Annotation of src/usr.bin/ssh/README.openssh2, Revision 1.3
1.3 ! markus 1: $Id: README.openssh2,v 1.2 2000/04/06 21:28:22 markus Exp $
! 2:
! 3: howto:
! 4: 1) generate server key:
! 5: $ umask 077
! 6: $ openssl dsaparam 1024 -out dsa1024.pem
! 7: $ openssl gendsa -out /etc/ssh_dsa_key dsa1024.pem -rand /dev/arandom
! 8: 2) enable ssh2:
! 9: server: add 'Protocol 2,1' to /etc/sshd_config
! 10: client: ssh -o 'Protocol 2,1', or add to .ssh/config
1.1 markus 11:
12: works:
13: secsh-transport: works w/o rekey
14: proposal exchange, i.e. different enc/mac/comp per direction
15: encryption: blowfish-cbc, 3des-cbc, arcfour, cast128-cbc
16: mac: hmac-md5, hmac-sha1, (hmac-ripemd160)
17: compression: zlib, none
18: secsh-userauth: passwd only
19: secsh-connection: pty+shell or command, flow control works (window adjust)
20: tcp-forwarding: -L works
21: dss: verification works,
22: key database in ~/.ssh/known_hosts with bits == 0 hack
1.3 ! markus 23: dss: signature works, keygen w/ openssl
1.1 markus 24: client interops w/ sshd2, lshd
25: server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT
26: server supports multiple concurrent sessions (e.g. with SSH.com Windows client)
27: todo:
28: re-keying
29: secsh-connection features:
30: tcp-forwarding, agent-fwd, x11-fwd
31: auth other than passwd:
32: pubkey, keyboard-interactive
33: config
34: server-auth w/ old host-keys
35: cleanup
36: advanced key storage?
37: keynote
38: sftp
39:
40: -markus
1.3 ! markus 41: $Date: 2000/04/06 21:28:22 $