- (djm) Import OpenBSD CVS changes
   - markus@cvs.openbsd.org  2000/08/31 15:52:24
     [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
     implement a SFTP server. interops with sftp2, scp2 and the windows
     client from ssh.com
   - markus@cvs.openbsd.org  2000/08/31 15:56:03
     [README.openssh2]
     sync
   - markus@cvs.openbsd.org  2000/08/31 16:05:42
     [session.c]
     Wall
   - markus@cvs.openbsd.org  2000/08/31 16:09:34
     [authfd.c ssh-agent.c]
     add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
   - deraadt@cvs.openbsd.org 2000/09/01 09:25:13
     [scp.1 scp.c]
     cleanup and fix -S support; stevesk@sweden.hp.com
   - markus@cvs.openbsd.org  2000/09/01 16:29:32
     [sftp-server.c]
     portability fixes
   - markus@cvs.openbsd.org  2000/09/01 16:32:41
     [sftp-server.c]
     fix cast; mouring@pconline.com
   - itojun@cvs.openbsd.org  2000/09/03 09:23:28
     [ssh-add.1 ssh.1]
     add missing .El against .Bl.
   - markus@cvs.openbsd.org  2000/09/04 13:03:41
     [session.c]
     missing close; ok theo
   - markus@cvs.openbsd.org  2000/09/04 13:07:21
     [session.c]
     fix get_last_login_time order; from andre@van-veen.de
   - markus@cvs.openbsd.org  2000/09/04 13:10:09
     [sftp-server.c]
     more cast fixes; from mouring@pconline.com
   - markus@cvs.openbsd.org  2000/09/04 13:06:04
     [session.c]
     set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
 - (djm) Cleanup after import. Fix sftp-server compilation, Makefile
This commit is contained in:
Damien Miller 2000-09-05 13:34:53 +11:00
parent 123cbe8e86
commit 7b28dc5eb0
15 changed files with 1222 additions and 48 deletions

View File

@ -1,3 +1,43 @@
20000905
- (djm) Import OpenBSD CVS changes
- markus@cvs.openbsd.org 2000/08/31 15:52:24
[Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
implement a SFTP server. interops with sftp2, scp2 and the windows
client from ssh.com
- markus@cvs.openbsd.org 2000/08/31 15:56:03
[README.openssh2]
sync
- markus@cvs.openbsd.org 2000/08/31 16:05:42
[session.c]
Wall
- markus@cvs.openbsd.org 2000/08/31 16:09:34
[authfd.c ssh-agent.c]
add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
- deraadt@cvs.openbsd.org 2000/09/01 09:25:13
[scp.1 scp.c]
cleanup and fix -S support; stevesk@sweden.hp.com
- markus@cvs.openbsd.org 2000/09/01 16:29:32
[sftp-server.c]
portability fixes
- markus@cvs.openbsd.org 2000/09/01 16:32:41
[sftp-server.c]
fix cast; mouring@pconline.com
- itojun@cvs.openbsd.org 2000/09/03 09:23:28
[ssh-add.1 ssh.1]
add missing .El against .Bl.
- markus@cvs.openbsd.org 2000/09/04 13:03:41
[session.c]
missing close; ok theo
- markus@cvs.openbsd.org 2000/09/04 13:07:21
[session.c]
fix get_last_login_time order; from andre@van-veen.de
- markus@cvs.openbsd.org 2000/09/04 13:10:09
[sftp-server.c]
more cast fixes; from mouring@pconline.com
- markus@cvs.openbsd.org 2000/09/04 13:06:04
[session.c]
set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
- (djm) Cleanup after import. Fix sftp-server compilation, Makefile
20000903
- (djm) Fix Redhat init script

