src/usr.bin/ssh/readconf.c - diff

Return to readconf.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/readconf.c between version 1.49.2.7 and 1.50

version 1.49.2.7, 2002/03/08 17:04:42

version 1.50, 2000/11/12 19:50:37

Line 15

RCSID("$OpenBSD$");

#include "ssh.h"

#include "xmalloc.h"

#include "compat.h"

#include "cipher.h"

#include "pathnames.h"

#include "log.h"

#include "readconf.h"

#include "match.h"

#include "misc.h"

#include "xmalloc.h"

#include "kex.h"

#include "compat.h"

#include "mac.h"

/* Format of the configuration file:

Line 95

Line 89

oBadOption,

oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,

oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,

oChallengeResponseAuthentication, oXAuthLocation,

oSkeyAuthentication, oXAuthLocation,

#if defined(KRB4) || defined(KRB5)

#ifdef KRB4

oKerberosAuthentication,

#endif

#endif /* KRB4 */

#if defined(AFS) || defined(KRB5)

oKerberosTgtPassing,

#endif

#ifdef AFS

oAFSTokenPassing,

oKerberosTgtPassing, oAFSTokenPassing,

#endif

oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,

oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,

oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,

oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,

oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,

oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication,

oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,

oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol,

oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,

oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,

oKbdInteractiveAuthentication, oKbdInteractiveDevices

oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,

oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,

oClearAllForwardings, oNoHostAuthenticationForLocalhost

} OpCodes;

/* Textual representations of the tokens. */

Line 135

Line 123

{ "kbdinteractivedevices", oKbdInteractiveDevices },

{ "rsaauthentication", oRSAAuthentication },

{ "pubkeyauthentication", oPubkeyAuthentication },

{ "dsaauthentication", oPubkeyAuthentication }, /* alias */

{ "rhostsrsaauthentication", oRhostsRSAAuthentication },

{ "skeyauthentication", oSkeyAuthentication },

{ "hostbasedauthentication", oHostbasedAuthentication },

#ifdef KRB4

{ "challengeresponseauthentication", oChallengeResponseAuthentication },

{ "skeyauthentication", oChallengeResponseAuthentication }, /* alias */

{ "tisauthentication", oChallengeResponseAuthentication }, /* alias */

#if defined(KRB4) || defined(KRB5)

{ "kerberosauthentication", oKerberosAuthentication },

#endif

#endif /* KRB4 */

#if defined(AFS) || defined(KRB5)

{ "kerberostgtpassing", oKerberosTgtPassing },

#endif

#ifdef AFS

{ "kerberostgtpassing", oKerberosTgtPassing },

{ "afstokenpassing", oAFSTokenPassing },

#endif

{ "fallbacktorsh", oFallBackToRsh },

Line 155

Line 137

{ "identityfile", oIdentityFile },

{ "identityfile2", oIdentityFile }, /* alias */

{ "hostname", oHostName },

{ "hostkeyalias", oHostKeyAlias },

{ "proxycommand", oProxyCommand },

{ "port", oPort },

{ "cipher", oCipher },

{ "ciphers", oCiphers },

{ "macs", oMacs },

{ "protocol", oProtocol },

{ "remoteforward", oRemoteForward },

{ "localforward", oLocalForward },

{ "user", oUser },

{ "host", oHost },

{ "escapechar", oEscapeChar },

{ "rhostsrsaauthentication", oRhostsRSAAuthentication },

{ "globalknownhostsfile", oGlobalKnownHostsFile },

{ "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */

{ "userknownhostsfile", oUserKnownHostsFile },

{ "globalknownhostsfile2", oGlobalKnownHostsFile2 },

{ "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */

{ "userknownhostsfile2", oUserKnownHostsFile2 },

{ "connectionattempts", oConnectionAttempts },

{ "batchmode", oBatchMode },

{ "checkhostip", oCheckHostIP },

Line 179

Line 160

{ "compressionlevel", oCompressionLevel },

{ "keepalive", oKeepAlives },

{ "numberofpasswordprompts", oNumberOfPasswordPrompts },

{ "tisauthentication", oTISAuthentication },

{ "loglevel", oLogLevel },

{ "dynamicforward", oDynamicForward },

{ NULL, 0 }

{ "preferredauthentications", oPreferredAuthentications },

{ "hostkeyalgorithms", oHostKeyAlgorithms },

{ "bindaddress", oBindAddress },

{ "smartcarddevice", oSmartcardDevice },

{ "clearallforwardings", oClearAllForwardings },

{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },

{ NULL, oBadOption }

};

