[src/netbsd-1-5]: src/crypto/dist/ssh Pull up revisions 1.3-1.7 (requested by...

[he <he%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/e5478bd9d629
branches:  netbsd-1-5
changeset: 490717:e5478bd9d629
user:      he <he%NetBSD.org@localhost>
date:      Mon Feb 26 20:34:59 2001 +0000

description:
Pull up revisions 1.3-1.7 (requested by itojun):
  Update SSH to version found on trunk as of 26 Feb 2001.

diffstat:

 crypto/dist/ssh/sshd.8 |  480 ++++++++++++++++++++++++++++++------------------
 1 files changed, 297 insertions(+), 183 deletions(-)

diffs (truncated from 852 to 300 lines):

diff -r 6a910c95dcda -r e5478bd9d629 crypto/dist/ssh/sshd.8
--- a/crypto/dist/ssh/sshd.8    Mon Feb 26 20:33:51 2001 +0000
+++ b/crypto/dist/ssh/sshd.8    Mon Feb 26 20:34:59 2001 +0000
@@ -1,7 +1,5 @@
 .\"  -*- nroff -*-
 .\"
-.\" $NetBSD: sshd.8,v 1.1.1.1.2.2 2000/10/03 21:55:26 lukem Exp $
-.\"
 .\" Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
 .\"                    All rights reserved
@@ -36,15 +34,16 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd October 3, 2000
+.\" $OpenBSD: sshd.8,v 1.95 2001/02/17 23:48:48 deraadt Exp $
+.Dd September 25, 1999
 .Dt SSHD 8
 .Os
 .Sh NAME
 .Nm sshd
-.Nd secure shell daemon
+.Nd OpenSSH secure shell daemon
 .Sh SYNOPSIS
 .Nm sshd
-.Op Fl diqQ46
+.Op Fl diqD46
 .Op Fl b Ar bits
 .Op Fl f Ar config_file
 .Op Fl g Ar login_grace_time
@@ -55,20 +54,23 @@
 .Op Fl V Ar client_protocol_id
 .Sh DESCRIPTION
 .Nm
-(Secure Shell Daemon) is the server side companion to
+(Secure Shell Daemon) is the daemon program for
 .Xr ssh 1 .
 Together these programs replace rlogin and rsh, and
-provide secure encrypted communications between two untrusted
-hosts over an insecure network.  The programs are intended
-to be as easy to use as possible.
+provide secure encrypted communications between two untrusted hosts
+over an insecure network.
+The programs are intended to be as easy to
+install and use as possible.
 .Pp
 .Nm
 is the daemon that listens for connections from clients.
-It is normally started at boot time from
+It is normally started at boot from
 .Pa /etc/rc.d/sshd .
-It forks a new daemon for each incoming connection.
-The forked daemons handle key exchange, encryption,
-authentication, command execution, and data exchange.
+It forks a new
+daemon for each incoming connection.
+The forked daemons handle
+key exchange, encryption, authentication, command execution,
+and data exchange.
 This implementation of
 .Nm
 supports both SSH protocol version 1 and 2 simultaneously.
@@ -77,34 +79,42 @@
 .Pp
 .Ss SSH protocol version 1
 .Pp
-Each host has a host-specific RSA key (normally 1024 bits) used
-to identify the host.  Additionally, when the daemon starts, it
-generates a server RSA key (normally 768 bits).  This key is
-normally regenerated every hour if it has been used, and is never
-stored on disk.
+Each host has a host-specific RSA key
+(normally 1024 bits) used to identify the host.
+Additionally, when
+the daemon starts, it generates a server RSA key (normally 768 bits).
+This key is normally regenerated every hour if it has been used, and
+is never stored on disk.
 .Pp
 Whenever a client connects the daemon responds with its public
-host and server keys.  The client compares the RSA host key against
-its own database to verify that it has not changed.  The client
-then generates a 256 bit random number.  It encrypts this
+host and server keys.
+The client compares the
+RSA host key against its own database to verify that it has not changed.
+The client then generates a 256 bit random number.
+It encrypts this
 random number using both the host key and the server key, and sends
-the encrypted number to the server.  Both sides then use this
+the encrypted number to the server.
+Both sides then use this
 random number as a session key which is used to encrypt all further
-communications in the session.  The rest of the session is encrypted
-using a conventional cipher.  This implementation currently supports