View File

@ -15,8 +15,8 @@ DESTDIR=
VPATH=@srcdir@
SSH_PROGRAM=@bindir@/ssh
ASKPASS_LOCATION=@libexecdir@/ssh
ASKPASS_PROGRAM=$(ASKPASS_LOCATION)/ssh-askpass
LIBEXEC=@libexecdir@/ssh
ASKPASS_PROGRAM=$(LIBEXEC)/ssh-askpass
CC=@CC@
LD=@LD@
@ -32,7 +32,7 @@ LDFLAGS=-L. @LDFLAGS@
INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
TARGETS=ssh sshd ssh-add ssh-keygen ssh-agent scp $(EXTRA_TARGETS)
TARGETS=ssh sshd ssh-add ssh-keygen ssh-agent scp sftp-server $(EXTRA_TARGETS)
LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dispatch.o dsa.o hmac.o hostfile.o key.o kex.o log.o match.o mpaux.o nchan.o packet.o radix.o entropy.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o util.o uuencode.o xmalloc.o
@ -42,13 +42,13 @@ SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o log-client.o readconf.o
SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o log-server.o login.o loginrec.o servconf.o serverloop.o md5crypt.o session.o
TROFFMAN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8
CATMAN = scp.0 ssh-add.0 ssh-agent.0 ssh-keygen.0 ssh.0 sshd.0
TROFFMAN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8 sftp-server.8
CATMAN = scp.0 ssh-add.0 ssh-agent.0 ssh-keygen.0 ssh.0 sshd.0 sftp-server.0
MANPAGES = @MANTYPE@
CONFIGFILES=sshd_config ssh_config
PATHSUBS = -D/etc/ssh_config=$(sysconfdir)/ssh_config -D/etc/known_hosts=$(sysconfdir)/ssh_known_hosts -D/etc/sshd_config=$(sysconfdir)/sshd_config -D/etc/shosts.equiv=$(sysconfdir)/shosts.equiv -D/etc/ssh_host_key=$(sysconfdir)/ssh_host_key -D/var/run/sshd.pid=$(piddir)/sshd.pid
PATHSUBS = -D/etc/ssh_config=$(sysconfdir)/ssh_config -D/etc/known_hosts=$(sysconfdir)/ssh_known_hosts -D/etc/sshd_config=$(sysconfdir)/sshd_config -D/usr/libexec=$(LIBEXEC) -D/etc/shosts.equiv=$(sysconfdir)/shosts.equiv -D/etc/ssh_host_key=$(sysconfdir)/ssh_host_key -D/var/run/sshd.pid=$(piddir)/sshd.pid
FIXPATHSCMD = $(PERL) $(srcdir)/fixpaths $(PATHSUBS)
@ -86,6 +86,9 @@ ssh-agent: libopenbsd-compat.a libssh.a ssh-agent.o log-client.o
ssh-keygen: libopenbsd-compat.a libssh.a ssh-keygen.o log-client.o
$(LD) -o $@ ssh-keygen.o log-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
sftp-server: libopenbsd-compat.a libssh.a sftp-server.o log-server.o
$(LD) -o $@ sftp-server.o log-server.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
# test driver for the loginrec code - not built by default
logintest: logintest.o libopenbsd-compat.a libssh.a log-client.o loginrec.o
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh log-client.o $(LIBS)
@ -123,18 +126,21 @@ install-files:
./mkinstalldirs $(DESTDIR)$(mandir)
./mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
./mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
./mkinstalldirs $(DESTDIR)$(LIBEXEC)
$(INSTALL) -m 4755 -s ssh $(DESTDIR)$(bindir)/ssh
$(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp
$(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add
$(INSTALL) -m 0755 -s ssh-agent $(DESTDIR)$(bindir)/ssh-agent
$(INSTALL) -m 0755 -s ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
$(INSTALL) -m 0755 -s sshd $(DESTDIR)$(sbindir)/sshd
$(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(LIBEXEC)/sftp-server
$(INSTALL) -m 644 ssh.[01].out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.[01].out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.[01].out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
$(INSTALL) -m 644 ssh-agent.[01].out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
$(INSTALL) -m 644 ssh-keygen.[01].out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
$(INSTALL) -m 644 sshd.[08].out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
$(INSTALL) -m 644 sftp-server.[08].out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
-rm -f $(DESTDIR)$(bindir)/slogin
ln -s ssh $(DESTDIR)$(bindir)/slogin
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1

