| version 1.102.2.2, 2004/03/04 18:18:16 |
version 1.103, 2003/04/01 10:10:23 |
|
|
| Host fascist.blob.com |
Host fascist.blob.com |
| Port 23123 |
Port 23123 |
| User tylonen |
User tylonen |
| |
RhostsAuthentication no |
| PasswordAuthentication no |
PasswordAuthentication no |
| |
|
| Host puukko.hut.fi |
Host puukko.hut.fi |
|
|
| Host * |
Host * |
| ForwardAgent no |
ForwardAgent no |
| ForwardX11 no |
ForwardX11 no |
| |
RhostsAuthentication yes |
| PasswordAuthentication yes |
PasswordAuthentication yes |
| RSAAuthentication yes |
RSAAuthentication yes |
| RhostsRSAAuthentication yes |
RhostsRSAAuthentication yes |
| StrictHostKeyChecking yes |
StrictHostKeyChecking yes |
| TcpKeepAlive no |
KeepAlives no |
| IdentityFile ~/.ssh/identity |
IdentityFile ~/.ssh/identity |
| Port 22 |
Port 22 |
| EscapeChar ~ |
EscapeChar ~ |
|
|
| |
|
| typedef enum { |
typedef enum { |
| oBadOption, |
oBadOption, |
| oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, |
oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication, |
| oPasswordAuthentication, oRSAAuthentication, |
oPasswordAuthentication, oRSAAuthentication, |
| oChallengeResponseAuthentication, oXAuthLocation, |
oChallengeResponseAuthentication, oXAuthLocation, |
| |
#if defined(KRB4) || defined(KRB5) |
| |
oKerberosAuthentication, |
| |
#endif |
| |
#if defined(AFS) || defined(KRB5) |
| |
oKerberosTgtPassing, |
| |
#endif |
| |
#ifdef AFS |
| |
oAFSTokenPassing, |
| |
#endif |
| oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
| oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, |
oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, |
| oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, |
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, |
| oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, |
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, |
| oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts, |
oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, |
| oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, |
oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, |
| oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, |
oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, |
| oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, |
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, |
| oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, |
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, |
| oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, |
oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, |
| oClearAllForwardings, oNoHostAuthenticationForLocalhost, |
oClearAllForwardings, oNoHostAuthenticationForLocalhost, |
| oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
oEnableSSHKeysign, oRekeyLimit, |
| oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
oDeprecated |
| oServerAliveInterval, oServerAliveCountMax, |
|
| oDeprecated, oUnsupported |
|
| } OpCodes; |
} OpCodes; |
| |
|
| /* Textual representations of the tokens. */ |
/* Textual representations of the tokens. */ |
|
|
| } keywords[] = { |
} keywords[] = { |
| { "forwardagent", oForwardAgent }, |
{ "forwardagent", oForwardAgent }, |
| { "forwardx11", oForwardX11 }, |
{ "forwardx11", oForwardX11 }, |
| { "forwardx11trusted", oForwardX11Trusted }, |
|
| { "xauthlocation", oXAuthLocation }, |
{ "xauthlocation", oXAuthLocation }, |
| { "gatewayports", oGatewayPorts }, |
{ "gatewayports", oGatewayPorts }, |
| { "useprivilegedport", oUsePrivilegedPort }, |
{ "useprivilegedport", oUsePrivilegedPort }, |
| { "rhostsauthentication", oDeprecated }, |
{ "rhostsauthentication", oRhostsAuthentication }, |
| { "passwordauthentication", oPasswordAuthentication }, |
{ "passwordauthentication", oPasswordAuthentication }, |
| { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, |
{ "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, |
| { "kbdinteractivedevices", oKbdInteractiveDevices }, |
{ "kbdinteractivedevices", oKbdInteractiveDevices }, |
|
|