Line 202

Line 177

Forward *fwd;

extern uid_t original_real_uid;

if (port < IPPORT_RESERVED && original_real_uid != 0)

fatal("Privileged ports can only be forwarded by root.");

fatal("Privileged ports can only be forwarded by root.\n");

if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)

fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);

fwd = &options->local_forwards[options->num_local_forwards++];

Line 223

Line 198

Forward *fwd;

if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)

fatal("Too many remote forwards (max %d).",

SSH_MAX_FORWARDS_PER_DIRECTION);

fwd = &options->remote_forwards[options->num_remote_forwards++];

fwd->port = port;

fwd->host = xstrdup(host);

fwd->host_port = host_port;

}

static void

clear_forwardings(Options *options)

{

int i;

for (i = 0; i < options->num_local_forwards; i++)

xfree(options->local_forwards[i].host);

options->num_local_forwards = 0;

for (i = 0; i < options->num_remote_forwards; i++)

xfree(options->remote_forwards[i].host);

options->num_remote_forwards = 0;

}

* Returns the number of the token pointed to by cp or oBadOption.

* Returns the number of the token pointed to by cp of length len. Never

* returns if the token is not known.

static OpCodes

parse_token(const char *cp, const char *filename, int linenum)

{

u_int i;

unsigned int i;

for (i = 0; keywords[i].name; i++)

if (strcasecmp(cp, keywords[i].name) == 0)

return keywords[i].opcode;

error("%s: line %d: Bad configuration option: %s",

fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",

filename, linenum, cp);

return oBadOption;

}

Line 274

Line 237

char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;

int opcode, *intptr, value;

u_short fwd_port, fwd_host_port;

char sfwd_host_port[6];

s = line;

/* Get the keyword. (Each line is supposed to begin with a keyword). */

Line 282

Line 244

/* Ignore leading whitespace. */

if (*keyword == '\0')

keyword = strdelim(&s);

if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')

if (!*keyword || *keyword == '\n' || *keyword == '#')

return 0;

opcode = parse_token(keyword, filename, linenum);

Line 349

Line 311

intptr = &options->rhosts_rsa_authentication;

goto parse_flag;

case oHostbasedAuthentication:

case oTISAuthentication:

intptr = &options->hostbased_authentication;

/* fallthrough, there is no difference on the client side */

case oSkeyAuthentication:

intptr = &options->skey_authentication;

goto parse_flag;

case oChallengeResponseAuthentication:

#ifdef KRB4

intptr = &options->challenge_response_authentication;

goto parse_flag;

#if defined(KRB4) || defined(KRB5)

case oKerberosAuthentication:

intptr = &options->kerberos_authentication;

goto parse_flag;

#endif

#endif /* KRB4 */

#if defined(AFS) || defined(KRB5)

#ifdef AFS

case oKerberosTgtPassing:

intptr = &options->kerberos_tgt_passing;

goto parse_flag;

#endif

#ifdef AFS

case oAFSTokenPassing:

intptr = &options->afs_token_passing;

goto parse_flag;

#endif

case oFallBackToRsh:

intptr = &options->fallback_to_rsh;

goto parse_flag;

Line 391

Line 353

intptr = &options->strict_host_key_checking;

arg = strdelim(&s);

if (!arg || *arg == '\0')

fatal("%.200s line %d: Missing yes/no/ask argument.",

fatal("%.200s line %d: Missing yes/no argument.",

filename, linenum);

value = 0; /* To avoid compiler warning... */

if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)

value = 1;

Line 414

Line 376

intptr = &options->keepalives;

goto parse_flag;

case oNoHostAuthenticationForLocalhost:

intptr = &options->no_host_authentication_for_localhost;

goto parse_flag;

case oNumberOfPasswordPrompts:

intptr = &options->number_of_password_prompts;

goto parse_int;

Line 434

Line 392

intptr = &options->num_identity_files;

if (*intptr >= SSH_MAX_IDENTITY_FILES)

fatal("%.200s line %d: Too many identity files specified (max %d).",

filename, linenum, SSH_MAX_IDENTITY_FILES);

charptr = &options->identity_files[*intptr];

*charptr = xstrdup(arg);

*intptr = *intptr + 1;

Line 475

Line 433

charptr = &options->hostname;

goto parse_string;

case oHostKeyAlias:

charptr = &options->host_key_alias;

goto parse_string;

case oPreferredAuthentications:

charptr = &options->preferred_authentications;

goto parse_string;

case oBindAddress:

charptr = &options->bind_address;

goto parse_string;

case oSmartcardDevice:

charptr = &options->smartcard_device;

goto parse_string;

case oProxyCommand:

charptr = &options->proxy_command;

string = xstrdup("");

