config # config: /etc/openssh/sshd_config
# pidfile: /var/run/sshd.pid # pidfile: /var/run/opensshd.pid
# source function library # source function library
. /etc/rc.d/init.d/functions . /etc/rc.d/init.d/functions
@ -19,14 +19,14 @@ RETVAL=0
case "$1" in case "$1" in
start) start)
echo -n "Starting sshd: " echo -n "Starting opensshd: "
daemon /usr/sbin/sshd daemon /usr/sbin/opensshd
RETVAL=$? RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
echo echo
;; ;;
stop) stop)
echo -n "Shutting down sshd: " echo -n "Shutting down opensshd: "
killproc sshd killproc sshd
RETVAL=$? RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd
@ -38,11 +38,11 @@ case "$1" in
RETVAL=$? RETVAL=$?
;; ;;
status) status)
status sshd status opensshd
RETVAL=$? RETVAL=$?
;; ;;
*) *)
echo "Usage: sshd {start|stop|restart|status}" echo "Usage: opensshd {start|stop|restart|status}"
exit 1 exit 1
esac esac

42
sshd.c
View File

@ -18,7 +18,7 @@ agent connections.
*/ */
#include "includes.h" #include "includes.h"
RCSID("$Id: sshd.c,v 1.3 1999/10/28 03:20:30 damien Exp $"); RCSID("$Id: sshd.c,v 1.4 1999/10/28 04:03:14 damien Exp $");
#include "xmalloc.h" #include "xmalloc.h"
#include "rsa.h" #include "rsa.h"
@ -129,7 +129,7 @@ void do_exec_no_pty(const char *command, struct passwd *pw,
void do_child(const char *command, struct passwd *pw, const char *term, void do_child(const char *command, struct passwd *pw, const char *term,
const char *display, const char *auth_proto, const char *display, const char *auth_proto,
const char *auth_data, const char *ttyname); const char *auth_data, const char *ttyname);
#ifdef HAVE_PAM #ifdef HAVE_LIBPAM
static int pamconv(int num_msg, const struct pam_message **msg, static int pamconv(int num_msg, const struct pam_message **msg,
struct pam_response **resp, void *appdata_ptr); struct pam_response **resp, void *appdata_ptr);
void do_pam_account_and_session(const char *username, const char *password, void do_pam_account_and_session(const char *username, const char *password,
@ -225,7 +225,7 @@ void do_pam_account_and_session(const char *username, const char *password, cons
eat_packets_and_disconnect(username); eat_packets_and_disconnect(username);
} }
} }
#endif /* HAVE_PAM */ #endif /* HAVE_LIBPAM */
/* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP; /* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP;
the effect is to reread the configuration file (and to regenerate the effect is to reread the configuration file (and to regenerate
@ -809,7 +809,7 @@ main(int ac, char **av)
/* The connection has been terminated. */ /* The connection has been terminated. */
log("Closing connection to %.100s", inet_ntoa(sin.sin_addr)); log("Closing connection to %.100s", inet_ntoa(sin.sin_addr));
#ifdef HAVE_PAM #ifdef HAVE_LIBPAM
{ {
int retval; int retval;
@ -823,7 +823,7 @@ main(int ac, char **av)
fatal_remove_cleanup(&pam_cleanup_proc, NULL); fatal_remove_cleanup(&pam_cleanup_proc, NULL);
} }
} }
#endif /* HAVE_PAM */ #endif /* HAVE_LIBPAM */
packet_close(); packet_close();
@ -1135,17 +1135,17 @@ do_authentication(char *user, int privileged_port)
pwcopy.pw_shell = xstrdup(pw->pw_shell); pwcopy.pw_shell = xstrdup(pw->pw_shell);
pw = &pwcopy; pw = &pwcopy;
#ifdef HAVE_PAM #ifdef HAVE_LIBPAM
if (PAM_SUCCESS != pam_start("ssh", pw->pw_name, &conv, (pam_handle_t**)&pamh)) if (PAM_SUCCESS != pam_start("opensshd", pw->pw_name, &conv, (pam_handle_t**)&pamh))
{ {
packet_start(SSH_SMSG_FAILURE); packet_start(SSH_SMSG_FAILURE);
packet_send(); packet_send();
packet_write_wait(); packet_write_wait();
packet_disconnect("PAM initialisation failed."); packet_disconnect("PAM initialisation failed.");
} }
#endif
fatal_add_cleanup(&pam_cleanup_proc, NULL); fatal_add_cleanup(&pam_cleanup_proc, NULL);
#endif
/* If we are not running as root, the user must have the same uid as the /* If we are not running as root, the user must have the same uid as the
server. */ server. */
@ -1289,16 +1289,16 @@ do_authentication(char *user, int privileged_port)
log("Rhosts authentication accepted for %.100s, remote %.100s on %.700s.", log("Rhosts authentication accepted for %.100s, remote %.100s on %.700s.",