| { "challengeresponseauthentication", oChallengeResponseAuthentication }, |
{ "challengeresponseauthentication", oChallengeResponseAuthentication }, |
| { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ |
{ "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ |
| { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ |
{ "tisauthentication", oChallengeResponseAuthentication }, /* alias */ |
| { "kerberosauthentication", oUnsupported }, |
#if defined(KRB4) || defined(KRB5) |
| { "kerberostgtpassing", oUnsupported }, |
{ "kerberosauthentication", oKerberosAuthentication }, |
| { "afstokenpassing", oUnsupported }, |
|
| #if defined(GSSAPI) |
|
| { "gssapiauthentication", oGssAuthentication }, |
|
| { "gssapidelegatecredentials", oGssDelegateCreds }, |
|
| #else |
|
| { "gssapiauthentication", oUnsupported }, |
|
| { "gssapidelegatecredentials", oUnsupported }, |
|
| #endif |
#endif |
| |
#if defined(AFS) || defined(KRB5) |
| |
{ "kerberostgtpassing", oKerberosTgtPassing }, |
| |
#endif |
| |
#ifdef AFS |
| |
{ "afstokenpassing", oAFSTokenPassing }, |
| |
#endif |
| { "fallbacktorsh", oDeprecated }, |
{ "fallbacktorsh", oDeprecated }, |
| { "usersh", oDeprecated }, |
{ "usersh", oDeprecated }, |
| { "identityfile", oIdentityFile }, |
{ "identityfile", oIdentityFile }, |
|
|
| { "stricthostkeychecking", oStrictHostKeyChecking }, |
{ "stricthostkeychecking", oStrictHostKeyChecking }, |
| { "compression", oCompression }, |
{ "compression", oCompression }, |
| { "compressionlevel", oCompressionLevel }, |
{ "compressionlevel", oCompressionLevel }, |
| { "tcpkeepalive", oTCPKeepAlive }, |
{ "keepalive", oKeepAlives }, |
| { "keepalive", oTCPKeepAlive }, /* obsolete */ |
|
| { "numberofpasswordprompts", oNumberOfPasswordPrompts }, |
{ "numberofpasswordprompts", oNumberOfPasswordPrompts }, |
| { "loglevel", oLogLevel }, |
{ "loglevel", oLogLevel }, |
| { "dynamicforward", oDynamicForward }, |
{ "dynamicforward", oDynamicForward }, |
| { "preferredauthentications", oPreferredAuthentications }, |
{ "preferredauthentications", oPreferredAuthentications }, |
| { "hostkeyalgorithms", oHostKeyAlgorithms }, |
{ "hostkeyalgorithms", oHostKeyAlgorithms }, |
| { "bindaddress", oBindAddress }, |
{ "bindaddress", oBindAddress }, |
| #ifdef SMARTCARD |
|
| { "smartcarddevice", oSmartcardDevice }, |
{ "smartcarddevice", oSmartcardDevice }, |
| #else |
|
| { "smartcarddevice", oUnsupported }, |
|
| #endif |
|
| { "clearallforwardings", oClearAllForwardings }, |
{ "clearallforwardings", oClearAllForwardings }, |
| { "enablesshkeysign", oEnableSSHKeysign }, |
{ "enablesshkeysign", oEnableSSHKeysign }, |
| { "verifyhostkeydns", oVerifyHostKeyDNS }, |
|
| { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, |
{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, |
| { "rekeylimit", oRekeyLimit }, |
{ "rekeylimit", oRekeyLimit }, |
| { "connecttimeout", oConnectTimeout }, |
|
| { "addressfamily", oAddressFamily }, |
|
| { "serveraliveinterval", oServerAliveInterval }, |
|
| { "serveralivecountmax", oServerAliveCountMax }, |
|
| { NULL, oBadOption } |
{ NULL, oBadOption } |
| }; |
}; |
| |
|
|
|
| u_short fwd_port, fwd_host_port; |
u_short fwd_port, fwd_host_port; |
| char sfwd_host_port[6]; |
char sfwd_host_port[6]; |
| |
|
| /* Strip trailing whitespace */ |
|
| for(len = strlen(line) - 1; len > 0; len--) { |
|
| if (strchr(WHITESPACE, line[len]) == NULL) |
|
| break; |
|
| line[len] = '\0'; |
|
| } |
|
| |
|
| s = line; |
s = line; |
| /* Get the keyword. (Each line is supposed to begin with a keyword). */ |
/* Get the keyword. (Each line is supposed to begin with a keyword). */ |
| keyword = strdelim(&s); |
keyword = strdelim(&s); |
|
|
| /* don't panic, but count bad options */ |
/* don't panic, but count bad options */ |
| return -1; |
return -1; |
| /* NOTREACHED */ |
/* NOTREACHED */ |
| case oConnectTimeout: |
|
| intptr = &options->connection_timeout; |
|
| parse_time: |
|
| arg = strdelim(&s); |
|
| if (!arg || *arg == '\0') |
|
| fatal("%s line %d: missing time value.", |
|
| filename, linenum); |
|
| if ((value = convtime(arg)) == -1) |
