diff options
author | green <green@FreeBSD.org> | 2000-12-05 02:55:12 +0000 |
---|---|---|
committer | green <green@FreeBSD.org> | 2000-12-05 02:55:12 +0000 |
commit | ab6b35a1d6b61fa8d2bb7336a0ef6fa9378898ef (patch) | |
tree | ccefbd34ee9fea2be5de1744eb036cb66156f5bd /crypto/openssh/servconf.c | |
parent | 6202ac16142a68bfbc9a54bc13190fafeefe1f5c (diff) | |
download | FreeBSD-src-ab6b35a1d6b61fa8d2bb7336a0ef6fa9378898ef.zip FreeBSD-src-ab6b35a1d6b61fa8d2bb7336a0ef6fa9378898ef.tar.gz |
Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0
new features description elided in favor of checking out their
website.
Important new FreeBSD-version stuff: PAM support has been worked
in, partially from the "Unix" OpenSSH version, and a lot due to the
work of Eivind Eklend, too.
This requires at least the following in pam.conf:
sshd auth sufficient pam_skey.so
sshd auth required pam_unix.so try_first_pass
sshd session required pam_permit.so
Parts by: Eivind Eklend <eivind@FreeBSD.org>
Diffstat (limited to 'crypto/openssh/servconf.c')
-rw-r--r-- | crypto/openssh/servconf.c | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index ae0c9cb..ec6682f 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.51 2000/09/07 20:27:53 deraadt Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.53 2000/10/14 12:12:09 markus Exp $"); RCSID("$FreeBSD$"); #include "ssh.h" @@ -66,11 +66,13 @@ initialize_server_options(ServerOptions *options) options->afs_token_passing = -1; #endif options->password_authentication = -1; + options->kbd_interactive_authentication = -1; #ifdef SKEY options->skey_authentication = -1; #endif options->permit_empty_passwd = -1; options->use_login = -1; + options->allow_tcp_forwarding = -1; options->num_allow_users = 0; options->num_deny_users = 0; options->num_allow_groups = 0; @@ -161,6 +163,8 @@ fill_default_server_options(ServerOptions *options) #endif /* AFS */ if (options->password_authentication == -1) options->password_authentication = 1; + if (options->kbd_interactive_authentication == -1) + options->kbd_interactive_authentication = 0; #ifdef SKEY if (options->skey_authentication == -1) options->skey_authentication = 1; @@ -169,6 +173,8 @@ fill_default_server_options(ServerOptions *options) options->permit_empty_passwd = 0; if (options->use_login == -1) options->use_login = 0; + if (options->allow_tcp_forwarding == -1) + options->allow_tcp_forwarding = 1; if (options->protocol == SSH_PROTO_UNKNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->gateway_ports == -1) @@ -199,10 +205,11 @@ typedef enum { #ifdef SKEY sSkeyAuthentication, #endif - sPasswordAuthentication, sListenAddress, + sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, - sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sUseLogin, sAllowTcpForwarding, + sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile, sGatewayPorts, sDSAAuthentication, sConnectionsPerPeriod, sXAuthLocation, sSubsystem, sMaxStartups @@ -241,6 +248,7 @@ static struct { { "afstokenpassing", sAFSTokenPassing }, #endif { "passwordauthentication", sPasswordAuthentication }, + { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, #ifdef SKEY { "skeyauthentication", sSkeyAuthentication }, #endif @@ -257,6 +265,7 @@ static struct { { "uselogin", sUseLogin }, { "randomseed", sRandomSeedFile }, { "keepalive", sKeepAlives }, + { "allowtcpforwarding", sAllowTcpForwarding }, { "allowusers", sAllowUsers }, { "denyusers", sDenyUsers }, { "allowgroups", sAllowGroups }, @@ -534,6 +543,10 @@ parse_flag: intptr = &options->password_authentication; goto parse_flag; + case sKbdInteractiveAuthentication: + intptr = &options->kbd_interactive_authentication; + goto parse_flag; + case sCheckMail: intptr = &options->check_mail; goto parse_flag; @@ -602,6 +615,10 @@ parse_flag: *intptr = (LogLevel) value; break; + case sAllowTcpForwarding: + intptr = &options->allow_tcp_forwarding; + goto parse_flag; + case sAllowUsers: while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_allow_users >= MAX_ALLOW_USERS) |