xref: /netbsd-src/crypto/external/bsd/openssh/dist/ssh.h (revision bbde328be4e75ea9ad02e9715ea13ca54b797ada) 
1 /*	$NetBSD: ssh.h,v 1.2 2009/06/07 22:38:47 christos Exp $	*/
2 /* $OpenBSD: ssh.h,v 1.78 2006/08/03 03:34:42 deraadt Exp $ */
3 
4 /*
5  * Author: Tatu Ylonen <ylo@cs.hut.fi>
6  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7  *                    All rights reserved
8  *
9  * As far as I am concerned, the code I have written for this software
10  * can be used freely for any purpose.  Any derived versions of this
11  * software must be clearly marked as such, and if the derived work is
12  * incompatible with the protocol description in the RFC file, it must be
13  * called by a name other than "ssh" or "Secure Shell".
14  */
15 
16 /* Cipher used for encrypting authentication files. */
17 #define SSH_AUTHFILE_CIPHER	SSH_CIPHER_3DES
18 
19 /* Default port number. */
20 #define SSH_DEFAULT_PORT	22
21 
22 /* Maximum number of TCP/IP ports forwarded per direction. */
23 #define SSH_MAX_FORWARDS_PER_DIRECTION	100
24 
25 /*
26  * Maximum number of RSA authentication identity files that can be specified
27  * in configuration files or on the command line.
28  */
29 #define SSH_MAX_IDENTITY_FILES		100
30 
31 /*
32  * Maximum length of lines in authorized_keys file.
33  * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
34  * some room for options and comments.
35  */
36 #define SSH_MAX_PUBKEY_BYTES		8192
37 
38 /*
39  * Major protocol version.  Different version indicates major incompatibility
40  * that prevents communication.
41  *
42  * Minor protocol version.  Different version indicates minor incompatibility
43  * that does not prevent interoperation.
44  */
45 #define PROTOCOL_MAJOR_1	1
46 #define PROTOCOL_MINOR_1	5
47 
48 /* We support both SSH1 and SSH2 */
49 #define PROTOCOL_MAJOR_2	2
50 #define PROTOCOL_MINOR_2	0
51 
52 /*
53  * Name for the service.  The port named by this service overrides the
54  * default port if present.
55  */
56 #define SSH_SERVICE_NAME	"ssh"
57 
58 /*
59  * Name of the environment variable containing the process ID of the
60  * authentication agent.
61  */
62 #define SSH_AGENTPID_ENV_NAME	"SSH_AGENT_PID"
63 
64 /*
65  * Name of the environment variable containing the pathname of the
66  * authentication socket.
67  */
68 #define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
69 
70 /*
71  * Environment variable for overwriting the default location of askpass
72  */
73 #define SSH_ASKPASS_ENV		"SSH_ASKPASS"
74 
75 /*
76  * Force host key length and server key length to differ by at least this
77  * many bits.  This is to make double encryption with rsaref work.
78  */
79 #define SSH_KEY_BITS_RESERVED		128
80 
81 /*
82  * Length of the session key in bytes.  (Specified as 256 bits in the
83  * protocol.)
84  */
85 #define SSH_SESSION_KEY_LENGTH		32
86 
87 /* Used to identify ``EscapeChar none'' */
88 #define SSH_ESCAPECHAR_NONE		-2
89 
90 /* Name of Kerberos service for SSH to use. */
91 #define KRB4_SERVICE_NAME		"rcmd"
92 
93 /*
94  * unprivileged user when UsePrivilegeSeparation=yes;
95  * sshd will change its privileges to this user and its
96  * primary group.
97  */
98 #define SSH_PRIVSEP_USER		"sshd"
99 
100 /* Minimum modulus size (n) for RSA keys. */
101 #define SSH_RSA_MINIMUM_MODULUS_SIZE	768
102 
103 /* Listen backlog for sshd, ssh-agent and forwarding sockets */
104 #define SSH_LISTEN_BACKLOG		128
105