[src/trunk]: src/crypto/dist/ssh OpenSSH 2.9 as of 2001/5/15

[itojun <itojun%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/d2215ad592f8
branches:  trunk
changeset: 509918:d2215ad592f8
user:      itojun <itojun%NetBSD.org@localhost>
date:      Tue May 15 15:02:20 2001 +0000

description:
OpenSSH 2.9 as of 2001/5/15

diffstat:

 crypto/dist/ssh/README        |  582 +----------------------------------------
 crypto/dist/ssh/buffer.c      |   13 +-
 crypto/dist/ssh/channels.h    |   26 +-
 crypto/dist/ssh/compat.c      |   19 +-
 crypto/dist/ssh/compat.h      |   39 +-
 crypto/dist/ssh/key.h         |    5 +-
 crypto/dist/ssh/nchan.c       |   12 +-
 crypto/dist/ssh/nchan.h       |    6 +-
 crypto/dist/ssh/packet.h      |    8 +-
 crypto/dist/ssh/sftp-glob.h   |    6 +-
 crypto/dist/ssh/sftp-server.8 |   15 +-
 crypto/dist/ssh/sshconnect.h  |   40 +--
 crypto/dist/ssh/sshtty.c      |   97 +++++++
 crypto/dist/ssh/sshtty.h      |   66 ++++
 crypto/dist/ssh/ttymodes.c    |  235 ++++++++++++----
 crypto/dist/ssh/ttymodes.h    |   41 ++-
 crypto/dist/ssh/uidswap.c     |   12 +-
 17 files changed, 502 insertions(+), 720 deletions(-)

diffs (truncated from 1684 to 300 lines):

diff -r 12c948a76c5c -r d2215ad592f8 crypto/dist/ssh/README
--- a/crypto/dist/ssh/README    Tue May 15 15:00:04 2001 +0000
+++ b/crypto/dist/ssh/README    Tue May 15 15:02:20 2001 +0000
@@ -1,567 +1,25 @@
-
-[ Please note that this file has not been updated for OpenSSH and 
-  covers the ssh-1.2.12 release from Dec 1995 only. ]
-
-Ssh (Secure Shell) is a program to log into another computer over a
-network, to execute commands in a remote machine, and to move files
-from one machine to another.  It provides strong authentication and
-secure communications over insecure channels.  It is intended as a
-replacement for rlogin, rsh, rcp, and rdist.
-
-See the file INSTALL for installation instructions.  See COPYING for
-license terms and other legal issues.  See RFC for a description of
-the protocol.  There is a WWW page for ssh; see http://www.cs.hut.fi/ssh.
-
-This file has been updated to match ssh-1.2.12.
-
-
-FEATURES
-
- o  Strong authentication.  Closes several security holes (e.g., IP,
-    routing, and DNS spoofing).  New authentication methods: .rhosts
-    together with RSA based host authentication, and pure RSA
-    authentication.
-
- o  Improved privacy.  All communications are automatically and
-    transparently encrypted.  RSA is used for key exchange, and a
-    conventional cipher (normally IDEA, DES, or triple-DES) for
-    encrypting the session.  Encryption is started before
-    authentication, and no passwords or other information is
-    transmitted in the clear.  Encryption is also used to protect
-    against spoofed packets.
-
- o  Secure X11 sessions.  The program automatically sets DISPLAY on
-    the server machine, and forwards any X11 connections over the
-    secure channel.  Fake Xauthority information is automatically
-    generated and forwarded to the remote machine; the local client
-    automatically examines incoming X11 connections and replaces the
-    fake authorization data with the real data (never telling the 
-    remote machine the real information).
-
- o  Arbitrary TCP/IP ports can be redirected through the encrypted channel
-    in both directions (e.g., for e-cash transactions).
-
- o  No retraining needed for normal users; everything happens
-    automatically, and old .rhosts files will work with strong
-    authentication if administration installs host key files.
-
- o  Never trusts the network.  Minimal trust on the remote side of
-    the connection.  Minimal trust on domain name servers.  Pure RSA
-    authentication never trusts anything but the private key.
-
- o  Client RSA-authenticates the server machine in the beginning of
-    every connection to prevent trojan horses (by routing or DNS
-    spoofing) and man-in-the-middle attacks, and the server
-    RSA-authenticates the client machine before accepting .rhosts or
-    /etc/hosts.equiv authentication (to prevent DNS, routing, or
-    IP-spoofing).
-
- o  Host authentication key distribution can be centrally by the
-    administration, automatically when the first connection is made
-    to a machine (the key obtained on the first connection will be
-    recorded and used for authentication in the future), or manually
-    by each user for his/her own use.  The central and per-user host
-    key repositories are both used and complement each other.  Host
-    keys can be generated centrally or automatically when the software
-    is installed.  Host authentication keys are typically 1024 bits.
-
- o  Any user can create any number of user authentication RSA keys for
-    his/her own use.  Each user has a file which lists the RSA public
-    keys for which proof of possession of the corresponding private
-    key is accepted as authentication.  User authentication keys are
-    typically 1024 bits.
-
- o  The server program has its own server RSA key which is
-    automatically regenerated every hour.  This key is never saved in
-    any file.  Exchanged session keys are encrypted using both the
-    server key and the server host key.  The purpose of the separate
-    server key is to make it impossible to decipher a captured session by
-    breaking into the server machine at a later time; one hour from
-    the connection even the server machine cannot decipher the session
-    key.  The key regeneration interval is configurable.  The server
-    key is normally 768 bits.
-
- o  An authentication agent, running in the user's laptop or local
-    workstation, can be used to hold the user's RSA authentication
-    keys.  Ssh automatically forwards the connection to the
-    authentication agent over any connections, and there is no need to
-    store the RSA authentication keys on any machine in the network
-    (except the user's own local machine).  The authentication
-    protocols never reveal the keys; they can only be used to verify
-    that the user's agent has a certain key.  Eventually the agent
-    could rely on a smart card to perform all authentication
-    computations.
-
- o  The software can be installed and used (with restricted
-    functionality) even without root privileges.
-
- o  The client is customizable in system-wide and per-user
-    configuration files.  Most aspects of the client's operation can
-    be configured.  Different options can be specified on a per-host basis.
-
- o  Automatically executes conventional rsh (after displaying a
-    warning) if the server machine is not running sshd.
-
- o  Optional compression of all data with gzip (including forwarded X11
-    and TCP/IP port data), which may result in significant speedups on
-    slow connections.
-
- o  Complete replacement for rlogin, rsh, and rcp.
-
-
-WHY TO USE SECURE SHELL
-
-Currently, almost all communications in computer networks are done
-without encryption.  As a consequence, anyone who has access to any
-machine connected to the network can listen in on any communication.
-This is being done by hackers, curious administrators, employers,
-criminals, industrial spies, and governments.  Some networks leak off
-enough electromagnetic radiation that data may be captured even from a
-distance.
-
-When you log in, your password goes in the network in plain
-text.  Thus, any listener can then use your account to do any evil he
-likes.  Many incidents have been encountered worldwide where crackers
-have started programs on workstations without the owners knowledge
-just to listen to the network and collect passwords.  Programs for
-doing this are available on the Internet, or can be built by a
-competent programmer in a few hours.
+This release of OpenSSH is for OpenBSD systems only.
 
-Any information that you type or is printed on your screen can be
-monitored, recorded, and analyzed.  For example, an intruder who has
-penetrated a host connected to a major network can start a program
-that listens to all data flowing in the network, and whenever it
-encounters a 16-digit string, it checks if it is a valid credit card
-number (using the check digit), and saves the number plus any
-surrounding text (to catch expiration date and holder) in a file.
-When the intruder has collected a few thousand credit card numbers, he
-makes smallish mail-order purchases from a few thousand stores around
-the world, and disappears when the goods arrive but before anyone
-suspects anything.
-
-Businesses have trade secrets, patent applications in preparation,
-pricing information, subcontractor information, client data, personnel
-data, financial information, etc.  Currently, anyone with access to
-the network (any machine on the network) can listen to anything that
-goes in the network, without any regard to normal access restrictions.
-
-Many companies are not aware that information can so easily be
-recovered from the network.  They trust that their data is safe
-since nobody is supposed to know that there is sensitive information
-in the network, or because so much other data is transferred in the
-network.  This is not a safe policy.
-
-Individual persons also have confidential information, such as
-diaries, love letters, health care documents, information about their
-personal interests and habits, professional data, job applications,
-tax reports, political documents, unpublished manuscripts, etc.
-
-One should also be aware that economical intelligence and industrial
-espionage has recently become a major priority of the intelligence
-agencies of major governments.  President Clinton recently assigned
-economical espionage as the primary task of the CIA, and the French
-have repeatedly been publicly boasting about their achievements on
-this field.
-
-
-There is also another frightening aspect about the poor security of
-communications.  Computer storage and analysis capability has
-increased so much that it is feasible for governments, major
-companies, and criminal organizations to automatically analyze,
-identify, classify, and file information about millions of people over
-the years.  Because most of the work can be automated, the cost of
-collecting this information is getting very low.  
-
-Government agencies may be able to monitor major communication
-systems, telephones, fax, computer networks, etc., and passively
-collect huge amounts of information about all people with any
-significant position in the society.  Most of this information is not
-sensitive, and many people would say there is no harm in someone
-getting that information.  However, the information starts to get
-sensitive when someone has enough of it.  You may not mind someone
-knowing what you bought from the shop one random day, but you might
-not like someone knowing every small thing you have bought in the last
-ten years.
-
-If the government some day starts to move into a more totalitarian
-direction (one should remember that Nazi Germany was created by
-democratic elections), there is considerable danger of an ultimate
-totalitarian state.  With enough information (the automatically
-collected records of an individual can be manually analyzed when the
-person becomes interesting), one can form a very detailed picture of
-the individual's interests, opinions, beliefs, habits, friends,
-lovers, weaknesses, etc.  This information can be used to 1) locate
-any persons who might oppose the new system 2) use deception to
-disturb any organizations which might rise against the government 3)
-eliminate difficult individuals without anyone understanding what
-happened.  Additionally, if the government can monitor communications
-too effectively, it becomes too easy to locate and eliminate any
-persons distributing information contrary to the official truth.
+Please read
+        http://www.openssh.com/portable.html
+if you want to install OpenSSH on other operating systems.
 
-Fighting crime and terrorism are often used as grounds for domestic
-surveillance and restricting encryption.  These are good goals, but
-there is considerable danger that the surveillance data starts to get
-used for questionable purposes.  I find that it is better to tolerate
-a small amount of crime in the society than to let the society become
-fully controlled.  I am in favor of a fairly strong state, but the
-state must never get so strong that people become unable to spread
-contra-offical information and unable to overturn the government if it
-is bad.  The danger is that when you notice that the government is
-too powerful, it is too late.  Also, the real power may not be where
-the official government is.
-
-For these reasons (privacy, protecting trade secrets, and making it
-more difficult to create a totalitarian state), I think that strong
-cryptography should be integrated to the tools we use every day.
-Using it causes no harm (except for those who wish to monitor
-everything), but not using it can cause huge problems.  If the society
-changes in undesirable ways, then it will be to late to start
-encrypting.
-
-Encryption has had a "military" or "classified" flavor to it.  There
-are no longer any grounds for this.  The military can and will use its
-own encryption; that is no excuse to prevent the civilians from
-protecting their privacy and secrets.  Information on strong
-encryption is available in every major bookstore, scientific library,
-and patent office around the world, and strong encryption software is
-available in every country on the Internet.
-
-Some people would like to make it illegal to use encryption, or to
-force people to use encryption that governments can break.  This
-approach offers no protection if the government turns bad.  Also, the
-"bad guys" will be using true strong encryption anyway.  Good
-encryption techniques are too widely known to make them disappear.
-Thus, any "key escrow encryption" or other restrictions will only help
-monitor ordinary people and petty criminals.  It does not help against
-powerful criminals, terrorists, or espionage, because they will know
-how to use strong encryption anyway.  (One source for internationally
-available encryption software is http://www.cs.hut.fi/crypto.)
-
-
-OVERVIEW OF SECURE SHELL
-
-The software consists of a number of programs.
-
-   sshd                Server program run on the server machine.  This
-               listens for connections from client machines, and
-               whenever it receives a connection, it performs
-               authentication and starts serving the client.
-
-   ssh         This is the client program used to log into another
-               machine or to execute commands on the other machine.
-               "slogin" is another name for this program.
-
-   scp         Securely copies files from one machine to another.
-
-   ssh-keygen  Used to create RSA keys (host keys and user
-               authentication keys).
-
-   ssh-agent   Authentication agent.  This can be used to hold RSA
-               keys for authentication.
-
-   ssh-add     Used to register new keys with the agent.
-
-   make-ssh-known-hosts
-               Used to create the /etc/ssh_known_hosts file.
-
-
-Ssh is the program users normally use.  It is started as
-
-  ssh host
-
-or
-
-  ssh host command
-
-The first form opens a new shell on the remote machine (after
-authentication).  The latter form executes the command on the remote
-machine.
+To extract and install this release on your OpenBSD system use:
 
-When started, the ssh connects sshd on the server machine, verifies
-that the server machine really is the machine it wanted to connect,
-exchanges encryption keys (in a manner which prevents an outside
-listener from getting the keys), performs authentication using .rhosts
-and /etc/hosts.equiv, RSA authentication, or conventional password
-based authentication.  The server then (normally) allocates a
-pseudo-terminal and starts an interactive shell or user program.
-
-The TERM environment variable (describing the type of the user's
-terminal) is passed from the client side to the remote side.  Also,
-terminal modes will be copied from the client side to the remote side
-to preserve user preferences (e.g., the erase character).