View File

@ -1,4 +1,4 @@
$Id: README.openssh2,v 1.8 2000/05/07 18:30:03 markus Exp $
$Id: README.openssh2,v 1.9 2000/08/31 21:56:03 markus Exp $
howto:
1) generate server key:
@ -15,30 +15,27 @@ howto:
works:
secsh-transport: works w/o rekey
proposal exchange, i.e. different enc/mac/comp per direction
encryption: blowfish-cbc, 3des-cbc, arcfour, cast128-cbc
mac: hmac-md5, hmac-sha1, (hmac-ripemd160)
compression: zlib, none
secsh-userauth: passwd and pubkey with DSA
secsh-connection: pty+shell or command, flow control works (window adjust)
tcp-forwarding: -L works, -R incomplete
x11-fwd
dss/dsa: host key database in ~/.ssh/known_hosts2
ssh-agent: supports SSH1-RSA and ssh-dss keys
client interops w/ sshd2, lshd
server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT, F-Secure SSH Client 4.0, SecureFX (secure ftp)
server supports multiple concurrent sessions (e.g. with SSH.com Windows client)
server supports SFTP (interops with ssh.com's windows, sftp2, scp2)
todo:
re-keying
RE-KEYING
secsh-connection features:
tcp-forwarding, agent-fwd
complete tcp-forwarding, agent-fwd
auth other than passwd, and DSA-pubkey:
keyboard-interactive, (PGP-pubkey?)
keyboard-interactive, (PGP-pubkey?), kerberos
config
server-auth w/ old host-keys
cleanup
advanced key storage?
keynote
sftp
-markus
$Date: 2000/05/07 18:30:03 $
$Date: 2000/08/31 21:56:03 $

View File

@ -17,7 +17,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: authfd.c,v 1.25 2000/08/19 21:34:42 markus Exp $");
RCSID("$OpenBSD: authfd.c,v 1.26 2000/08/31 22:09:34 markus Exp $");
#include "ssh.h"
#include "rsa.h"
@ -359,6 +359,7 @@ ssh_agent_sign(AuthenticationConnection *auth,
buffer_put_char(&msg, SSH2_AGENTC_SIGN_REQUEST);
buffer_put_string(&msg, blob, blen);
buffer_put_string(&msg, data, datalen);
buffer_put_int(&msg, 0); /* flags, unused */
xfree(blob);
if (ssh_request_reply(auth, &msg, &msg) == 0) {

View File

@ -235,7 +235,7 @@ fi
AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h)
dnl Checks for library functions.
AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin setproctitle setreuid sigaction sigvec snprintf strerror strlcat strlcpy strsep vsnprintf vhangup _getpty __b64_ntop)
AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock freeaddrinfo futimes gai_strerror getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin setproctitle setreuid sigaction sigvec snprintf strerror strlcat strlcpy strsep vsnprintf vhangup _getpty __b64_ntop)
dnl Checks for time functions
AC_CHECK_FUNCS(gettimeofday time)
dnl Checks for libutil functions

15
scp.1
View File

@ -9,7 +9,7 @@
.\"
.\" Created: Sun May 7 00:14:37 1995 ylo
.\"
.\" $Id: scp.1,v 1.9 2000/08/23 00:46:24 djm Exp $
.\" $Id: scp.1,v 1.10 2000/09/05 02:34:54 djm Exp $
.\"
.Dd September 25, 1999
.Dt SCP 1
@ -20,6 +20,7 @@
.Sh SYNOPSIS
.Nm scp
.Op Fl pqrvC46
.Op Fl S Ar program
.Op Fl P Ar port
.Op Fl c Ar cipher
.Op Fl i Ar identity_file
@ -68,11 +69,6 @@ This option is directly passed to
.It Fl p
Preserves modification times, access times, and modes from the
original file.
.It Fl S
Name of program to use for the encrypted connection.
The program must understand
.Xr ssh 1
options.
.It Fl r
Recursively copy entire directories.
.It Fl v
@ -103,9 +99,10 @@ because
.Fl p
is already reserved for preserving the times and modes of the file in
.Xr rcp 1 .
.It Fl S
Name of program to use for the encrypted connection. The program must
understand
.It Fl S Ar program
Name of
.Ar program
to use for the encrypted connection. The program must understand
.Xr ssh 1
options.
.It Fl 4

4
scp.c
View File

@ -47,7 +47,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: scp.c,v 1.36 2000/08/24 21:46:59 deraadt Exp $");
RCSID("$OpenBSD: scp.c,v 1.37 2000/09/01 15:25:13 deraadt Exp $");
#include "ssh.h"
#include "xmalloc.h"
@ -262,7 +262,7 @@ main(argc, argv)
extern int optind;
fflag = tflag = 0;
while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S")) != EOF)
while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:")) != EOF)
switch (ch) {
/* User-visible flags. */
case '4':