-Blowfish and 3DES; 3DES is the default cipher.  The client selects the
-encryption algorithm to use from those offered by the server.
+communications in the session.
+The rest of the session is encrypted
+using a conventional cipher, currently Blowfish or 3DES, with 3DES
+being used by default.
+The client selects the encryption algorithm
+to use from those offered by the server.
 .Pp
 Next, the server and the client enter an authentication dialog.
 The client tries to authenticate itself using
 .Pa .rhosts
 authentication,
 .Pa .rhosts
-authentication combined with RSA host authentication, RSA
-challenge-response authentication, or password based authentication.
+authentication combined with RSA host
+authentication, RSA challenge-response authentication, or password
+based authentication.
 .Pp
-Rhosts authentication is normally disabled because it is fundamentally
-insecure, but can be enabled in the server configuration file if desired.
+Rhosts authentication is normally disabled
+because it is fundamentally insecure, but can be enabled in the server
+configuration file if desired.
 System security is not improved unless
 .Xr rshd 8 ,
 .Xr rlogind 8 ,
@@ -123,26 +133,32 @@
 Each host has a host-specific DSA key used to identify the host.
 However, when the daemon starts, it does not generate a server key.
 Forward security is provided through a Diffie-Hellman key agreement.
-This key agreement results in a shared session key.  The rest of the
-session is encrypted using a symmetric cipher.  This implemenation
-currently supports Blowfish, 3DES, CAST128-CBC, and ARC4.  The client
-selects the encryption algorithm to use from those offered by the server.
-Additionally, session integrity is provided through a cryptographic
-message authentication code (HMAC-SHA1 or HMAC-MD5).
+This key agreement results in a shared session key.
+The rest of the session is encrypted
+using a symmetric cipher, currently
+Blowfish, 3DES or CAST128 in CBC mode or Arcfour.
+The client selects the encryption algorithm
+to use from those offered by the server.
+Additionally, session integrity is provided
+through a cryptographic message authentication code
+(hmac-sha1 or hmac-md5).
 .Pp
-Protocol version 2 provides a public key based user authentication
-method (DSAAuthentication) and conventional password authentication.
+Protocol version 2 provides a public key based
+user authentication method (PubkeyAuthentication)
+and conventional password authentication.
 .Pp
 .Ss Command execution and data forwarding
 .Pp
 If the client successfully authenticates itself, a dialog for
-preparing the session is entered.  At this time the client may request
+preparing the session is entered.
+At this time the client may request
 things like allocating a pseudo-tty, forwarding X11 connections,
 forwarding TCP/IP connections, or forwarding the authentication agent
 connection over the secure channel.
 .Pp
 Finally, the client either requests a shell or execution of a command.
-The sides then enter session mode.  In this mode, either side may send
+The sides then enter session mode.
+In this mode, either side may send
 data at any time, and such data is forwarded to/from the shell or
 command on the server side, and the user terminal in the client side.
 .Pp
@@ -152,7 +168,8 @@
 .Pp
 .Nm
 can be configured using command-line options or a configuration
-file.  Command-line options override values specified in the
+file.
+Command-line options override values specified in the
 configuration file.
 .Pp
 .Nm
@@ -170,46 +187,58 @@
 log, and does not put itself in the background.
 The server also will not fork and will only process one connection.
 This option is only intended for debugging for the server.
-Multiple -d options increases the debugging level. Maximum is 3.
+Multiple -d options increases the debugging level.
+Maximum is 3.
 .It Fl f Ar configuration_file
-Specifies the name of the configuration file.  The default is
+Specifies the name of the configuration file.
+The default is
 .Pa /etc/sshd.conf .
 .Nm
 refuses to start if there is no configuration file.
 .It Fl g Ar login_grace_time
 Gives the grace time for clients to authenticate themselves (default
-300 seconds).  If the client fails to authenticate the user within
-this many seconds, the server disconnects and exits.  A value of zero
-indicates no limit.
+600 seconds).
+If the client fails to authenticate the user within
+this many seconds, the server disconnects and exits.
+A value of zero indicates no limit.
 .It Fl h Ar host_key_file
-Specifies the file from which the RSA host key is read (default
+Specifies the file from which the host key is read (default
 .Pa /etc/ssh_host_key ) .
 This option must be given if
 .Nm
-is not run as root (as the normal host file is normally not readable
-by anyone but root).
+is not run as root (as the normal
+host file is normally not readable by anyone but root).
+It is possible to have multiple host key files for
+the different protocol versions.
 .It Fl i
 Specifies that
 .Nm
 is being run from inetd.
 .Nm
-is normally not run from inetd because it needs to generate the server
-key before it can respond to the client, and this may take tens of seconds.
+is normally not run
+from inetd because it needs to generate the server key before it can
+respond to the client, and this may take tens of seconds.
 Clients would have to wait too long if the key was regenerated every time.
 However, with small key sizes (e.g., 512) using
 .Nm
-from inetd may be feasible.
+from inetd may
+be feasible.
 .It Fl k Ar key_gen_time
 Specifies how often the server key is regenerated (default 3600
-seconds, or one hour).  The motivation for regenerating the key fairly
+seconds, or one hour).
+The motivation for regenerating the key fairly
 often is that the key is not stored anywhere, and after about an hour,
 it becomes impossible to recover the key for decrypting intercepted
 communications even if the machine is cracked into or physically
-seized.  A value of zero indicates that the key will never be regenerated.
+seized.
+A value of zero indicates that the key will never be regenerated.
 .It Fl p Ar port
-Specifies the port on which the server listens for connections (default 22).
+Specifies the port on which the server listens for connections
+(default 22).
 .It Fl q
-Quiet mode.  Nothing is sent to the system log.  Normally the beginning,
+Quiet mode.
+Nothing is sent to the system log.
+Normally the beginning,
 authentication, and termination of each connection is logged.
 .It Fl u Ar len
 This option is used to specify the size of the field
@@ -227,13 +256,20 @@
 should be put into the
 .Pa utmp
 file.
-.It Fl Q
-Do not print an error message if RSA support is missing.
+.It Fl D
+When this option is specified
+.Nm
+will not detach and does not become a daemon.
+This allows easy monitoring of
+.Nm sshd .
 .It Fl V Ar client_protocol_id
-SSH2 compatibility mode.  When this option is specified
+SSH-2 compatibility mode.
+When this option is specified
 .Nm
 assumes the client has sent the supplied version string
-and skips the Protocol Version Identification Exchange.
+and skips the
+Protocol Version Identification Exchange.
+This option is not intended to be called directly.
 .It Fl 4
 Forces
 .Nm
@@ -250,7 +286,8 @@
 (or the file specified with
 .Fl f
 on the command line).
-The file contains keyword-value pairs, one per line.  Lines starting with
+The file contains keyword-value pairs, one per line.
+Lines starting with
 .Ql #
 and empty lines are interpreted as comments.
 .Pp
@@ -261,21 +298,31 @@
 Default is
 .Dq yes .
 .It Cm AllowGroups
-This keyword can be followed by a number of group names, separated
-by spaces.  If specified, login is allowed only for users whose primary
-group matches one of the patterns.
+This keyword can be followed by a list of group names, separated
+by spaces.
+If specified, login is allowed only for users whose primary
+group or supplementary group list matches one of the patterns.
 .Ql \&*
 and
 .Ql ?
 can be used as