Line 534

Line 476

value = cipher_number(arg);

if (value == -1)

fatal("%.200s line %d: Bad cipher '%s'.",

filename, linenum, arg ? arg : "<NONE>");

if (*activep && *intptr == -1)

*intptr = value;

break;

Line 545

Line 487

fatal("%.200s line %d: Missing argument.", filename, linenum);

if (!ciphers_valid(arg))

fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",

filename, linenum, arg ? arg : "<NONE>");

if (*activep && options->ciphers == NULL)

options->ciphers = xstrdup(arg);

break;

case oMacs:

arg = strdelim(&s);

if (!arg || *arg == '\0')

fatal("%.200s line %d: Missing argument.", filename, linenum);

if (!mac_valid(arg))

fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",

filename, linenum, arg ? arg : "<NONE>");

if (*activep && options->macs == NULL)

options->macs = xstrdup(arg);

break;

case oHostKeyAlgorithms:

arg = strdelim(&s);

if (!arg || *arg == '\0')

fatal("%.200s line %d: Missing argument.", filename, linenum);

if (!key_names_valid2(arg))

fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",

filename, linenum, arg ? arg : "<NONE>");

if (*activep && options->hostkeyalgorithms == NULL)

options->hostkeyalgorithms = xstrdup(arg);

break;

case oProtocol:

intptr = &options->protocol;

arg = strdelim(&s);

Line 580

Line 500

value = proto_spec(arg);

if (value == SSH_PROTO_UNKNOWN)

fatal("%.200s line %d: Bad protocol spec '%s'.",

filename, linenum, arg ? arg : "<NONE>");

if (*activep && *intptr == SSH_PROTO_UNKNOWN)

*intptr = value;

break;

Line 589

Line 509

intptr = (int *) &options->log_level;

arg = strdelim(&s);

value = log_level_number(arg);

if (value == SYSLOG_LEVEL_NOT_SET)

if (value == (LogLevel) - 1)

fatal("%.200s line %d: unsupported log level '%s'",

fatal("%.200s line %d: unsupported log level '%s'\n",

filename, linenum, arg ? arg : "<NONE>");

if (*activep && (LogLevel) *intptr == SYSLOG_LEVEL_NOT_SET)

if (*activep && (LogLevel) * intptr == -1)

*intptr = (LogLevel) value;

break;

case oLocalForward:

case oRemoteForward:

arg = strdelim(&s);

if (!arg || *arg == '\0')

fatal("%.200s line %d: Missing port argument.",

fatal("%.200s line %d: Missing argument.", filename, linenum);

filename, linenum);

if (arg[0] < '0' || arg[0] > '9')

if ((fwd_port = a2port(arg)) == 0)

fatal("%.200s line %d: Badly formatted port number.",

fatal("%.200s line %d: Bad listen port.",

filename, linenum);

fwd_port = atoi(arg);

arg = strdelim(&s);

if (!arg || *arg == '\0')

fatal("%.200s line %d: Missing second argument.",

filename, linenum);

if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 &&

if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)

sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2)

fatal("%.200s line %d: Badly formatted host:port.",

fatal("%.200s line %d: Bad forwarding specification.",

filename, linenum);

if (*activep)

if ((fwd_host_port = a2port(sfwd_host_port)) == 0)

add_remote_forward(options, fwd_port, buf, fwd_host_port);

fatal("%.200s line %d: Bad forwarding port.",

filename, linenum);

if (*activep) {

if (opcode == oLocalForward)

add_local_forward(options, fwd_port, buf,

fwd_host_port);

else if (opcode == oRemoteForward)

add_remote_forward(options, fwd_port, buf,

fwd_host_port);

}

break;

case oDynamicForward:

case oLocalForward:

arg = strdelim(&s);

if (!arg || *arg == '\0')

fatal("%.200s line %d: Missing port argument.",

fatal("%.200s line %d: Missing argument.", filename, linenum);

filename, linenum);

if (arg[0] < '0' || arg[0] > '9')

fwd_port = a2port(arg);

if (fwd_port == 0)

fatal("%.200s line %d: Badly formatted port number.",

filename, linenum);

fwd_port = atoi(arg);

arg = strdelim(&s);

if (!arg || *arg == '\0')

fatal("%.200s line %d: Missing second argument.",

filename, linenum);

if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)

fatal("%.200s line %d: Badly formatted host:port.",

filename, linenum);

if (*activep)

add_local_forward(options, fwd_port, "socks4", 0);

add_local_forward(options, fwd_port, buf, fwd_host_port);

break;

case oClearAllForwardings:

intptr = &options->clear_forwardings;

goto parse_flag;

case oHost:

*activep = 0;

while ((arg = strdelim(&s)) != NULL && *arg != '\0')

Line 660

Line 571

if (!arg || *arg == '\0')

fatal("%.200s line %d: Missing argument.", filename, linenum);

if (arg[0] == '^' && arg[2] == 0 &&

(u_char) arg[1] >= 64 && (u_char) arg[1] < 128)

(unsigned char) arg[1] >= 64 && (unsigned char) arg[1] < 128)

value = (u_char) arg[1] & 31;

value = (unsigned char) arg[1] & 31;

else if (strlen(arg) == 1)

value = (u_char) arg[0];

value = (unsigned char) arg[0];

else if (strcmp(arg, "none") == 0)

value = SSH_ESCAPECHAR_NONE;

value = -2;

else {

fatal("%.200s line %d: Bad escape character.",

filename, linenum);

/* NOTREACHED */

value = 0; /* Avoid compiler warning. */

}

Line 681

Line 592

}

/* Check that there is no garbage at end of line. */

if ((arg = strdelim(&s)) != NULL && *arg != '\0') {

if ((arg = strdelim(&s)) != NULL && *arg != '\0')

{

fatal("%.200s line %d: garbage at end of line; \"%.200s\".",

filename, linenum, arg);

}

return 0;

}

Line 692

Line 604

* Reads the config file and modifies the options accordingly. Options

* should already be initialized before this call. This never returns if

* there is an error. If the file does not exist, this returns 0.

* there is an error. If the file does not exist, this returns immediately.

int

void

read_config_file(const char *filename, const char *host, Options *options)

{

FILE *f;

Line 706

Line 618

/* Open the file. */

f = fopen(filename, "r");

if (!f)

return 0;

return;

debug("Reading configuration data %.200s", filename);

Line 724

Line 636

}

fclose(f);

if (bad_options > 0)

fatal("%s: terminating, %d bad configuration options",

fatal("%s: terminating, %d bad configuration options\n",

filename, bad_options);

return 1;

}

Line 748

Line 659

options->rhosts_authentication = -1;

options->rsa_authentication = -1;

options->pubkey_authentication = -1;

options->challenge_response_authentication = -1;

options->skey_authentication = -1;

#if defined(KRB4) || defined(KRB5)

#ifdef KRB4

options->kerberos_authentication = -1;

#endif

#if defined(AFS) || defined(KRB5)

options->kerberos_tgt_passing = -1;

#endif

#ifdef AFS

options->kerberos_tgt_passing = -1;

options->afs_token_passing = -1;

#endif

options->password_authentication = -1;

options->kbd_interactive_authentication = -1;

options->kbd_interactive_devices = NULL;

options->rhosts_rsa_authentication = -1;

options->hostbased_authentication = -1;

options->fallback_to_rsh = -1;

options->use_rsh = -1;

options->batch_mode = -1;

Line 776

Line 684

options->number_of_password_prompts = -1;

options->cipher = -1;

options->ciphers = NULL;

options->macs = NULL;

options->hostkeyalgorithms = NULL;

options->protocol = SSH_PROTO_UNKNOWN;

options->num_identity_files = 0;

options->hostname = NULL;

options->host_key_alias = NULL;

options->proxy_command = NULL;

options->user = NULL;

options->escape_char = -1;

Line 791

Line 696

options->user_hostfile2 = NULL;

options->num_local_forwards = 0;

options->num_remote_forwards = 0;

options->clear_forwardings = -1;

options->log_level = (LogLevel) - 1;

options->log_level = SYSLOG_LEVEL_NOT_SET;

options->preferred_authentications = NULL;

options->bind_address = NULL;

options->smartcard_device = NULL;

options->no_host_authentication_for_localhost = - 1;

}

Line 807

Line 707

void

fill_default_options(Options * options)

{

int len;

if (options->forward_agent == -1)

options->forward_agent = 0;

if (options->forward_x11 == -1)

options->forward_x11 = 0;

#ifdef XAUTH_PATH

if (options->xauth_location == NULL)

options->xauth_location = _PATH_XAUTH;

options->xauth_location = XAUTH_PATH;