user, client_user, get_canonical_hostname()); user, client_user, get_canonical_hostname());
authenticated = 1; authenticated = 1;
#ifndef HAVE_PAM #ifndef HAVE_LIBPAM
xfree(client_user); xfree(client_user);
#endif /* HAVE_PAM */ #endif /* HAVE_LIBPAM */
break; break;
} }
log("Rhosts authentication failed for %.100s, remote %.100s.", log("Rhosts authentication failed for %.100s, remote %.100s.",
user, client_user); user, client_user);
#ifndef HAVE_PAM #ifndef HAVE_LIBPAM
xfree(client_user); xfree(client_user);
#endif /* HAVE_PAM */ #endif /* HAVE_LIBPAM */
break; break;
case SSH_CMSG_AUTH_RHOSTS_RSA: case SSH_CMSG_AUTH_RHOSTS_RSA:
@ -1341,18 +1341,18 @@ do_authentication(char *user, int privileged_port)
{ {
/* Authentication accepted. */ /* Authentication accepted. */
authenticated = 1; authenticated = 1;
#ifndef HAVE_PAM #ifndef HAVE_LIBPAM
xfree(client_user); xfree(client_user);
#endif /* HAVE_PAM */ #endif /* HAVE_LIBPAM */
BN_clear_free(client_host_key_e); BN_clear_free(client_host_key_e);
BN_clear_free(client_host_key_n); BN_clear_free(client_host_key_n);
break; break;
} }
log("Rhosts authentication failed for %.100s, remote %.100s.", log("Rhosts authentication failed for %.100s, remote %.100s.",
user, client_user); user, client_user);
#ifndef HAVE_PAM #ifndef HAVE_LIBPAM
xfree(client_user); xfree(client_user);
#endif /* HAVE_PAM */ #endif /* HAVE_LIBPAM */
BN_clear_free(client_host_key_e); BN_clear_free(client_host_key_e);
BN_clear_free(client_host_key_n); BN_clear_free(client_host_key_n);
break; break;
@ -1403,7 +1403,7 @@ do_authentication(char *user, int privileged_port)
packet_integrity_check(plen, 4 + passw_len, type); packet_integrity_check(plen, 4 + passw_len, type);
} }
#ifdef HAVE_PAM #ifdef HAVE_LIBPAM
pampasswd = password; pampasswd = password;
if (PAM_SUCCESS == pam_authenticate((pam_handle_t *)pamh, 0)) if (PAM_SUCCESS == pam_authenticate((pam_handle_t *)pamh, 0))
@ -1416,7 +1416,7 @@ do_authentication(char *user, int privileged_port)
log("PAM Password authentication for %.100s failed.", user); log("PAM Password authentication for %.100s failed.", user);
break; break;
} }
#else /* HAVE_PAM */ #else /* HAVE_LIBPAM */
/* Try authentication with the password. */ /* Try authentication with the password. */
if (auth_password(pw, password)) if (auth_password(pw, password))
{ {
@ -1432,7 +1432,7 @@ do_authentication(char *user, int privileged_port)
memset(password, 0, strlen(password)); memset(password, 0, strlen(password));
xfree(password); xfree(password);
break; break;
#endif /* HAVE_PAM */ #endif /* HAVE_LIBPAM */
case SSH_CMSG_AUTH_TIS: case SSH_CMSG_AUTH_TIS:
/* TIS Authentication is unsupported */ /* TIS Authentication is unsupported */
@ -1470,7 +1470,7 @@ do_authentication(char *user, int privileged_port)
get_canonical_hostname()); get_canonical_hostname());
} }
#ifdef HAVE_PAM #ifdef HAVE_LIBPAM
do_pam_account_and_session(pw->pw_name, password, client_user, get_canonical_hostname()); do_pam_account_and_session(pw->pw_name, password, client_user, get_canonical_hostname());
/* Clean up */ /* Clean up */
@ -1482,7 +1482,7 @@ do_authentication(char *user, int privileged_port)
memset(password, 0, strlen(password)); memset(password, 0, strlen(password));
xfree(password); xfree(password);
} }
#endif /* HAVE_PAM */ #endif /* HAVE_LIBPAM */
/* The user has been authenticated and accepted. */ /* The user has been authenticated and accepted. */
packet_start(SSH_SMSG_SUCCESS); packet_start(SSH_SMSG_SUCCESS);

View File

@ -2,7 +2,7 @@
Port 22 Port 22
ListenAddress 0.0.0.0 ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_key HostKey /etc/openssh/ssh_host_key
ServerKeyBits 768 ServerKeyBits 768
LoginGraceTime 600 LoginGraceTime 600
KeyRegenerationInterval 3600 KeyRegenerationInterval 3600
@ -20,7 +20,7 @@ KeepAlive yes
SyslogFacility AUTH SyslogFacility AUTH
RhostsAuthentication no RhostsAuthentication no
# #
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts # For this to work you will also need host keys in /etc/openssh/ssh_known_hosts
RhostsRSAAuthentication no RhostsRSAAuthentication no
# #
RSAAuthentication yes RSAAuthentication yes