version 1.189, 2008/11/03 08:59:41 |
version 1.190, 2008/11/04 08:22:13 |
|
|
options->num_permitted_opens = -1; |
options->num_permitted_opens = -1; |
options->adm_forced_command = NULL; |
options->adm_forced_command = NULL; |
options->chroot_directory = NULL; |
options->chroot_directory = NULL; |
|
options->zero_knowledge_password_authentication = -1; |
} |
} |
|
|
void |
void |
|
|
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
if (options->permit_tun == -1) |
if (options->permit_tun == -1) |
options->permit_tun = SSH_TUNMODE_NO; |
options->permit_tun = SSH_TUNMODE_NO; |
|
if (options->zero_knowledge_password_authentication == -1) |
|
options->zero_knowledge_password_authentication = 0; |
|
|
/* Turn privilege separation on by default */ |
/* Turn privilege separation on by default */ |
if (use_privsep == -1) |
if (use_privsep == -1) |
|
|
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, |
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, |
sMatch, sPermitOpen, sForceCommand, sChrootDirectory, |
sMatch, sPermitOpen, sForceCommand, sChrootDirectory, |
sUsePrivilegeSeparation, sAllowAgentForwarding, |
sUsePrivilegeSeparation, sAllowAgentForwarding, |
|
sZeroKnowledgePasswordAuthentication, |
sDeprecated, sUnsupported |
sDeprecated, sUnsupported |
} ServerOpCodes; |
} ServerOpCodes; |
|
|
|
|
{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, |
{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, |
{ "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, |
{ "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, |
{ "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ |
{ "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ |
|
#ifdef JPAKE |
|
{ "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL }, |
|
#else |
|
{ "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL }, |
|
#endif |
{ "checkmail", sDeprecated, SSHCFG_GLOBAL }, |
{ "checkmail", sDeprecated, SSHCFG_GLOBAL }, |
{ "listenaddress", sListenAddress, SSHCFG_GLOBAL }, |
{ "listenaddress", sListenAddress, SSHCFG_GLOBAL }, |
{ "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, |
{ "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, |
|
|
intptr = &options->password_authentication; |
intptr = &options->password_authentication; |
goto parse_flag; |
goto parse_flag; |
|
|
|
case sZeroKnowledgePasswordAuthentication: |
|
intptr = &options->zero_knowledge_password_authentication; |
|
goto parse_flag; |
|
|
case sKbdInteractiveAuthentication: |
case sKbdInteractiveAuthentication: |
intptr = &options->kbd_interactive_authentication; |
intptr = &options->kbd_interactive_authentication; |
goto parse_flag; |
goto parse_flag; |
|
|
M_CP_INTOPT(kerberos_authentication); |
M_CP_INTOPT(kerberos_authentication); |
M_CP_INTOPT(hostbased_authentication); |
M_CP_INTOPT(hostbased_authentication); |
M_CP_INTOPT(kbd_interactive_authentication); |
M_CP_INTOPT(kbd_interactive_authentication); |
|
M_CP_INTOPT(zero_knowledge_password_authentication); |
M_CP_INTOPT(permit_root_login); |
M_CP_INTOPT(permit_root_login); |
M_CP_INTOPT(permit_empty_passwd); |
M_CP_INTOPT(permit_empty_passwd); |
|
|
|
|
#ifdef GSSAPI |
#ifdef GSSAPI |
dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); |
dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); |
dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); |
dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); |
|
#endif |
|
#ifdef JPAKE |
|
dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication, |
|
o->zero_knowledge_password_authentication); |
#endif |
#endif |
dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); |
dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); |
dump_cfg_fmtint(sKbdInteractiveAuthentication, |
dump_cfg_fmtint(sKbdInteractiveAuthentication, |