|
| fatal("%s line %d: invalid time value.", |
|
| filename, linenum); |
|
| if (*intptr == -1) |
|
| *intptr = value; |
|
| break; |
|
| |
|
| case oForwardAgent: |
case oForwardAgent: |
| intptr = &options->forward_agent; |
intptr = &options->forward_agent; |
| parse_flag: |
parse_flag: |
|
|
| intptr = &options->forward_x11; |
intptr = &options->forward_x11; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| case oForwardX11Trusted: |
|
| intptr = &options->forward_x11_trusted; |
|
| goto parse_flag; |
|
| |
|
| case oGatewayPorts: |
case oGatewayPorts: |
| intptr = &options->gateway_ports; |
intptr = &options->gateway_ports; |
| goto parse_flag; |
goto parse_flag; |
|
|
| intptr = &options->use_privileged_port; |
intptr = &options->use_privileged_port; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| |
case oRhostsAuthentication: |
| |
intptr = &options->rhosts_authentication; |
| |
goto parse_flag; |
| |
|
| case oPasswordAuthentication: |
case oPasswordAuthentication: |
| intptr = &options->password_authentication; |
intptr = &options->password_authentication; |
| goto parse_flag; |
goto parse_flag; |
|
|
| case oChallengeResponseAuthentication: |
case oChallengeResponseAuthentication: |
| intptr = &options->challenge_response_authentication; |
intptr = &options->challenge_response_authentication; |
| goto parse_flag; |
goto parse_flag; |
| |
#if defined(KRB4) || defined(KRB5) |
| case oGssAuthentication: |
case oKerberosAuthentication: |
| intptr = &options->gss_authentication; |
intptr = &options->kerberos_authentication; |
| goto parse_flag; |
goto parse_flag; |
| |
#endif |
| case oGssDelegateCreds: |
#if defined(AFS) || defined(KRB5) |
| intptr = &options->gss_deleg_creds; |
case oKerberosTgtPassing: |
| |
intptr = &options->kerberos_tgt_passing; |
| goto parse_flag; |
goto parse_flag; |
| |
#endif |
| |
#ifdef AFS |
| |
case oAFSTokenPassing: |
| |
intptr = &options->afs_token_passing; |
| |
goto parse_flag; |
| |
#endif |
| case oBatchMode: |
case oBatchMode: |
| intptr = &options->batch_mode; |
intptr = &options->batch_mode; |
| goto parse_flag; |
goto parse_flag; |
|
|
| intptr = &options->check_host_ip; |
intptr = &options->check_host_ip; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| case oVerifyHostKeyDNS: |
|
| intptr = &options->verify_host_key_dns; |
|
| goto parse_yesnoask; |
|
| |
|
| case oStrictHostKeyChecking: |
case oStrictHostKeyChecking: |
| intptr = &options->strict_host_key_checking; |
intptr = &options->strict_host_key_checking; |
| parse_yesnoask: |
|
| arg = strdelim(&s); |
arg = strdelim(&s); |
| if (!arg || *arg == '\0') |
if (!arg || *arg == '\0') |
| fatal("%.200s line %d: Missing yes/no/ask argument.", |
fatal("%.200s line %d: Missing yes/no/ask argument.", |
|
|
| intptr = &options->compression; |
intptr = &options->compression; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| case oTCPKeepAlive: |
case oKeepAlives: |
| intptr = &options->tcp_keep_alive; |
intptr = &options->keepalives; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| case oNoHostAuthenticationForLocalhost: |
case oNoHostAuthenticationForLocalhost: |
|
|
| goto parse_string; |
goto parse_string; |
| |
|
| case oProxyCommand: |
case oProxyCommand: |
| if (s == NULL) |
|
| fatal("%.200s line %d: Missing argument.", filename, linenum); |
|
| charptr = &options->proxy_command; |
charptr = &options->proxy_command; |
| len = strspn(s, WHITESPACE "="); |
len = strspn(s, WHITESPACE "="); |
| if (*activep && *charptr == NULL) |
if (*activep && *charptr == NULL) |
|
|
| fatal("%.200s line %d: Badly formatted port number.", |
fatal("%.200s line %d: Badly formatted port number.", |
| filename, linenum); |
filename, linenum); |
| if (*activep) |
if (*activep) |
| add_local_forward(options, fwd_port, "socks", 0); |
add_local_forward(options, fwd_port, "socks4", 0); |
| break; |
break; |
| |
|
| case oClearAllForwardings: |
case oClearAllForwardings: |
|
|
| *intptr = value; |
*intptr = value; |
| break; |
break; |
| |
|
| case oAddressFamily: |
