blob: 0a6ad1317b96398744d08c2a7755d2c3d0eb3f00 [file] [log] [blame]
Ben Lindstrom5590aa52002-06-23 00:30:30 +00001/* $OpenBSD: ssh.h,v 1.71 2002/06/22 02:00:29 stevesk Exp $ */
Ben Lindstrom05764b92002-03-05 01:53:02 +00002
Damien Millerd4a8b7e1999-10-27 13:42:43 +10003/*
Damien Miller95def091999-11-25 00:26:21 +11004 * Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller95def091999-11-25 00:26:21 +11005 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 * All rights reserved
Damien Miller4af51302000-04-16 11:18:38 +10007 *
Damien Millere4340be2000-09-16 13:29:08 +11008 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose. Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is
11 * incompatible with the protocol description in the RFC file, it must be
12 * called by a name other than "ssh" or "Secure Shell".
Damien Miller95def091999-11-25 00:26:21 +110013 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100014
Damien Millerd4a8b7e1999-10-27 13:42:43 +100015#ifndef SSH_H
16#define SSH_H
17
Damien Millerab18c411999-11-11 10:40:23 +110018#include <netinet/in.h> /* For struct sockaddr_in */
19#include <pwd.h> /* For struct pw */
Damien Miller5ce662a1999-11-11 17:57:39 +110020#include <stdarg.h> /* For va_list */
Damien Miller6dbfef62000-11-29 13:51:06 +110021#include <syslog.h> /* For LOG_AUTH and friends */
Damien Miller34132e52000-01-14 15:45:46 +110022#include <sys/socket.h> /* For struct sockaddr_storage */
Damien Miller3c027682001-03-14 11:39:45 +110023#include "openbsd-compat/fake-socket.h" /* For struct sockaddr_storage */
Damien Miller365199d1999-12-22 00:12:38 +110024#ifdef HAVE_SYS_SELECT_H
25# include <sys/select.h>
26#endif
Ben Lindstrom226cfa02001-01-22 05:34:40 +000027
Damien Millerd4a8b7e1999-10-27 13:42:43 +100028/* Cipher used for encrypting authentication files. */
29#define SSH_AUTHFILE_CIPHER SSH_CIPHER_3DES
30
31/* Default port number. */
32#define SSH_DEFAULT_PORT 22
33
34/* Maximum number of TCP/IP ports forwarded per direction. */
35#define SSH_MAX_FORWARDS_PER_DIRECTION 100
36
Damien Miller5428f641999-11-25 11:54:57 +110037/*
38 * Maximum number of RSA authentication identity files that can be specified
39 * in configuration files or on the command line.
40 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100041#define SSH_MAX_IDENTITY_FILES 100
42
Damien Miller5428f641999-11-25 11:54:57 +110043/*
Ben Lindstrom2e14bc72002-06-06 20:56:07 +000044 * Major protocol version. Different version indicates major incompatibility
Damien Miller5428f641999-11-25 11:54:57 +110045 * that prevents communication.
Damien Miller78928792000-04-12 20:17:38 +100046 *
Damien Miller5428f641999-11-25 11:54:57 +110047 * Minor protocol version. Different version indicates minor incompatibility
48 * that does not prevent interoperation.
49 */
Damien Miller78928792000-04-12 20:17:38 +100050#define PROTOCOL_MAJOR_1 1
51#define PROTOCOL_MINOR_1 5
52
53/* We support both SSH1 and SSH2 */
54#define PROTOCOL_MAJOR_2 2
55#define PROTOCOL_MINOR_2 0
Damien Millerd4a8b7e1999-10-27 13:42:43 +100056
Damien Miller5428f641999-11-25 11:54:57 +110057/*
58 * Name for the service. The port named by this service overrides the
59 * default port if present.
60 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100061#define SSH_SERVICE_NAME "ssh"
62
Damien Miller5428f641999-11-25 11:54:57 +110063/*
Ben Lindstrom5590aa52002-06-23 00:30:30 +000064 * Name of the environment variable containing the process ID of the
65 * authentication agent.
Damien Miller5428f641999-11-25 11:54:57 +110066 */
Kevin Steves28a7f262001-02-05 15:43:59 +000067#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100068
Damien Miller5428f641999-11-25 11:54:57 +110069/*
70 * Name of the environment variable containing the pathname of the
71 * authentication socket.
72 */
Ben Lindstrom226cfa02001-01-22 05:34:40 +000073#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100074
Damien Miller5428f641999-11-25 11:54:57 +110075/*
Ben Lindstrom226cfa02001-01-22 05:34:40 +000076 * Environment variable for overwriting the default location of askpass
Damien Miller5428f641999-11-25 11:54:57 +110077 */
Damien Milleraae6c611999-12-06 11:47:28 +110078#define SSH_ASKPASS_ENV "SSH_ASKPASS"
79
80/*
Damien Miller5428f641999-11-25 11:54:57 +110081 * Force host key length and server key length to differ by at least this
82 * many bits. This is to make double encryption with rsaref work.
83 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100084#define SSH_KEY_BITS_RESERVED 128
85
Damien Miller5428f641999-11-25 11:54:57 +110086/*
87 * Length of the session key in bytes. (Specified as 256 bits in the
88 * protocol.)
89 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100090#define SSH_SESSION_KEY_LENGTH 32
91
92/* Name of Kerberos service for SSH to use. */
93#define KRB4_SERVICE_NAME "rcmd"
94
Ben Lindstrom2b1f71b2001-06-05 20:32:21 +000095/* Used to identify ``EscapeChar none'' */
96#define SSH_ESCAPECHAR_NONE -2
97
Ben Lindstromc7431342002-03-22 03:11:49 +000098/*
99 * unprivileged user when UsePrivilegeSeparation=yes;
Ben Lindstrom966bfda2002-05-15 16:09:57 +0000100 * sshd will change its privileges to this user and its
Ben Lindstromc7431342002-03-22 03:11:49 +0000101 * primary group.
102 */
Kevin Steves7ff91122002-04-07 19:22:54 +0000103#ifndef SSH_PRIVSEP_USER
Ben Lindstrom973be002002-05-15 16:08:48 +0000104#define SSH_PRIVSEP_USER "sshd"
Kevin Steves7ff91122002-04-07 19:22:54 +0000105#endif
Ben Lindstromc7431342002-03-22 03:11:49 +0000106
Ben Lindstrom03f39322002-04-02 20:43:11 +0000107/* Minimum modulus size (n) for RSA keys. */
108#define SSH_RSA_MINIMUM_MODULUS_SIZE 768
109
Damien Miller95def091999-11-25 00:26:21 +1100110#endif /* SSH_H */