Initial import of OpenSSH v2.1.

1 files changed, 147 insertions, 47 deletions

diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8
index 24b1a35..3fb255a 100644
--- a/crypto/openssh/sshd.8
+++ b/crypto/openssh/sshd.8
@@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 21:55:14 1995 ylo
 .\"
-.\" $Id: sshd.8,v 1.37 2000/03/24 03:04:46 brad Exp $
+.\" $Id: sshd.8,v 1.51 2000/05/08 17:42:31 hugh Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSHD 8
@@ -27,11 +27,11 @@
 .Op Fl k Ar key_gen_time
 .Op Fl p Ar port
 .Op Fl V Ar client_protocol_id
-.Sh DESCRIPTION 
+.Sh DESCRIPTION
 .Nm
-(Secure Shell Daemon) is the daemon program for 
+(Secure Shell Daemon) is the daemon program for
 .Xr ssh 1 .
-Together these programs replace rlogin and rsh programs, and
+Together these programs replace rlogin and rsh, and
 provide secure encrypted communications between two untrusted hosts
 over an insecure network.
 The programs are intended to be as easy to
@@ -39,16 +39,21 @@ install and use as possible.
 .Pp
 .Nm
 is the daemon that listens for connections from clients.
-It is normally started at boot from 
+It is normally started at boot from
 .Pa /etc/rc .
 It forks a new
 daemon for each incoming connection.
 The forked daemons handle
 key exchange, encryption, authentication, command execution,
 and data exchange.
-.Pp
+This implementation of
+.Nm
+supports both SSH protocol version 1 and 2 simultaneously.
 .Nm
 works as follows.
+.Pp
+.Ss SSH protocol version 1
+.Pp
 Each host has a host-specific RSA key
 (normally 1024 bits) used to identify the host.
 Additionally, when
@@ -56,20 +61,20 @@ the daemon starts, it generates a server RSA key (normally 768 bits).
 This key is normally regenerated every hour if it has been used, and
 is never stored on disk.
 .Pp
-Whenever a client connects the daemon, the daemon sends its host
-and server public keys to the client.
+Whenever a client connects the daemon responds with its public
+host and server keys.
 The client compares the
-host key against its own database to verify that it has not changed.
+RSA host key against its own database to verify that it has not changed.
 The client then generates a 256 bit random number.
 It encrypts this
 random number using both the host key and the server key, and sends
 the encrypted number to the server.
-Both sides then start to use this
+Both sides then use this
 random number as a session key which is used to encrypt all further
 communications in the session.
 The rest of the session is encrypted
-using a conventional cipher, currently Blowfish and 3DES, with 3DES
-being is used by default.
+using a conventional cipher, currently Blowfish or 3DES, with 3DES
+being used by default.
 The client selects the encryption algorithm
 to use from those offered by the server.
 .Pp
@@ -95,7 +100,29 @@ are disabled (thus completely disabling
 .Xr rlogin 1
 and
 .Xr rsh 1
-into that machine).
+into the machine).
+.Pp
+.Ss SSH protocol version 2
+.Pp
+Version 2 works similar:
+Each host has a host-specific DSA key used to identify the host.
+However, when the daemon starts, it does not generate a server key.
+Forward security is provided through a Diffie-Hellman key agreement.
+This key agreement results in a shared session key.
+The rest of the session is encrypted
+using a symmetric cipher, currently
+Blowfish, 3DES or CAST128 in CBC mode or Arcfour.
+The client selects the encryption algorithm
+to use from those offered by the server.
+Additionally, session integrity is provided
+through a cryptographic message authentication code
+(hmac-sha1 or hmac-md5).
+.Pp
+Protocol version 2 provides a public key based
+user authentication method (DSAAuthentication)
+and conventional password authentication.
+.Pp
+.Ss Command execution and data forwarding
 .Pp
 If the client successfully authenticates itself, a dialog for
 preparing the session is entered.