View File

@ -8,7 +8,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: session.c,v 1.31 2000/08/28 03:50:54 deraadt Exp $");
RCSID("$OpenBSD: session.c,v 1.35 2000/09/04 19:07:21 markus Exp $");
#include "xmalloc.h"
#include "ssh.h"
@ -113,6 +113,9 @@ extern int startup_pipe;
/* Local Xauthority file. */
static char *xauthfile;
/* original command from peer. */
char *original_command = NULL;
/* data */
#define MAX_SESSIONS 10
Session sessions[MAX_SESSIONS];
@ -177,7 +180,7 @@ void
do_authenticated(struct passwd * pw)
{
Session *s;
int type;
int type, fd;
int compression_level = 0, enable_compression_after_reply = 0;
int have_pty = 0;
char *command;
@ -332,7 +335,9 @@ do_authenticated(struct passwd * pw)
break;
}
strlcat(xauthfile, "/cookies", MAXPATHLEN);
open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
if (fd >= 0)
close(fd);
restore_uid();
fatal_add_cleanup(xauthfile_cleanup_proc, NULL);
success = 1;
@ -377,6 +382,7 @@ do_authenticated(struct passwd * pw)
packet_integrity_check(plen, 0, type);
}
if (forced_command != NULL) {
original_command = command;
command = forced_command;
debug("Forced command '%.500s'", forced_command);
}
@ -638,6 +644,7 @@ do_login(Session *s)
FILE *f;
char *time_string;
char buf[256];
char hostname[MAXHOSTNAMELEN];
socklen_t fromlen;
struct sockaddr_storage from;
struct stat st;
@ -659,6 +666,10 @@ do_login(Session *s)
}
}
/* Get the time and hostname when the user last logged in. */
last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name,
hostname, sizeof(hostname));
/* Record that there was a login on that tty from the remote host. */
record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
get_remote_name_or_ip(), (struct sockaddr *)&from);
@ -680,12 +691,6 @@ do_login(Session *s)
printf("%s\n", aixloginmsg);
#endif /* WITH_AIXAUTHENTICATE */
/*
* Get the time when the user last logged in. 'buf' will be set
* to contain the hostname the last login was from.
*/
last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name,
buf, sizeof(buf));
if (last_login_time != 0) {
time_string = ctime(&last_login_time);
if (strchr(time_string, '\n'))
@ -911,7 +916,7 @@ do_child(const char *command, struct passwd * pw, const char *term,
const char *display, const char *auth_proto,
const char *auth_data, const char *ttyname)
{
const char *shell, *hostname, *cp = NULL;
const char *shell, *hostname = NULL, *cp = NULL;
char buf[256];
char cmd[1024];
FILE *f = NULL;
@ -1089,6 +1094,9 @@ do_child(const char *command, struct passwd * pw, const char *term,
child_set_env(&env, &envsize, "TERM", term);
if (display)
child_set_env(&env, &envsize, "DISPLAY", display);
if (original_command)
child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
original_command);
#ifdef _AIX
{
@ -1511,6 +1519,7 @@ session_subsystem_req(Session *s)
int
session_x11_req(Session *s)
{
int fd;
if (no_x11_forwarding_flag) {
debug("X11 forwarding disabled in user configuration file.");
return 0;
@ -1555,7 +1564,9 @@ session_x11_req(Session *s)
return 0;
}
strlcat(xauthfile, "/cookies", MAXPATHLEN);
open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
if (fd >= 0)
close(fd);
restore_uid();
fatal_add_cleanup(xauthfile_cleanup_proc, s);
return 1;
@ -1582,7 +1593,7 @@ session_exec_req(Session *s)
char *command = packet_get_string(&len);
packet_done();
if (forced_command) {
xfree(command);
original_command = command;
command = forced_command;
debug("Forced command '%.500s'", forced_command);
}

33
sftp-server.8 Normal file
View File

@ -0,0 +1,33 @@
.\" $OpenBSD: sftp-server.8,v 1.1 2000/08/31 21:52:23 markus Exp $
.Dd August 30, 2000
.Dt SFTP-SERVER 8
.Os
.Sh NAME
.Nm sftp-server
.Nd SFTP server subsystem
.Sh SYNOPSIS
.Nm sftp-server
.Sh DESCRIPTION
.Nm
is a program that speaks the server side of SFTP protocol
to stdout and expects client requests from stdin.
.Nm
is not intended to be called directly, but from
.Xr sshd 8
using the
.Cm Subsystem
option.
See
.Xr sshd 8
for more information.
.Sh HISTORY
.Nm
first appeared in
.Ox 2.8 .
.Sh AUTHOR
Markus Friedl <markus@openbsd.org>
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-add 1 ,
.Xr ssh-keygen 1 ,
.Xr sshd 8 ,

1078
sftp-server.c Normal file

File diff suppressed because it is too large Load Diff

View File

@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 23:55:14 1995 ylo
.\"
.\" $Id: ssh-add.1,v 1.15 2000/08/29 00:33:51 djm Exp $
.\" $Id: ssh-add.1,v 1.16 2000/09/05 02:34:54 djm Exp $
.\"
.Dd September 25, 1999
.Dt SSH-ADD 1
@ -65,7 +65,7 @@ This is the default file added by
when no other files have been specified.
.It Pa $HOME/.ssh/id_dsa
Contains the DSA authentication identity of the user.
.Pp
.El
.Sh ENVIRONMENT
.Bl -tag -width Ds
.It Ev "DISPLAY" and "SSH_ASKPASS"
@ -91,6 +91,7 @@ or related script.
may be necessary to redirect the input from
.Pa /dev/null
to make this work.)
.El
.Sh AUTHOR
Tatu Ylonen <ylo@cs.hut.fi>
.Pp

View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-agent.c,v 1.33 2000/08/19 21:34:43 markus Exp $ */
/* $OpenBSD: ssh-agent.c,v 1.34 2000/08/31 22:09:34 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh-agent.c,v 1.33 2000/08/19 21:34:43 markus Exp $");
RCSID("$OpenBSD: ssh-agent.c,v 1.34 2000/08/31 22:09:34 markus Exp $");
#include "ssh.h"
#include "rsa.h"
@ -219,6 +219,7 @@ process_sign_request2(SocketEntry *e)
blob = buffer_get_string(&e->input, &blen);
data = buffer_get_string(&e->input, &dlen);
buffer_get_int(&e->input); /* flags, unused */
key = dsa_key_from_blob(blob, blen);
if (key != NULL) {

4
ssh.1
View File

@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
.\" $Id: ssh.1,v 1.30 2000/08/29 00:33:51 djm Exp $
.\" $Id: ssh.1,v 1.31 2000/09/05 02:34:54 djm Exp $
.\"
.Dd September 25, 1999
.Dt SSH 1
@ -946,6 +946,7 @@ Specifies the location of the
program.
The default is
.Pa /usr/X11R6/bin/xauth .
.El
.Sh ENVIRONMENT
.Nm
will normally set the following environment variables:
@ -1189,6 +1190,7 @@ above.
.It Pa libcrypto.so.X.1
A version of this library which includes support for the RSA algorithm
is required for proper operation.
.El
.Sh AUTHOR
OpenSSH
is a derivative of the original (free) ssh 1.2.12 release by Tatu Ylonen,

8
sshd.8
View File

@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
.\" $Id: sshd.8,v 1.27 2000/08/29 00:33:51 djm Exp $
.\" $Id: sshd.8,v 1.28 2000/09/05 02:34:54 djm Exp $
.\"
.Dd September 25, 1999
.Dt SSHD 8
@ -589,6 +589,11 @@ The default is
.It Cm Subsystem
Configures an external subsystem (e.g. file transfer daemon).
Arguments should be a subsystem name and a command to execute upon subsystem request.
The command
.Xr sftp-server 8
implements the
.Dq sftp
file transfer subsystem.
By default no subsystems are defined.
Note that this option applies to protocol version 2 only.
.It Cm SyslogFacility
@ -1031,6 +1036,7 @@ Niels Provos, Theo de Raadt, and Dug Song.
The support for SSH protocol 2 was written by Markus Friedl.
.Sh SEE ALSO
.Xr scp 1 ,
.Xr sftp-server 8 ,
.Xr ssh 1 ,
.Xr ssh-add 1 ,
.Xr ssh-agent 1 ,

View File

@ -50,5 +50,6 @@ PermitEmptyPasswords no
CheckMail no
#UseLogin no
#Subsystem sftp /usr/local/sbin/sftpd
# Uncomment if you want to enable sftp
#Subsystem sftp /usr/libexec/sftp-server
#MaxStartups 10:30:60