Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 570c2ab1b619ea36a06bfbf21d88a82683cc4213 / . / ssh.h
blob: 186cfff9642f064cc0d048557cbe1a24a561a061 [file] [log] [blame]
Damien Millerd7834352006-08-05 12:39:39 +1000[diff] [blame]1/* $OpenBSD: ssh.h,v 1.78 2006/08/03 03:34:42 deraadt Exp $ */
Ben Lindstrom05764b92002-03-05 01:53:02 +0000[diff] [blame]2
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]3/*
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]5 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 * All rights reserved
Damien Miller4af51302000-04-16 11:18:38 +1000[diff] [blame]7 *
Damien Millere4340be2000-09-16 13:29:08 +1100[diff] [blame]8 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose. Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is
11 * incompatible with the protocol description in the RFC file, it must be
12 * called by a name other than "ssh" or "Secure Shell".
Damien Miller95def091999-11-25 00:26:21 +1100[diff] [blame]13 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]14
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]15/* Cipher used for encrypting authentication files. */
16#define SSH_AUTHFILE_CIPHER SSH_CIPHER_3DES
17
18/* Default port number. */
19#define SSH_DEFAULT_PORT 22
20
21/* Maximum number of TCP/IP ports forwarded per direction. */
22#define SSH_MAX_FORWARDS_PER_DIRECTION 100
23
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]24/*
25 * Maximum number of RSA authentication identity files that can be specified
26 * in configuration files or on the command line.
27 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]28#define SSH_MAX_IDENTITY_FILES 100
29
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]30/*
Darren Tucker22cc7412004-12-06 22:47:41 +1100[diff] [blame]31 * Maximum length of lines in authorized_keys file.
32 * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
33 * some room for options and comments.
34 */
35#define SSH_MAX_PUBKEY_BYTES 8192
36
37/*
Ben Lindstrom2e14bc72002-06-06 20:56:07 +0000[diff] [blame]38 * Major protocol version. Different version indicates major incompatibility
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]39 * that prevents communication.
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]40 *
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]41 * Minor protocol version. Different version indicates minor incompatibility
42 * that does not prevent interoperation.
43 */
Damien Miller78928792000-04-12 20:17:38 +1000[diff] [blame]44#define PROTOCOL_MAJOR_1 1
45#define PROTOCOL_MINOR_1 5
46
47/* We support both SSH1 and SSH2 */
48#define PROTOCOL_MAJOR_2 2
49#define PROTOCOL_MINOR_2 0
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]50
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]51/*
52 * Name for the service. The port named by this service overrides the
53 * default port if present.
54 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]55#define SSH_SERVICE_NAME "ssh"
56
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]57/*
Ben Lindstrom5590aa52002-06-23 00:30:30 +0000[diff] [blame]58 * Name of the environment variable containing the process ID of the
59 * authentication agent.
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]60 */
Kevin Steves28a7f262001-02-05 15:43:59 +0000[diff] [blame]61#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]62
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]63/*
64 * Name of the environment variable containing the pathname of the
65 * authentication socket.
66 */
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000[diff] [blame]67#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]68
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]69/*
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000[diff] [blame]70 * Environment variable for overwriting the default location of askpass
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]71 */
Damien Milleraae6c611999-12-06 11:47:28 +1100[diff] [blame]72#define SSH_ASKPASS_ENV "SSH_ASKPASS"
73
74/*
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]75 * Force host key length and server key length to differ by at least this
76 * many bits. This is to make double encryption with rsaref work.
77 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]78#define SSH_KEY_BITS_RESERVED 128
79
Damien Miller5428f641999-11-25 11:54:57 +1100[diff] [blame]80/*
81 * Length of the session key in bytes. (Specified as 256 bits in the
82 * protocol.)
83 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]84#define SSH_SESSION_KEY_LENGTH 32
85
Ben Lindstrom2b1f71b2001-06-05 20:32:21 +0000[diff] [blame]86/* Used to identify ``EscapeChar none'' */
87#define SSH_ESCAPECHAR_NONE -2
88
Ben Lindstromc7431342002-03-22 03:11:49 +0000[diff] [blame]89/*
90 * unprivileged user when UsePrivilegeSeparation=yes;
Ben Lindstrom966bfda2002-05-15 16:09:57 +0000[diff] [blame]91 * sshd will change its privileges to this user and its
Ben Lindstromc7431342002-03-22 03:11:49 +0000[diff] [blame]92 * primary group.
93 */
Kevin Steves7ff91122002-04-07 19:22:54 +0000[diff] [blame]94#ifndef SSH_PRIVSEP_USER
Ben Lindstrom973be002002-05-15 16:08:48 +0000[diff] [blame]95#define SSH_PRIVSEP_USER "sshd"
Kevin Steves7ff91122002-04-07 19:22:54 +0000[diff] [blame]96#endif
Ben Lindstromc7431342002-03-22 03:11:49 +0000[diff] [blame]97
Ben Lindstrom03f39322002-04-02 20:43:11 +0000[diff] [blame]98/* Minimum modulus size (n) for RSA keys. */
99#define SSH_RSA_MINIMUM_MODULUS_SIZE 768
100
Darren Tucker3175eb92003-12-09 19:15:11 +1100[diff] [blame]101/* Listen backlog for sshd, ssh-agent and forwarding sockets */
102#define SSH_LISTEN_BACKLOG 128