@@ -148,7 +175,7 @@ If the client fails to authenticate the user within
 this many seconds, the server disconnects and exits.
 A value of zero indicates no limit.
 .It Fl h Ar host_key_file
-Specifies the file from which the host key is read (default
+Specifies the file from which the RSA host key is read (default
 .Pa /etc/ssh_host_key ) .
 This option must be given if
 .Nm
@@ -157,7 +184,7 @@ host file is normally not readable by anyone but root).
 .It Fl i
 Specifies that
 .Nm
-is being run from inetd. 
+is being run from inetd.
 .Nm
 is normally not run
 from inetd because it needs to generate the server key before it can
@@ -188,9 +215,9 @@ authentication, and termination of each connection is logged.
 Do not print an error message if RSA support is missing.
 .It Fl V Ar client_protocol_id
 SSH2 compatibility mode.
-When this options is specified
+When this option is specified
 .Nm
-assumes the client has sent the given version string
+assumes the client has sent the supplied version string
 and skips the
 Protocol Version Identification Exchange.
 .It Fl 4
@@ -204,7 +231,7 @@ to use IPv6 addresses only.
 .El
 .Sh CONFIGURATION FILE
 .Nm
-reads configuration data from 
+reads configuration data from
 .Pa /etc/sshd_config
 (or the file specified with
 .Fl f
@@ -246,6 +273,11 @@ wildcards in the patterns.
 Only user names are valid, a numerical user ID isn't recognized.
 By default login is allowed regardless of the user name.
 .Pp
+.It Cm Ciphers
+Specifies the ciphers allowed for protocol version 2.
+Multiple ciphers must be comma-separated.
+The default is
+.Dq 3des-cbc,blowfish-cbc,arcfour,cast128-cbc .
 .It Cm CheckMail
 Specifies whether
 .Nm
@@ -275,23 +307,45 @@ and
 can be used as wildcards in the patterns.
 Only user names are valid, a numerical user ID isn't recognized.
 By default login is allowed regardless of the user name.
+.It Cm DSAAuthentication
+Specifies whether DSA authentication is allowed.
+The default is
+.Dq yes .
+Note that this option applies to protocol version 2 only.
+.It Cm GatewayPorts
+Specifies whether remote hosts are allowed to connect to ports
+forwarded for the client.
+The argument must be
+.Dq yes
+or
+.Dq no .
+The default is
+.Dq no .
+.It Cm HostDsaKey
+Specifies the file containing the private DSA host key (default
+.Pa /etc/ssh_host_dsa_key )
+used by SSH protocol 2.0.
+Note that
+.Nm
+disables protocol 2.0 if this file is group/world-accessible.
 .It Cm HostKey
-Specifies the file containing the private host key (default
-.Pa /etc/ssh_host_key ) .
+Specifies the file containing the private RSA host key (default
+.Pa /etc/ssh_host_key )
+used by SSH protocols 1.3 and 1.5.
 Note that
 .Nm
-does not start if this file is group/world-accessible.
+disables protocols 1.3 and 1.5 if this file is group/world-accessible.
 .It Cm IgnoreRhosts
 Specifies that
 .Pa .rhosts
-and 
+and
 .Pa .shosts
 files will not be used in authentication.
 .Pa /etc/hosts.equiv
 and
-.Pa /etc/shosts.equiv 
+.Pa /etc/shosts.equiv
 are still used.
-The default is 
+The default is
 .Dq yes .
 .It Cm IgnoreUserKnownHosts
 Specifies whether
@@ -310,7 +364,7 @@ of the machines will be properly noticed.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.
-On the other hand, if keepalives are not send,
+On the other hand, if keepalives are not sent,
 sessions may hang indefinitely on the server, leaving
 .Dq ghost
 users and consuming server resources.
@@ -342,7 +396,7 @@ Default is
 .Dq yes .
 .It Cm KerberosTgtPassing
 Specifies whether a Kerberos TGT may be forwarded to the server.
-Default is 
+Default is
 .Dq no ,
 as this only works when the Kerberos KDC is actually an AFS kaserver.
 .It Cm KerberosTicketCleanup
@@ -385,6 +439,7 @@ and is not recommended.
 Specifies whether password authentication is allowed.
 The default is
 .Dq yes .
+Note that this option applies to both protocol version 1 and 2.
 .It Cm PermitEmptyPasswords
 When password authentication is allowed, it specifies whether the
 server allows login to accounts with empty password strings.
@@ -410,6 +465,12 @@ option has been
 specified will be allowed regardless of the value of this setting
 (which may be useful for taking remote backups even if root login is
 normally not allowed).
+.It Cm PidFile
+Specifies the file that contains the process identifier of the
+.Nm
+daemon.
+The default is
+.Pa /var/run/sshd.pid .
 .It Cm Port
 Specifies the port number that
 .Nm
@@ -419,7 +480,7 @@ Multiple options of this type are permitted.
 .It Cm PrintMotd
 Specifies whether
 .Nm
-should print 
+should print
 .Pa /etc/motd
 when a user logs in interactively.
 (On some systems it is also printed by the shell,
@@ -427,6 +488,17 @@ when a user logs in interactively.
 or equivalent.)
 The default is
 .Dq yes .
+.It Cm Protocol
+Specifies the protocol versions
+.Nm
+should support.
+The possible values are
+.Dq 1
+and
+.Dq 2 .
+Multiple versions must be comma-separated.
+The default is
+.Dq 1 .
 .It Cm RandomSeed
 Obsolete.
 Random number generation uses other techniques.
@@ -449,12 +521,13 @@ The default is
 Specifies whether pure RSA authentication is allowed.
 The default is
 .Dq yes .
+Note that this option applies to protocol version 1 only.
 .It Cm ServerKeyBits
 Defines the number of bits in the server key.
 The minimum value is 512, and the default is 768.
 .It Cm SkeyAuthentication
 Specifies whether
-.Xr skey 1 
+.Xr skey 1
 authentication is allowed.
 The default is
 .Dq yes .
@@ -504,12 +577,12 @@ does the following:
 .Bl -enum -offset indent
 .It
 If the login is on a tty, and no command has been specified,
-prints last login time and 
+prints last login time and
 .Pa /etc/motd
 (unless prevented in the configuration file or by
 .Pa $HOME/.hushlogin ;
 see the
-.Sx FILES 
+.Sx FILES
 section).
 .It
 If the login is on a tty, records login time.
@@ -543,10 +616,14 @@ authentication protocol and cookie in standard input.
 Runs user's shell or command.
 .El
 .Sh AUTHORIZED_KEYS FILE FORMAT
-The 
+The
 .Pa $HOME/.ssh/authorized_keys
 file lists the RSA keys that are
-permitted for RSA authentication.
+permitted for RSA authentication in SSH protocols 1.3 and 1.5
+Similarly, the
+.Pa $HOME/.ssh/authorized_keys2
+file lists the DSA keys that are
+permitted for DSA authentication in SSH protocol 2.0.
 Each line of the file contains one
 key (empty lines and lines starting with a
 .Ql #
@@ -602,8 +679,8 @@ A quote may be included in the command by quoting it with a backslash.
 This option might be useful
 to restrict certain RSA keys to perform just a specific operation.
 An example might be a key that permits remote backups but nothing else.
-Notice that the client may specify TCP/IP and/or X11
-forwardings unless they are explicitly prohibited.
+Note that the client may specify TCP/IP and/or X11
+forwarding unless they are explicitly prohibited.
 .It Cm environment="NAME=value"
 Specifies that the string is to be added to the environment when
 logging in using this key.
@@ -632,10 +709,12 @@ from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula
 .Pp
 command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi
 .Sh SSH_KNOWN_HOSTS FILE FORMAT
-The 
-.Pa /etc/ssh_known_hosts
-and 
-.Pa $HOME/.ssh/known_hosts
+The
+.Pa /etc/ssh_known_hosts ,
+.Pa /etc/ssh_known_hosts2 ,
+.Pa $HOME/.ssh/known_hosts ,
+and
+.Pa $HOME/.ssh/known_hosts2
 files contain host public keys for all known hosts.
 The global file should
 be prepared by the administrator (optional), and the per-user file is
@@ -656,7 +735,7 @@ to indicate negation: if the host name matches a negated
 pattern, it is not accepted (by that line) even if it matched another
 pattern on the line.
 .Pp
-Bits, exponent, and modulus are taken directly from the host key; they
+Bits, exponent, and modulus are taken directly from the RSA host key; they
 can be obtained, e.g., from
 .Pa /etc/ssh_host_key.pub .
 The optional comment field continues to the end of the line, and is not used.
@@ -679,7 +758,7 @@ accepted if valid information can be found from either file.
 Note that the lines in these files are typically hundreds of characters
 long, and you definitely don't want to type in the host keys by hand.
 Rather, generate them by a script
-or by taking 
+or by taking
 .Pa /etc/ssh_host_key.pub
 and adding the host names at the front.
 .Ss Examples
@@ -722,6 +801,21 @@ it being world-readable if the user's home directory resides on an NFS
 volume).
 It is recommended that it not be accessible by others.
 The format of this file is described above.
+Users will place the contents of their
+.Pa identity.pub
+files into this file, as described in
+.Xr ssh-keygen 1 .
+.It Pa $HOME/.ssh/authorized_keys2
+Lists the DSA keys that can be used to log into the user's account.
+This file must be readable by root (which may on some machines imply
+it being world-readable if the user's home directory resides on an NFS
+volume).
+It is recommended that it not be accessible by others.
+The format of this file is described above.
+Users will place the contents of their
+.Pa id_dsa.pub
+files into this file, as described in
+.Xr ssh-keygen 1 .
 .It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts"
 These files are consulted when using rhosts with RSA host
 authentication to check the public key of the host.
@@ -734,7 +828,7 @@ should be world-readable, and
 .Pa $HOME/.ssh/known_hosts
 can but need not be world-readable.
 .It Pa /etc/nologin
-If this file exists, 
+If this file exists,
 .Nm
 refuses to let anyone except root log in.
 The contents of the file
@@ -853,6 +947,7 @@ but with bugs removed and newer features re-added.
 Rapidly after the
 1.2.12 release, newer versions of the original ssh bore successively
 more restrictive licenses, and thus demand for a free version was born.
+.Pp
 This version of OpenSSH
 .Bl -bullet
 .It
@@ -862,10 +957,10 @@ directly removed from the source code; any licensed or patented components
 are chosen from
 external libraries.
 .It
-has been updated to support ssh protocol 1.5, making it compatible with
-all other ssh protocol 1 clients and servers.
+has been updated to support SSH protocol 1.5 and 2, making it compatible with
+all other SSH clients and servers.
 .It
-contains added support for 
+contains added support for
 .Xr kerberos 8
 authentication and ticket passing.
 .It
@@ -876,12 +971,17 @@ supports one-time password authentication with
 The libraries described in
 .Xr ssl 8
 are required for proper operation.
+.Pp
+OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl,
+Niels Provos, Theo de Raadt, and Dug Song.
+.Pp
+The support for SSH protocol 2 was written by Markus Friedl.
 .Sh SEE ALSO
-.Xr rlogin 1 ,
-.Xr rsh 1 ,
 .Xr scp 1 ,
 .Xr ssh 1 ,
 .Xr ssh-add 1 ,
 .Xr ssh-agent 1 ,
 .Xr ssh-keygen 1 ,
-.Xr ssl 8
+.Xr ssl 8 ,
+.Xr rlogin 1 ,
+.Xr rsh 1