1 files changed, 91 insertions, 13 deletions
diff --git a/sshd.8 b/sshd.8
index 85da7c4a1..78f4ea10f 100644
--- a/sshd.8
+++ b/sshd.8
@@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 21:55:14 1995 ylo
 .\"
-.\" $Id: sshd.8,v 1.20 2000/05/01 23:23:46 damien Exp $
+.\" $Id: sshd.8,v 1.21 2000/05/07 02:03:20 damien Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSHD 8
@@ -46,9 +46,14 @@ daemon for each incoming connection.
 The forked daemons handle
 key exchange, encryption, authentication, command execution,
 and data exchange.
-.Pp
+This implementation of
+.Nm
+supports both SSH protocol version 1 and 2 simultaneously.
 .Nm
 works as follows.
+.Pp
+.Ss SSH protocol version 1
+.Pp
 Each host has a host-specific RSA key
 (normally 1024 bits) used to identify the host.
 Additionally, when
@@ -59,7 +64,7 @@ is never stored on disk.
 Whenever a client connects the daemon responds with its public
 host and server keys.
 The client compares the
-host key against its own database to verify that it has not changed.
+RSA host key against its own database to verify that it has not changed.
 The client then generates a 256 bit random number.
 It encrypts this
 random number using both the host key and the server key, and sends
@@ -97,6 +102,28 @@ and
 .Xr rsh 1
 into the machine).
 .Pp
+.Ss SSH protocol version 2
+.Pp
+Version 2 works similar:
+Each host has a host-specific DSA key used to identify the host.
+However, when the daemon starts, it does not generate a server key.
+Forward security is provided through a Diffie-Hellman key agreement.
+This key agreement results in a shared session key.
+The rest of the session is encrypted
+using a symmetric cipher, currently
+Blowfish, 3DES or CAST128 in CBC mode or Arcfour.
+The client selects the encryption algorithm
+to use from those offered by the server.
+Additionally, session integrity is provided
+through a crytographic message authentication code
+(hmac-sha1 or hmac-md5).
+.Pp
+Protocol version 2 provides a public key based
+user authentication method (DSAAuthentication)
+and conventional password authentication.
+.Pp
+.Ss Command execution and data forwarding
+.Pp
 If the client successfully authenticates itself, a dialog for
 preparing the session is entered.
 At this time the client may request
@@ -148,7 +175,7 @@ If the client fails to authenticate the user within
 this many seconds, the server disconnects and exits.
 A value of zero indicates no limit.
 .It Fl h Ar host_key_file
-Specifies the file from which the host key is read (default
+Specifies the file from which the RSA host key is read (default
 .Pa /etc/ssh_host_key ) .
 This option must be given if
 .Nm
@@ -280,12 +307,34 @@ and
 can be used as wildcards in the patterns.
 Only user names are valid, a numerical user ID isn't recognized.
 By default login is allowed regardless of the user name.
+.It Cm DSAAuthentication
+Specifies whether DSA authentication is allowed.
+The default is
+.Dq yes .
+Note that this option applies to protocol version 2 only.
+.It Cm GatewayPorts
+Specifies whether remote hosts are allowed to connect to ports
+forwarded for the client.
+The argument must be
+.Dq yes
+or
+.Dq no .
+The default is
+.Dq no .
+.It Cm HostDsaKey
+Specifies the file containing the private DSA host key (default
+.Pa /etc/ssh_host_dsa_key )
+used by SSH protocol 2.0.
+Note that
+.Nm
+disables protcol 2.0 if this file is group/world-accessible.
 .It Cm HostKey
-Specifies the file containing the private host key (default
+Specifies the file containing the private RSA host key (default
-.Pa /etc/ssh_host_key ) .
+.Pa /etc/ssh_host_key )
+used by SSH protocols 1.3 and 1.5.
 Note that
 .Nm
-does not start if this file is group/world-accessible.
+disables protcols 1.3 and 1.5 if this file is group/world-accessible.
 .It Cm IgnoreRhosts
 Specifies that
 .Pa .rhosts
@@ -390,6 +439,7 @@ and is not recommended.
 Specifies whether password authentication is allowed.
 The default is
 .Dq yes .
+Note that this option applies to both protocol version 1 and 2.
 .It Cm PermitEmptyPasswords
 When password authentication is allowed, it specifies whether the
 server allows login to accounts with empty password strings.
@@ -471,6 +521,7 @@ The default is
 Specifies whether pure RSA authentication is allowed.
 The default is
 .Dq yes .
+Note that this option applies to protocol version 1 only.
 .It Cm ServerKeyBits
 Defines the number of bits in the server key.
 The minimum value is 512, and the default is 768.
@@ -568,7 +619,11 @@ Runs user's shell or command.
 The
 .Pa $HOME/.ssh/authorized_keys
 file lists the RSA keys that are
-permitted for RSA authentication.
+permitted for RSA authentication in SSH protocols 1.3 and 1.5
+Similarily, the
+.Pa $HOME/.ssh/authorized_keys2
+file lists the DSA keys that are
+permitted for DSA authentication in SSH protocol 2.0.
 Each line of the file contains one
 key (empty lines and lines starting with a
 .Ql #
@@ -655,9 +710,11 @@ from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula
 command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi
 .Sh SSH_KNOWN_HOSTS FILE FORMAT
 The
-.Pa /etc/ssh_known_hosts
+.Pa /etc/ssh_known_hosts ,
+.Pa /etc/ssh_known_hosts2 ,
+.Pa $HOME/.ssh/known_hosts ,
 and
-.Pa $HOME/.ssh/known_hosts
+.Pa $HOME/.ssh/known_hosts2
 files contain host public keys for all known hosts.
 The global file should
 be prepared by the administrator (optional), and the per-user file is
@@ -678,7 +735,7 @@ to indicate negation: if the host name matches a negated
 pattern, it is not accepted (by that line) even if it matched another
 pattern on the line.
 .Pp
-Bits, exponent, and modulus are taken directly from the host key; they
+Bits, exponent, and modulus are taken directly from the RSA host key; they
 can be obtained, e.g., from
 .Pa /etc/ssh_host_key.pub .
 The optional comment field continues to the end of the line, and is not used.
@@ -744,6 +801,21 @@ it being world-readable if the user's home directory resides on an NFS
 volume).
 It is recommended that it not be accessible by others.
 The format of this file is described above.
+Users will place the contents of their
+.Pa identity.pub
+files into this file, as described in
+.Xr ssh-keygen 1 .
+.It Pa $HOME/.ssh/authorized_keys2
+Lists the DSA keys that can be used to log into the user's account.
+This file must be readable by root (which may on some machines imply
+it being world-readable if the user's home directory resides on an NFS
+volume).
+It is recommended that it not be accessible by others.
+The format of this file is described above.
+Users will place the contents of their
+.Pa id_dsa.pub
+files into this file, as described in
+.Xr ssh-keygen 1 .
 .It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts"
 These files are consulted when using rhosts with RSA host
 authentication to check the public key of the host.
@@ -875,6 +947,7 @@ but with bugs removed and newer features re-added.
 Rapidly after the
 1.2.12 release, newer versions of the original ssh bore successively
 more restrictive licenses, and thus demand for a free version was born.
+.Pp
 This version of OpenSSH
 .Bl -bullet
 .It
@@ -883,8 +956,8 @@ directly removed from the source code; any licensed or patented components
 are chosen from
 external libraries.
 .It
-has been updated to support ssh protocol 1.5, making it compatible with
+has been updated to support SSH protocol 1.5 and 2, making it compatible with
-all other ssh protocol 1 clients and servers.
+all other SSH clients and servers.
 .It
 contains added support for
 .Xr kerberos 8
@@ -893,6 +966,11 @@ authentication and ticket passing.
 supports one-time password authentication with
 .Xr skey 1 .
 .El
+.Pp
+OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl,
+Niels Provos, Theo de Raadt, and Dug Song.
+.Pp
+The support for SSH protocol 2 was written by Markus Friedl.
 .Sh SEE ALSO
 .Xr scp 1 ,
 .Xr ssh 1 ,

diff --git a/sshd.8 b/sshd.8 index 85da7c4a1..78f4ea10f 100644 --- a/sshd.8 +++ b/sshd.8
@@ -9,7 +9,7 @@
9	.\"	9	.\"
10	.\" Created: Sat Apr 22 21:55:14 1995 ylo	10	.\" Created: Sat Apr 22 21:55:14 1995 ylo
11	.\"	11	.\"
12	.\" $Id: sshd.8,v 1.20 2000/05/01 23:23:46 damien Exp $	12	.\" $Id: sshd.8,v 1.21 2000/05/07 02:03:20 damien Exp $
13	.\"	13	.\"
14	.Dd September 25, 1999	14	.Dd September 25, 1999
15	.Dt SSHD 8	15	.Dt SSHD 8
@@ -46,9 +46,14 @@ daemon for each incoming connection.
46	The forked daemons handle	46	The forked daemons handle
47	key exchange, encryption, authentication, command execution,	47	key exchange, encryption, authentication, command execution,
48	and data exchange.	48	and data exchange.
49	.Pp	49	This implementation of
		50	.Nm
		51	supports both SSH protocol version 1 and 2 simultaneously.
50	.Nm	52	.Nm
51	works as follows.	53	works as follows.
		54	.Pp
		55	.Ss SSH protocol version 1
		56	.Pp
52	Each host has a host-specific RSA key	57	Each host has a host-specific RSA key
53	(normally 1024 bits) used to identify the host.	58	(normally 1024 bits) used to identify the host.
54	Additionally, when	59	Additionally, when
@@ -59,7 +64,7 @@ is never stored on disk.
59	Whenever a client connects the daemon responds with its public	64	Whenever a client connects the daemon responds with its public
60	host and server keys.	65	host and server keys.
61	The client compares the	66	The client compares the
62	host key against its own database to verify that it has not changed.	67	RSA host key against its own database to verify that it has not changed.
63	The client then generates a 256 bit random number.	68	The client then generates a 256 bit random number.
64	It encrypts this	69	It encrypts this
65	random number using both the host key and the server key, and sends	70	random number using both the host key and the server key, and sends
@@ -97,6 +102,28 @@ and
97	.Xr rsh 1	102	.Xr rsh 1
98	into the machine).	103	into the machine).
99	.Pp	104	.Pp
		105	.Ss SSH protocol version 2
		106	.Pp
		107	Version 2 works similar:
		108	Each host has a host-specific DSA key used to identify the host.
		109	However, when the daemon starts, it does not generate a server key.
		110	Forward security is provided through a Diffie-Hellman key agreement.
		111	This key agreement results in a shared session key.
		112	The rest of the session is encrypted
		113	using a symmetric cipher, currently
		114	Blowfish, 3DES or CAST128 in CBC mode or Arcfour.
		115	The client selects the encryption algorithm
		116	to use from those offered by the server.
		117	Additionally, session integrity is provided
		118	through a crytographic message authentication code
		119	(hmac-sha1 or hmac-md5).
		120	.Pp
		121	Protocol version 2 provides a public key based
		122	user authentication method (DSAAuthentication)
		123	and conventional password authentication.
		124	.Pp
		125	.Ss Command execution and data forwarding
		126	.Pp
100	If the client successfully authenticates itself, a dialog for	127	If the client successfully authenticates itself, a dialog for
101	preparing the session is entered.	128	preparing the session is entered.
102	At this time the client may request	129	At this time the client may request
@@ -148,7 +175,7 @@ If the client fails to authenticate the user within
148	this many seconds, the server disconnects and exits.	175	this many seconds, the server disconnects and exits.
149	A value of zero indicates no limit.	176	A value of zero indicates no limit.
150	.It Fl h Ar host_key_file	177	.It Fl h Ar host_key_file
151	Specifies the file from which the host key is read (default	178	Specifies the file from which the RSA host key is read (default
152	.Pa /etc/ssh_host_key ) .	179	.Pa /etc/ssh_host_key ) .
153	This option must be given if	180	This option must be given if
154	.Nm	181	.Nm
@@ -280,12 +307,34 @@ and
280	can be used as wildcards in the patterns.	307	can be used as wildcards in the patterns.
281	Only user names are valid, a numerical user ID isn't recognized.	308	Only user names are valid, a numerical user ID isn't recognized.
282	By default login is allowed regardless of the user name.	309	By default login is allowed regardless of the user name.
		310	.It Cm DSAAuthentication
		311	Specifies whether DSA authentication is allowed.
		312	The default is
		313	.Dq yes .
		314	Note that this option applies to protocol version 2 only.
		315	.It Cm GatewayPorts
		316	Specifies whether remote hosts are allowed to connect to ports
		317	forwarded for the client.
		318	The argument must be
		319	.Dq yes
		320	or
		321	.Dq no .
		322	The default is
		323	.Dq no .
		324	.It Cm HostDsaKey
		325	Specifies the file containing the private DSA host key (default
		326	.Pa /etc/ssh_host_dsa_key )
		327	used by SSH protocol 2.0.
		328	Note that
		329	.Nm
		330	disables protcol 2.0 if this file is group/world-accessible.
283	.It Cm HostKey	331	.It Cm HostKey
284	Specifies the file containing the private host key (default	332	Specifies the file containing the private RSA host key (default
285	.Pa /etc/ssh_host_key ) .	333	.Pa /etc/ssh_host_key )
		334	used by SSH protocols 1.3 and 1.5.
286	Note that	335	Note that
287	.Nm	336	.Nm
288	does not start if this file is group/world-accessible.	337	disables protcols 1.3 and 1.5 if this file is group/world-accessible.
289	.It Cm IgnoreRhosts	338	.It Cm IgnoreRhosts
290	Specifies that	339	Specifies that
291	.Pa .rhosts	340	.Pa .rhosts
@@ -390,6 +439,7 @@ and is not recommended.
390	Specifies whether password authentication is allowed.	439	Specifies whether password authentication is allowed.
391	The default is	440	The default is
392	.Dq yes .	441	.Dq yes .
		442	Note that this option applies to both protocol version 1 and 2.
393	.It Cm PermitEmptyPasswords	443	.It Cm PermitEmptyPasswords
394	When password authentication is allowed, it specifies whether the	444	When password authentication is allowed, it specifies whether the
395	server allows login to accounts with empty password strings.	445	server allows login to accounts with empty password strings.
@@ -471,6 +521,7 @@ The default is
471	Specifies whether pure RSA authentication is allowed.	521	Specifies whether pure RSA authentication is allowed.
472	The default is	522	The default is
473	.Dq yes .	523	.Dq yes .
		524	Note that this option applies to protocol version 1 only.
474	.It Cm ServerKeyBits	525	.It Cm ServerKeyBits
475	Defines the number of bits in the server key.	526	Defines the number of bits in the server key.
476	The minimum value is 512, and the default is 768.	527	The minimum value is 512, and the default is 768.
@@ -568,7 +619,11 @@ Runs user's shell or command.
568	The	619	The
569	.Pa $HOME/.ssh/authorized_keys	620	.Pa $HOME/.ssh/authorized_keys
570	file lists the RSA keys that are	621	file lists the RSA keys that are
571	permitted for RSA authentication.	622	permitted for RSA authentication in SSH protocols 1.3 and 1.5
		623	Similarily, the
		624	.Pa $HOME/.ssh/authorized_keys2
		625	file lists the DSA keys that are
		626	permitted for DSA authentication in SSH protocol 2.0.
572	Each line of the file contains one	627	Each line of the file contains one
573	key (empty lines and lines starting with a	628	key (empty lines and lines starting with a
574	.Ql #	629	.Ql #
@@ -655,9 +710,11 @@ from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\\|.\\|.\\|2334 ylo@niksula
655	command="dump /home",no-pty,no-port-forwarding 1024 33 23.\\|.\\|.\\|2323 backup.hut.fi	710	command="dump /home",no-pty,no-port-forwarding 1024 33 23.\\|.\\|.\\|2323 backup.hut.fi
656	.Sh SSH_KNOWN_HOSTS FILE FORMAT	711	.Sh SSH_KNOWN_HOSTS FILE FORMAT
657	The	712	The
658	.Pa /etc/ssh_known_hosts	713	.Pa /etc/ssh_known_hosts ,
		714	.Pa /etc/ssh_known_hosts2 ,
		715	.Pa $HOME/.ssh/known_hosts ,
659	and	716	and
660	.Pa $HOME/.ssh/known_hosts	717	.Pa $HOME/.ssh/known_hosts2
661	files contain host public keys for all known hosts.	718	files contain host public keys for all known hosts.
662	The global file should	719	The global file should
663	be prepared by the administrator (optional), and the per-user file is	720	be prepared by the administrator (optional), and the per-user file is
@@ -678,7 +735,7 @@ to indicate negation: if the host name matches a negated
678	pattern, it is not accepted (by that line) even if it matched another	735	pattern, it is not accepted (by that line) even if it matched another
679	pattern on the line.	736	pattern on the line.
680	.Pp	737	.Pp
681	Bits, exponent, and modulus are taken directly from the host key; they	738	Bits, exponent, and modulus are taken directly from the RSA host key; they
682	can be obtained, e.g., from	739	can be obtained, e.g., from
683	.Pa /etc/ssh_host_key.pub .	740	.Pa /etc/ssh_host_key.pub .
684	The optional comment field continues to the end of the line, and is not used.	741	The optional comment field continues to the end of the line, and is not used.
@@ -744,6 +801,21 @@ it being world-readable if the user's home directory resides on an NFS
744	volume).	801	volume).
745	It is recommended that it not be accessible by others.	802	It is recommended that it not be accessible by others.
746	The format of this file is described above.	803	The format of this file is described above.
		804	Users will place the contents of their
		805	.Pa identity.pub
		806	files into this file, as described in
		807	.Xr ssh-keygen 1 .
		808	.It Pa $HOME/.ssh/authorized_keys2
		809	Lists the DSA keys that can be used to log into the user's account.
		810	This file must be readable by root (which may on some machines imply
		811	it being world-readable if the user's home directory resides on an NFS
		812	volume).
		813	It is recommended that it not be accessible by others.
		814	The format of this file is described above.
		815	Users will place the contents of their
		816	.Pa id_dsa.pub
		817	files into this file, as described in
		818	.Xr ssh-keygen 1 .
747	.It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts"	819	.It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts"
748	These files are consulted when using rhosts with RSA host	820	These files are consulted when using rhosts with RSA host
749	authentication to check the public key of the host.	821	authentication to check the public key of the host.
@@ -875,6 +947,7 @@ but with bugs removed and newer features re-added.
875	Rapidly after the	947	Rapidly after the
876	1.2.12 release, newer versions of the original ssh bore successively	948	1.2.12 release, newer versions of the original ssh bore successively
877	more restrictive licenses, and thus demand for a free version was born.	949	more restrictive licenses, and thus demand for a free version was born.
		950	.Pp
878	This version of OpenSSH	951	This version of OpenSSH
879	.Bl -bullet	952	.Bl -bullet
880	.It	953	.It
@@ -883,8 +956,8 @@ directly removed from the source code; any licensed or patented components
883	are chosen from	956	are chosen from
884	external libraries.	957	external libraries.
885	.It	958	.It
886	has been updated to support ssh protocol 1.5, making it compatible with	959	has been updated to support SSH protocol 1.5 and 2, making it compatible with
887	all other ssh protocol 1 clients and servers.	960	all other SSH clients and servers.
888	.It	961	.It
889	contains added support for	962	contains added support for
890	.Xr kerberos 8	963	.Xr kerberos 8
@@ -893,6 +966,11 @@ authentication and ticket passing.
893	supports one-time password authentication with	966	supports one-time password authentication with
894	.Xr skey 1 .	967	.Xr skey 1 .
895	.El	968	.El
		969	.Pp
		970	OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl,
		971	Niels Provos, Theo de Raadt, and Dug Song.
		972	.Pp
		973	The support for SSH protocol 2 was written by Markus Friedl.
896	.Sh SEE ALSO	974	.Sh SEE ALSO
897	.Xr scp 1 ,	975	.Xr scp 1 ,
898	.Xr ssh 1 ,	976	.Xr ssh 1 ,