mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-25 11:37:56 +00:00
d4af9e693f
I have worked hard to reduce diffs against the vendor branch. One notable change in that respect is that we no longer prefer DSA over RSA - the reasons for doing so went away years ago. This may cause some surprises, as ssh will warn about unknown host keys even for hosts whose keys haven't changed. MFC after: 6 weeks |
||
---|---|---|
.. | ||
openbsd-compat | ||
aclocal.m4 | ||
acss.c | ||
acss.h | ||
addrmatch.c | ||
atomicio.c | ||
atomicio.h | ||
audit-bsm.c | ||
audit.c | ||
audit.h | ||
auth1.c | ||
auth2-chall.c | ||
auth2-gss.c | ||
auth2-hostbased.c | ||
auth2-kbdint.c | ||
auth2-none.c | ||
auth2-passwd.c | ||
auth2-pubkey.c | ||
auth2.c | ||
auth-bsdauth.c | ||
auth-chall.c | ||
auth-krb5.c | ||
auth-options.c | ||
auth-options.h | ||
auth-pam.c | ||
auth-pam.h | ||
auth-passwd.c | ||
auth-rh-rsa.c | ||
auth-rhosts.c | ||
auth-rsa.c | ||
auth-shadow.c | ||
auth-sia.c | ||
auth-sia.h | ||
auth-skey.c | ||
auth.c | ||
auth.h | ||
authfd.c | ||
authfd.h | ||
authfile.c | ||
authfile.h | ||
bufaux.c | ||
bufbn.c | ||
buffer.c | ||
buffer.h | ||
canohost.c | ||
canohost.h | ||
ChangeLog | ||
channels.c | ||
channels.h | ||
cipher-3des1.c | ||
cipher-acss.c | ||
cipher-aes.c | ||
cipher-bf1.c | ||
cipher-ctr.c | ||
cipher.c | ||
cipher.h | ||
cleanup.c | ||
clientloop.c | ||
clientloop.h | ||
compat.c | ||
compat.h | ||
compress.c | ||
compress.h | ||
config.guess | ||
config.h | ||
config.h.in | ||
crc32.c | ||
crc32.h | ||
CREDITS | ||
deattack.c | ||
deattack.h | ||
defines.h | ||
dh.c | ||
dh.h | ||
dispatch.c | ||
dispatch.h | ||
dns.c | ||
dns.h | ||
entropy.c | ||
entropy.h | ||
fatal.c | ||
fixpaths | ||
fixprogs | ||
FREEBSD-tricks | ||
FREEBSD-upgrade | ||
FREEBSD-vendor | ||
groupaccess.c | ||
groupaccess.h | ||
gss-genr.c | ||
gss-serv-krb5.c | ||
gss-serv.c | ||
hostfile.c | ||
hostfile.h | ||
includes.h | ||
INSTALL | ||
kex.c | ||
kex.h | ||
kexdh.c | ||
kexdhc.c | ||
kexdhs.c | ||
kexgex.c | ||
kexgexc.c | ||
kexgexs.c | ||
key.c | ||
key.h | ||
LICENCE | ||
log.c | ||
log.h | ||
loginrec.c | ||
loginrec.h | ||
logintest.c | ||
mac.c | ||
mac.h | ||
match.c | ||
match.h | ||
md5crypt.c | ||
md5crypt.h | ||
md-sha256.c | ||
misc.c | ||
misc.h | ||
mkinstalldirs | ||
moduli | ||
moduli.5 | ||
moduli.c | ||
monitor_fdpass.c | ||
monitor_fdpass.h | ||
monitor_mm.c | ||
monitor_mm.h | ||
monitor_wrap.c | ||
monitor_wrap.h | ||
monitor.c | ||
monitor.h | ||
msg.c | ||
msg.h | ||
mux.c | ||
myproposal.h | ||
nchan.c | ||
OVERVIEW | ||
packet.c | ||
packet.h | ||
pathnames.h | ||
platform.c | ||
platform.h | ||
progressmeter.c | ||
progressmeter.h | ||
PROTOCOL | ||
PROTOCOL.agent | ||
readconf.c | ||
readconf.h | ||
README | ||
README.dns | ||
README.platform | ||
README.privsep | ||
README.smartcard | ||
README.tun | ||
readpass.c | ||
rijndael.c | ||
rijndael.h | ||
rsa.c | ||
rsa.h | ||
scard-opensc.c | ||
scard.c | ||
scard.h | ||
scp.1 | ||
scp.c | ||
servconf.c | ||
servconf.h | ||
serverloop.c | ||
serverloop.h | ||
session.c | ||
session.h | ||
sftp-client.c | ||
sftp-client.h | ||
sftp-common.c | ||
sftp-common.h | ||
sftp-glob.c | ||
sftp-server-main.c | ||
sftp-server.8 | ||
sftp-server.c | ||
sftp.1 | ||
sftp.c | ||
sftp.h | ||
ssh1.h | ||
ssh2.h | ||
ssh_config | ||
ssh_config.5 | ||
ssh_namespace.h | ||
ssh-add.1 | ||
ssh-add.c | ||
ssh-agent.1 | ||
ssh-agent.c | ||
ssh-dss.c | ||
ssh-gss.h | ||
ssh-keygen.1 | ||
ssh-keygen.c | ||
ssh-keyscan.1 | ||
ssh-keyscan.c | ||
ssh-keysign.8 | ||
ssh-keysign.c | ||
ssh-rand-helper.8 | ||
ssh-rand-helper.c | ||
ssh-rsa.c | ||
ssh.1 | ||
ssh.c | ||
ssh.h | ||
sshconnect1.c | ||
sshconnect2.c | ||
sshconnect.c | ||
sshconnect.h | ||
sshd_config | ||
sshd_config.5 | ||
sshd.8 | ||
sshd.c | ||
sshlogin.c | ||
sshlogin.h | ||
sshpty.c | ||
sshpty.h | ||
sshtty.c | ||
TODO | ||
ttymodes.c | ||
ttymodes.h | ||
uidswap.c | ||
uidswap.h | ||
umac.c | ||
umac.h | ||
uuencode.c | ||
uuencode.h | ||
version.c | ||
version.h | ||
WARNING.RNG | ||
xmalloc.c | ||
xmalloc.h |
See http://www.openssh.com/txt/release-5.1 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html - Thanks to HARUYAMA Seigo <haruyama@unixuser.org> This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other Unices. OpenSSH is based on the last free version of Tatu Ylonen's sample implementation with all patent-encumbered algorithms removed (to external libraries), all known security bugs fixed, new features reintroduced and many other clean-ups. OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a homepage at http://www.openssh.com/ This port consists of the re-introduction of autoconf support, PAM support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are (regrettably) absent from other unices. This port has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X, NetBSD, OpenBSD, OpenServer, Solaris, Unicos, and UnixWare. This version actively tracks changes in the OpenBSD CVS repository. The PAM support is now more functional than the popular packages of commercial ssh-1.2.x. It checks "account" and "session" modules for all logins, not just when using password authentication. OpenSSH depends on Zlib[3], OpenSSL[4] and optionally PAM[5]. There is now several mailing lists for this port of OpenSSH. Please refer to http://www.openssh.com/list.html for details on how to join. Please send bug reports and patches to the mailing list openssh-unix-dev@mindrot.org. The list is open to posting by unsubscribed users.Code contribution are welcomed, but please follow the OpenBSD style guidelines[6]. Please refer to the INSTALL document for information on how to install OpenSSH on your system. There are a number of differences between this port of OpenSSH and F-Secure SSH 1.x, please refer to the OpenSSH FAQ[7] for details and general tips. Damien Miller <djm@mindrot.org> Miscellania - This version of OpenSSH is based upon code retrieved from the OpenBSD CVS repository which in turn was based on the last free sample implementation released by Tatu Ylonen. References - [0] http://www.openssh.com/faq.html [1] http://www.lothar.com/tech/crypto/ [2] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html [3] http://www.gzip.org/zlib/ [4] http://www.openssl.org/ [5] http://www.openpam.org http://www.kernel.org/pub/linux/libs/pam/ (PAM also is standard on Solaris and HP-UX 11) [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html $Id: README,v 1.69 2008/07/21 08:21:52 djm Exp $