|
| arg = strdelim(&s); |
|
| intptr = &options->address_family; |
|
| if (strcasecmp(arg, "inet") == 0) |
|
| value = AF_INET; |
|
| else if (strcasecmp(arg, "inet6") == 0) |
|
| value = AF_INET6; |
|
| else if (strcasecmp(arg, "any") == 0) |
|
| value = AF_UNSPEC; |
|
| else |
|
| fatal("Unsupported AddressFamily \"%s\"", arg); |
|
| if (*activep && *intptr == -1) |
|
| *intptr = value; |
|
| break; |
|
| |
|
| case oEnableSSHKeysign: |
case oEnableSSHKeysign: |
| intptr = &options->enable_ssh_keysign; |
intptr = &options->enable_ssh_keysign; |
| goto parse_flag; |
goto parse_flag; |
| |
|
| case oServerAliveInterval: |
|
| intptr = &options->server_alive_interval; |
|
| goto parse_time; |
|
| |
|
| case oServerAliveCountMax: |
|
| intptr = &options->server_alive_count_max; |
|
| goto parse_int; |
|
| |
|
| case oDeprecated: |
case oDeprecated: |
| debug("%s line %d: Deprecated option \"%s\"", |
debug("%s line %d: Deprecated option \"%s\"", |
| filename, linenum, keyword); |
filename, linenum, keyword); |
| return 0; |
return 0; |
| |
|
| case oUnsupported: |
|
| error("%s line %d: Unsupported option \"%s\"", |
|
| filename, linenum, keyword); |
|
| return 0; |
|
| |
|
| default: |
default: |
| fatal("process_config_line: Unimplemented opcode %d", opcode); |
fatal("process_config_line: Unimplemented opcode %d", opcode); |
| } |
} |
|
|
| memset(options, 'X', sizeof(*options)); |
memset(options, 'X', sizeof(*options)); |
| options->forward_agent = -1; |
options->forward_agent = -1; |
| options->forward_x11 = -1; |
options->forward_x11 = -1; |
| options->forward_x11_trusted = -1; |
|
| options->xauth_location = NULL; |
options->xauth_location = NULL; |
| options->gateway_ports = -1; |
options->gateway_ports = -1; |
| options->use_privileged_port = -1; |
options->use_privileged_port = -1; |
| |
options->rhosts_authentication = -1; |
| options->rsa_authentication = -1; |
options->rsa_authentication = -1; |
| options->pubkey_authentication = -1; |
options->pubkey_authentication = -1; |
| options->challenge_response_authentication = -1; |
options->challenge_response_authentication = -1; |
| options->gss_authentication = -1; |
#if defined(KRB4) || defined(KRB5) |
| options->gss_deleg_creds = -1; |
options->kerberos_authentication = -1; |
| |
#endif |
| |
#if defined(AFS) || defined(KRB5) |
| |
options->kerberos_tgt_passing = -1; |
| |
#endif |
| |
#ifdef AFS |
| |
options->afs_token_passing = -1; |
| |
#endif |
| options->password_authentication = -1; |
options->password_authentication = -1; |
| options->kbd_interactive_authentication = -1; |
options->kbd_interactive_authentication = -1; |
| options->kbd_interactive_devices = NULL; |
options->kbd_interactive_devices = NULL; |
|
|
| options->check_host_ip = -1; |
options->check_host_ip = -1; |
| options->strict_host_key_checking = -1; |
options->strict_host_key_checking = -1; |
| options->compression = -1; |
options->compression = -1; |
| options->tcp_keep_alive = -1; |
options->keepalives = -1; |
| options->compression_level = -1; |
options->compression_level = -1; |
| options->port = -1; |
options->port = -1; |
| options->address_family = -1; |
|
| options->connection_attempts = -1; |
options->connection_attempts = -1; |
| options->connection_timeout = -1; |
|
| options->number_of_password_prompts = -1; |
options->number_of_password_prompts = -1; |
| options->cipher = -1; |
options->cipher = -1; |
| options->ciphers = NULL; |
options->ciphers = NULL; |
|
|
| options->enable_ssh_keysign = - 1; |
options->enable_ssh_keysign = - 1; |
| options->no_host_authentication_for_localhost = - 1; |
options->no_host_authentication_for_localhost = - 1; |
| options->rekey_limit = - 1; |
options->rekey_limit = - 1; |
| options->verify_host_key_dns = -1; |
|
| options->server_alive_interval = -1; |
|
| options->server_alive_count_max = -1; |
|
| } |
} |
| |
|
| /* |
/* |
|
|
| options->forward_agent = 0; |
options->forward_agent = 0; |
| if (options->forward_x11 == -1) |
if (options->forward_x11 == -1) |
| options->forward_x11 = 0; |
options->forward_x11 = 0; |
| if (options->forward_x11_trusted == -1) |
|
| options->forward_x11_trusted = 0; |
|
| if (options->xauth_location == NULL) |
if (options->xauth_location == NULL) |
| options->xauth_location = _PATH_XAUTH; |
options->xauth_location = _PATH_XAUTH; |
| if (options->gateway_ports == -1) |
if (options->gateway_ports == -1) |
| options->gateway_ports = 0; |
options->gateway_ports = 0; |
| if (options->use_privileged_port == -1) |
if (options->use_privileged_port == -1) |
| options->use_privileged_port = 0; |
options->use_privileged_port = 0; |
| |
if (options->rhosts_authentication == -1) |
| |
options->rhosts_authentication = 0; |
| if (options->rsa_authentication == -1) |
if (options->rsa_authentication == -1) |
| options->rsa_authentication = 1; |
options->rsa_authentication = 1; |
| if (options->pubkey_authentication == -1) |
if (options->pubkey_authentication == -1) |
| options->pubkey_authentication = 1; |
options->pubkey_authentication = 1; |
| if (options->challenge_response_authentication == -1) |
if (options->challenge_response_authentication == -1) |
| options->challenge_response_authentication = 1; |
options->challenge_response_authentication = 1; |
| if (options->gss_authentication == -1) |
#if defined(KRB4) || defined(KRB5) |
| options->gss_authentication = 0; |
if (options->kerberos_authentication == -1) |
| if (options->gss_deleg_creds == -1) |
options->kerberos_authentication = 1; |
| options->gss_deleg_creds = 0; |
#endif |
| |
#if defined(AFS) || defined(KRB5) |
| |
if (options->kerberos_tgt_passing == -1) |
| |
options->kerberos_tgt_passing = 1; |
| |
#endif |
| |
#ifdef AFS |
| |
if (options->afs_token_passing == -1) |
| |
options->afs_token_passing = 1; |
| |
#endif |
| if (options->password_authentication == -1) |
if (options->password_authentication == -1) |
| options->password_authentication = 1; |
options->password_authentication = 1; |
| if (options->kbd_interactive_authentication == -1) |
if (options->kbd_interactive_authentication == -1) |
|
|
| options->strict_host_key_checking = 2; /* 2 is default */ |
options->strict_host_key_checking = 2; /* 2 is default */ |
| if (options->compression == -1) |
if (options->compression == -1) |
| options->compression = 0; |
options->compression = 0; |
| if (options->tcp_keep_alive == -1) |
if (options->keepalives == -1) |
| options->tcp_keep_alive = 1; |
options->keepalives = 1; |
| if (options->compression_level == -1) |
if (options->compression_level == -1) |
| options->compression_level = 6; |
options->compression_level = 6; |
| if (options->port == -1) |
if (options->port == -1) |
| options->port = 0; /* Filled in ssh_connect. */ |
options->port = 0; /* Filled in ssh_connect. */ |
| if (options->address_family == -1) |
|
| options->address_family = AF_UNSPEC; |
|
| if (options->connection_attempts == -1) |
if (options->connection_attempts == -1) |
| options->connection_attempts = 1; |
options->connection_attempts = 1; |
| if (options->number_of_password_prompts == -1) |
if (options->number_of_password_prompts == -1) |
|
|
| options->enable_ssh_keysign = 0; |
options->enable_ssh_keysign = 0; |
| if (options->rekey_limit == -1) |
if (options->rekey_limit == -1) |
| options->rekey_limit = 0; |
options->rekey_limit = 0; |
| if (options->verify_host_key_dns == -1) |
|
| options->verify_host_key_dns = 0; |
|
| if (options->server_alive_interval == -1) |
|
| options->server_alive_interval = 0; |
|
| if (options->server_alive_count_max == -1) |
|
| options->server_alive_count_max = 3; |
|
| /* options->proxy_command should not be set by default */ |
/* options->proxy_command should not be set by default */ |
| /* options->user will be set in the main program if appropriate */ |
/* options->user will be set in the main program if appropriate */ |
| /* options->hostname will be set in the main program if appropriate */ |
/* options->hostname will be set in the main program if appropriate */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to readconf.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh