summaryrefslogtreecommitdiff
path: root/README
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2019-04-05 11:29:31 -0700
committerDamien Miller <djm@mindrot.org>2019-04-05 11:29:31 -0700
commit5d3127d9274519b25ed10e320f45045ba8d7f3be (patch)
tree82f74c058325ee6401649f28adcb09d57a78b576 /README
parent9444d82678cb7781820da4d1c23b3c2b9fb1e12f (diff)
Revert "rewrite README"
This reverts commit 9444d82678cb7781820da4d1c23b3c2b9fb1e12f.
Diffstat (limited to 'README')
-rw-r--r--README106
1 files changed, 47 insertions, 59 deletions
diff --git a/README b/README
index 4e2624161..77cb0ef3a 100644
--- a/README
+++ b/README
@@ -1,74 +1,62 @@
1# Portable OpenSSH 1See https://www.openssh.com/releasenotes.html#8.0p1 for the release notes.
2 2
3OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``ssh`` and server ``sshd``, file transfer utilities ``scp`` and ``sftp`` as well as tools for key generation (``ssh-keygen``), run-time key storage (``ssh-agent``) and a number of supporting programs. 3Please read https://www.openssh.com/report.html for bug reporting
4instructions and note that we do not use Github for bug reporting or
5patch/pull-request management.
4 6
5This is a port of OpenBSD's [OpenSSH](https://openssh.com) to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM). 7This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other
8Unices.
6 9
7## Documentation 10OpenSSH is based on the last free version of Tatu Ylonen's sample
11implementation with all patent-encumbered algorithms removed (to
12external libraries), all known security bugs fixed, new features
13reintroduced and many other clean-ups. OpenSSH has been created by
14Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt,
15and Dug Song. It has a homepage at https://www.openssh.com/
8 16
9The official documentation for OpenSSH are the man pages for each tool: 17This port consists of the re-introduction of autoconf support, PAM
18support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library
19functions that are (regrettably) absent from other unices. This port
20has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X,
21FreeBSD, NetBSD, OpenBSD, OpenServer, Solaris and UnixWare.
10 22
11* [ssh(1)](https://man.openbsd.org/ssh.1) 23This version actively tracks changes in the OpenBSD CVS repository.
12* [sshd(8)](https://man.openbsd.org/sshd.8)
13* [ssh-keygen(1)](https://man.openbsd.org/ssh-keygen.1)
14* [ssh-agent(1)](https://man.openbsd.org/ssh-agent.1)
15* [scp(1)](https://man.openbsd.org/scp.1)
16* [sftp(1)](https://man.openbsd.org/sftp.1)
17* [ssh-keyscan(8)](https://man.openbsd.org/ssh-keyscan.8)
18* [sftp-server(8)](https://man.openbsd.org/sftp-server.8)
19 24
20## Stable Releases 25The PAM support is now more functional than the popular packages of
26commercial ssh-1.2.x. It checks "account" and "session" modules for
27all logins, not just when using password authentication.
21 28
22Stable release tarballs are available from a number of [download mirrors](https://www.openssh.com/portable.html#downloads). We recommend the use of a stable release for most users. Please read the [release notes](https://www.openssh.com/releasenotes.html) for details of recent changes and potential incompatibilities. 29OpenSSH depends on Zlib[3], OpenSSL[4], and optionally PAM[5] and
30libedit[6]
23 31
24## Building Portable OpenSSH 32There is now several mailing lists for this port of OpenSSH. Please
33refer to https://www.openssh.com/list.html for details on how to join.
25 34
26### Dependencies 35Please send bug reports and patches to the mailing list
36openssh-unix-dev@mindrot.org. The list is open to posting by unsubscribed
37users. Code contribution are welcomed, but please follow the OpenBSD
38style guidelines[7].
27 39
28Portable OpenSSH is built using autoconf and make. It requires a working C compiler, standard library and headers, as well as [zlib](https://www.zlib.net/) and ``libcrypto`` from either [LibreSSL](https://www.libressl.org/) or [OpenSSL](https://www.openssl.org) to build. Certain platforms and build-time options may require additional dependencies. 40Please refer to the INSTALL document for information on how to install
41OpenSSH on your system.
29 42
30### Building a release 43Damien Miller <djm@mindrot.org>
31 44
32Releases include a pre-built copy of the ``configure`` script and may be built using: 45Miscellania -
33 46
34``` 47This version of OpenSSH is based upon code retrieved from the OpenBSD
35tar zxvf openssh-X.Y.tar.gz 48CVS repository which in turn was based on the last free sample
36cd openssh 49implementation released by Tatu Ylonen.
37./configure # [options]
38make && make tests
39```
40 50
41See the [Build-time Customisation](#build-time-customisation) section below for configure options. If you plan on installing OpenSSH to your system, then you will usually want to specify destination paths. 51References -
42
43### Building from git
44 52
45If building from git, you'll need [autoconf](https://www.gnu.org/software/autoconf/) installed to build the ``configure`` script. The following commands will check out and build portable OpenSSH from git: 53[0] https://www.openssh.com/
46 54[1] http://www.lothar.com/tech/crypto/
47``` 55[2] http://prngd.sourceforge.net/
48git clone https://github.com/openssh/openssh-portable # or https://anongit.mindrot.org/openssh.git 56[3] https://www.zlib.net/
49cd openssh-portable 57[4] https://www.openssl.org/
50autoreconf 58[5] https://www.openpam.org
51./configure 59 https://www.kernel.org/pub/linux/libs/pam/
52make && make tests 60 (PAM also is standard on Solaris and HP-UX 11)
53``` 61[6] https://thrysoee.dk/editline/ (portable version)
54 62[7] https://man.openbsd.org/style.9
55### Build-time Customisation
56
57There are many build-time customisation options available. All Autoconf destination path flags (e.g. ``--prefix``) are supported (and are usually required if you want to install OpenSSH).
58
59For a full list of available flags, run ``configure --help`` but a few of the more frequently-used ones are described below. Some of these flags will require additional libraries and/or headers be installed.
60
61Flag | Meaning
62--- | ---
63``--with-pam`` | Enable [PAM](https://en.wikipedia.org/wiki/Pluggable_authentication_module) support. [OpenPAM](https://www.openpam.org/), [Linux PAM](http://www.linux-pam.org/) and Solaris PAM are supported.
64``--with-libedit`` | Enable [libedit](https://www.thrysoee.dk/editline/) support for sftp.
65``--with-kerberos5`` | Enable Kerberos/GSSAPI support. Both [Heimdal](https://www.h5l.org/) and [MIT](https://web.mit.edu/kerberos/) Kerberos implementations are supported.
66``--with-selinux`` | Enable [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) support.
67
68## Development
69
70Portable OpenSSH development is discussed on the [openssh-unix-dev mailing list](https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev) ([archive mirror](https://marc.info/?l=openssh-unix-dev)). Bugs and feature requests are tracked on our [Bugzilla](https://bugzilla.mindrot.org/).
71
72## Reporting bugs
73
74_Non-security_ bugs may be reported to the developers via [Bugzilla](https://bugzilla.mindrot.org/) or via the mailing list above. Security bugs should be reported to [openssh@openssh.com](mailto:openssh.openssh.com).