#endif /* XAUTH_PATH */

if (options->gateway_ports == -1)

options->gateway_ports = 0;

if (options->use_privileged_port == -1)

options->use_privileged_port = 0;

options->use_privileged_port = 1;

if (options->rhosts_authentication == -1)

options->rhosts_authentication = 1;

if (options->rsa_authentication == -1)

options->rsa_authentication = 1;

if (options->pubkey_authentication == -1)

options->pubkey_authentication = 1;

if (options->challenge_response_authentication == -1)

if (options->skey_authentication == -1)

options->challenge_response_authentication = 1;

options->skey_authentication = 0;

#if defined(KRB4) || defined(KRB5)

#ifdef KRB4

if (options->kerberos_authentication == -1)

options->kerberos_authentication = 1;

#endif

#endif /* KRB4 */

#if defined(AFS) || defined(KRB5)

#ifdef AFS

if (options->kerberos_tgt_passing == -1)

options->kerberos_tgt_passing = 1;

#endif

#ifdef AFS

if (options->afs_token_passing == -1)

options->afs_token_passing = 1;

#endif

#endif /* AFS */

if (options->password_authentication == -1)

options->password_authentication = 1;

if (options->kbd_interactive_authentication == -1)

options->kbd_interactive_authentication = 1;

options->kbd_interactive_authentication = 0;

if (options->rhosts_rsa_authentication == -1)

options->rhosts_rsa_authentication = 1;

if (options->hostbased_authentication == -1)

options->hostbased_authentication = 0;

if (options->fallback_to_rsh == -1)

options->fallback_to_rsh = 0;

if (options->use_rsh == -1)

Line 866

Line 762

if (options->port == -1)

options->port = 0; /* Filled in ssh_connect. */

if (options->connection_attempts == -1)

options->connection_attempts = 1;

options->connection_attempts = 4;

if (options->number_of_password_prompts == -1)

options->number_of_password_prompts = 3;

/* Selected in ssh_login(). */

if (options->cipher == -1)

options->cipher = SSH_CIPHER_NOT_SET;

/* options->ciphers, default set in myproposals.h */

/* options->macs, default set in myproposals.h */

/* options->hostkeyalgorithms, default set in myproposals.h */

if (options->protocol == SSH_PROTO_UNKNOWN)

options->protocol = SSH_PROTO_1|SSH_PROTO_2;

options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED;

if (options->num_identity_files == 0) {

if (options->protocol & SSH_PROTO_1) {

len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;

options->identity_files[options->num_identity_files] =

xmalloc(len);

xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1);

snprintf(options->identity_files[options->num_identity_files++],

sprintf(options->identity_files[options->num_identity_files++],

len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);

"~/%.100s", SSH_CLIENT_IDENTITY);

}

if (options->protocol & SSH_PROTO_2) {

len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;

options->identity_files[options->num_identity_files] =

xmalloc(len);

xmalloc(2 + strlen(SSH_CLIENT_ID_DSA) + 1);

snprintf(options->identity_files[options->num_identity_files++],

sprintf(options->identity_files[options->num_identity_files++],

len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);

"~/%.100s", SSH_CLIENT_ID_DSA);

len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;

options->identity_files[options->num_identity_files] =

xmalloc(len);

snprintf(options->identity_files[options->num_identity_files++],

len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);

}

if (options->escape_char == -1)

options->escape_char = '~';

if (options->system_hostfile == NULL)

options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;

options->system_hostfile = SSH_SYSTEM_HOSTFILE;

if (options->user_hostfile == NULL)

options->user_hostfile = _PATH_SSH_USER_HOSTFILE;

options->user_hostfile = SSH_USER_HOSTFILE;

if (options->system_hostfile2 == NULL)

options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;

options->system_hostfile2 = SSH_SYSTEM_HOSTFILE2;

if (options->user_hostfile2 == NULL)

options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;

options->user_hostfile2 = SSH_USER_HOSTFILE2;

if (options->log_level == SYSLOG_LEVEL_NOT_SET)

if (options->log_level == (LogLevel) - 1)

options->log_level = SYSLOG_LEVEL_INFO;

if (options->clear_forwardings == 1)

clear_forwardings(options);

if (options->no_host_authentication_for_localhost == - 1)

options->no_host_authentication_for_localhost = 0;

/* options->proxy_command should not be set by default */

/* options->user will be set in the main program if appropriate */

/* options->hostname will be set in the main program if appropriate */

/* options->host_key_alias should not be set by default */

/* options->preferred_authentications will be set in ssh */

}