| version 1.48, 2000/05/03 22:19:29 |
version 1.49, 2000/05/06 17:45:37 |
|
|
| The forked daemons handle |
The forked daemons handle |
| key exchange, encryption, authentication, command execution, |
key exchange, encryption, authentication, command execution, |
| and data exchange. |
and data exchange. |
| .Pp |
This implementation of |
| .Nm |
.Nm |
| |
supports both SSH protocol version 1 and 2 simultaneously. |
| |
.Nm |
| works as follows. |
works as follows. |
| |
.Pp |
| |
.Ss SSH protocol version 1 |
| |
.Pp |
| Each host has a host-specific RSA key |
Each host has a host-specific RSA key |
| (normally 1024 bits) used to identify the host. |
(normally 1024 bits) used to identify the host. |
| Additionally, when |
Additionally, when |
|
|
| Whenever a client connects the daemon responds with its public |
Whenever a client connects the daemon responds with its public |
| host and server keys. |
host and server keys. |
| The client compares the |
The client compares the |
| host key against its own database to verify that it has not changed. |
RSA host key against its own database to verify that it has not changed. |
| The client then generates a 256 bit random number. |
The client then generates a 256 bit random number. |
| It encrypts this |
It encrypts this |
| random number using both the host key and the server key, and sends |
random number using both the host key and the server key, and sends |
|
|
| .Xr rsh 1 |
.Xr rsh 1 |
| into the machine). |
into the machine). |
| .Pp |
.Pp |
| |
.Ss SSH protocol version 2 |
| |
.Pp |
| |
Version 2 works similar: |
| |
Each host has a host-specific DSA key used to identify the host. |
| |
However, when the daemon starts, it does not generate a server key. |
| |
Forward security is provided through a Diffie-Hellman key agreement. |
| |
This key agreement results in a shared session key. |
| |
The rest of the session is encrypted |
| |
using a symmetric cipher, currently |
| |
Blowfish, 3DES or CAST128 in CBC mode or Arcfour. |
| |
The client selects the encryption algorithm |
| |
to use from those offered by the server. |
| |
Additionally, session integrity is provided |
| |
through a crytographic message authentication code |
| |
(hmac-sha1 or hmac-md5). |
| |
.Pp |
| |
Protocol version 2 provides a public key based |
| |
user authentication method (DSAAuthentication) |
| |
and conventional password authentication. |
| |
.Pp |
| |
.Ss Command execution and data forwarding |
| |
.Pp |
| If the client successfully authenticates itself, a dialog for |
If the client successfully authenticates itself, a dialog for |
| preparing the session is entered. |
preparing the session is entered. |
| At this time the client may request |
At this time the client may request |
|
|
| this many seconds, the server disconnects and exits. |
this many seconds, the server disconnects and exits. |
| A value of zero indicates no limit. |
A value of zero indicates no limit. |
| .It Fl h Ar host_key_file |
.It Fl h Ar host_key_file |
| Specifies the file from which the host key is read (default |
Specifies the file from which the RSA host key is read (default |
| .Pa /etc/ssh_host_key ) . |
.Pa /etc/ssh_host_key ) . |
| This option must be given if |
This option must be given if |
| .Nm |
.Nm |
|
|
| can be used as wildcards in the patterns. |
can be used as wildcards in the patterns. |
| Only user names are valid, a numerical user ID isn't recognized. |
Only user names are valid, a numerical user ID isn't recognized. |
| By default login is allowed regardless of the user name. |
By default login is allowed regardless of the user name. |
| |
.It Cm DSAAuthentication |
| |
Specifies whether DSA authentication is allowed. |
| |
The default is |
| |
.Dq yes . |
| |
Note that this option applies to protocol version 2 only. |
| .It Cm GatewayPorts |
.It Cm GatewayPorts |
| Specifies whether remote hosts are allowed to connect to ports |
Specifies whether remote hosts are allowed to connect to ports |
| forwarded for the client. |
forwarded for the client. |
|
|
| Specifies whether password authentication is allowed. |
Specifies whether password authentication is allowed. |
| The default is |
The default is |
| .Dq yes . |
.Dq yes . |
| |
Note that this option applies to both protocol version 1 and 2. |
| .It Cm PermitEmptyPasswords |
.It Cm PermitEmptyPasswords |
| When password authentication is allowed, it specifies whether the |
When password authentication is allowed, it specifies whether the |
| server allows login to accounts with empty password strings. |
server allows login to accounts with empty password strings. |
|
|
| Specifies whether pure RSA authentication is allowed. |
Specifies whether pure RSA authentication is allowed. |
| The default is |
The default is |
| .Dq yes . |
.Dq yes . |
| |
Note that this option applies to protocol version 1 only. |
| .It Cm ServerKeyBits |
.It Cm ServerKeyBits |
| Defines the number of bits in the server key. |
Defines the number of bits in the server key. |
| The minimum value is 512, and the default is 768. |
The minimum value is 512, and the default is 768. |
|
|
| pattern, it is not accepted (by that line) even if it matched another |
pattern, it is not accepted (by that line) even if it matched another |
| pattern on the line. |
pattern on the line. |
| .Pp |
.Pp |
| Bits, exponent, and modulus are taken directly from the host key; they |
Bits, exponent, and modulus are taken directly from the RSA host key; they |
| can be obtained, e.g., from |
can be obtained, e.g., from |
| .Pa /etc/ssh_host_key.pub . |
.Pa /etc/ssh_host_key.pub . |
| The optional comment field continues to the end of the line, and is not used. |
The optional comment field continues to the end of the line, and is not used. |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd.8 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh