Damien Miller | 1787252 | 2000-02-02 20:56:20 +1100 | [diff] [blame] | 1 | [ A Japanese translation of this document is available at |
| 2 | [ http://www.unixuser.org/%7Eharuyama/security/openssh/index.html |
| 3 | [ Thanks to HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
| 4 | |
Damien Miller | 5a88b6e | 2000-03-07 22:40:57 +1100 | [diff] [blame] | 5 | ******* IMPORTANT |
| 6 | * On systmes which lack a /dev/random driver, this port of |
| 7 | * OpenSSH-1.2.2 was not correctly seeding OpenSSL's random number |
| 8 | * pool. This resulted in lower quality RSA keys being generated. If |
| 9 | * you generated host or user keys with v1.2.2, please generate new |
| 10 | * ones using a more recent version. |
| 11 | |
Damien Miller | 5bbbd36 | 1999-11-19 07:56:21 +1100 | [diff] [blame] | 12 | This is the port of OpenBSD's excellent OpenSSH to Linux and other |
| 13 | Unices. |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 14 | |
Damien Miller | 5ffa644 | 1999-10-30 11:30:35 +1000 | [diff] [blame] | 15 | OpenSSH is based on the last free version of Tatu Ylonen's SSH with |
Damien Miller | f20c2aa | 2000-01-06 20:28:41 +1100 | [diff] [blame] | 16 | all patent-encumbered algorithms removed (to external libraries), all |
| 17 | known security bugs fixed, new features reintroduced and many other |
| 18 | clean-ups. More information about SSH itself can be found in the file |
| 19 | README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck, |
| 20 | Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a |
| 21 | homepage at http://www.openssh.com/ |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 22 | |
Damien Miller | 56825a1 | 1999-11-11 10:50:04 +1100 | [diff] [blame] | 23 | This port consists of the re-introduction of autoconf support, PAM |
Damien Miller | f20c2aa | 2000-01-06 20:28:41 +1100 | [diff] [blame] | 24 | support (for Linux and Solaris), EGD[1] support, SOCKS support (using |
| 25 | the Dante [6] libraries and replacements for OpenBSD library functions |
| 26 | that are (regrettably) absent from other unices. This port has been |
| 27 | best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX, |
| 28 | SCO, NeXT and other Unices is underway. This version actively tracks |
| 29 | changes in the OpenBSD CVS repository. |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 30 | |
Damien Miller | 5ffa644 | 1999-10-30 11:30:35 +1000 | [diff] [blame] | 31 | The PAM support is now more functional than the popular packages of |
| 32 | commercial ssh-1.2.x. It checks "account" and "session" modules for |
Damien Miller | 7df20e2 | 1999-11-12 16:06:47 +1100 | [diff] [blame] | 33 | all logins, not just when using password authentication. |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 34 | |
Damien Miller | 8bdeee2 | 1999-12-30 15:50:54 +1100 | [diff] [blame] | 35 | OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4] and |
| 36 | Dante[6]. To build the GNOME[5] pass-phrase requester |
| 37 | (--with-gnome-askpass), you will need the GNOME libraries installed. |
| 38 | If you are building OpenSSH on a Unix which lacks a kernel random |
| 39 | number pool (/dev/random), you will need to install EGD[1]. |
Damien Miller | 74389c9 | 1999-11-09 15:03:01 +1100 | [diff] [blame] | 40 | |
Damien Miller | f20c2aa | 2000-01-06 20:28:41 +1100 | [diff] [blame] | 41 | There is now several mailing lists for this port of OpenSSH. Please |
| 42 | refer to http://violet.ibs.com.au/openssh/list.html for details on how |
| 43 | to join. |
Damien Miller | a419528 | 1999-11-12 14:11:10 +1100 | [diff] [blame] | 44 | |
Damien Miller | f20c2aa | 2000-01-06 20:28:41 +1100 | [diff] [blame] | 45 | Please send bug reports and patches to the mailing list |
| 46 | openssh-unix-dev@mindrot.org. The list is currently open to posting by |
| 47 | unsubscribed users. |
Damien Miller | 6ae00d6 | 1999-12-14 15:43:03 +1100 | [diff] [blame] | 48 | |
Damien Miller | b5f8927 | 1999-11-12 14:35:58 +1100 | [diff] [blame] | 49 | Please refer to the INSTALL document for information on how to install |
Damien Miller | f20c2aa | 2000-01-06 20:28:41 +1100 | [diff] [blame] | 50 | OpenSSH on your system. The UPGRADING document details differences |
| 51 | between this port of OpenSSH and F-Secure SSH 1.x. |
Damien Miller | 7df20e2 | 1999-11-12 16:06:47 +1100 | [diff] [blame] | 52 | |
Damien Miller | 5ffa644 | 1999-10-30 11:30:35 +1000 | [diff] [blame] | 53 | Damien Miller <djm@ibs.com.au> |
| 54 | Internet Business Solutions |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 55 | |
Damien Miller | 5ffa644 | 1999-10-30 11:30:35 +1000 | [diff] [blame] | 56 | Miscellania - |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 57 | |
Damien Miller | 5ffa644 | 1999-10-30 11:30:35 +1000 | [diff] [blame] | 58 | This version of SSH is based upon code retrieved from the OpenBSD CVS |
Damien Miller | f20c2aa | 2000-01-06 20:28:41 +1100 | [diff] [blame] | 59 | repository which in turn was based on the last free |
Damien Miller | a5cec58 | 1999-11-09 15:05:11 +1100 | [diff] [blame] | 60 | version of SSH released by Tatu Ylonen. |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 61 | |
Damien Miller | 356a0b0 | 1999-11-08 15:30:59 +1100 | [diff] [blame] | 62 | References - |
| 63 | |
Damien Miller | 56825a1 | 1999-11-11 10:50:04 +1100 | [diff] [blame] | 64 | [1] http://www.lothar.com/tech/crypto/ |
| 65 | [2] http://www.cdrom.com/pub/infozip/zlib/ |
| 66 | [3] http://www.openssl.org/ |
| 67 | [4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris) |
| 68 | [5] http://www.gnome.org/ |
Damien Miller | 8bdeee2 | 1999-12-30 15:50:54 +1100 | [diff] [blame] | 69 | [6] http://www.inet.no/dante |
Damien Miller | a5cec58 | 1999-11-09 15:05:11 +1100 | [diff] [blame] | 70 | |