xref: /netbsd-src/crypto/external/bsd/openssh/dist/ssh.h (revision ee85abc4170216bcc479236cf33e956766cf9eb4) 
1 /*	$NetBSD: ssh.h,v 1.8 2016/12/25 00:07:47 christos Exp $	*/
2 /* $OpenBSD: ssh.h,v 1.83 2015/12/11 03:19:09 djm Exp $ */
3 
4 /*
5  * Author: Tatu Ylonen <ylo@cs.hut.fi>
6  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7  *                    All rights reserved
8  *
9  * As far as I am concerned, the code I have written for this software
10  * can be used freely for any purpose.  Any derived versions of this
11  * software must be clearly marked as such, and if the derived work is
12  * incompatible with the protocol description in the RFC file, it must be
13  * called by a name other than "ssh" or "Secure Shell".
14  */
15 
16 /* Cipher used for encrypting authentication files. */
17 #define SSH_AUTHFILE_CIPHER	SSH_CIPHER_3DES
18 
19 /* Default port number. */
20 #define SSH_DEFAULT_PORT	22
21 
22 /*
23  * Maximum number of certificate files that can be specified
24  * in configuration files or on the command line.
25  */
26 #define SSH_MAX_CERTIFICATE_FILES	100
27 
28 /*
29  * Maximum number of RSA authentication identity files that can be specified
30  * in configuration files or on the command line.
31  */
32 #define SSH_MAX_IDENTITY_FILES		100
33 
34 /*
35  * Maximum length of lines in authorized_keys file.
36  * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
37  * some room for options and comments.
38  */
39 #define SSH_MAX_PUBKEY_BYTES		16384
40 
41 /*
42  * Major protocol version.  Different version indicates major incompatibility
43  * that prevents communication.
44  *
45  * Minor protocol version.  Different version indicates minor incompatibility
46  * that does not prevent interoperation.
47  */
48 #define PROTOCOL_MAJOR_1	1
49 #define PROTOCOL_MINOR_1	5
50 
51 /* We support both SSH1 and SSH2 */
52 #define PROTOCOL_MAJOR_2	2
53 #define PROTOCOL_MINOR_2	0
54 
55 /*
56  * Name for the service.  The port named by this service overrides the
57  * default port if present.
58  */
59 #define SSH_SERVICE_NAME	"ssh"
60 
61 /*
62  * Name of the environment variable containing the process ID of the
63  * authentication agent.
64  */
65 #define SSH_AGENTPID_ENV_NAME	"SSH_AGENT_PID"
66 
67 /*
68  * Name of the environment variable containing the pathname of the
69  * authentication socket.
70  */
71 #define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
72 
73 /*
74  * Environment variable for overwriting the default location of askpass
75  */
76 #define SSH_ASKPASS_ENV		"SSH_ASKPASS"
77 
78 /*
79  * Force host key length and server key length to differ by at least this
80  * many bits.  This is to make double encryption with rsaref work.
81  */
82 #define SSH_KEY_BITS_RESERVED		128
83 
84 /*
85  * Length of the session key in bytes.  (Specified as 256 bits in the
86  * protocol.)
87  */
88 #define SSH_SESSION_KEY_LENGTH		32
89 
90 /* Used to identify ``EscapeChar none'' */
91 #define SSH_ESCAPECHAR_NONE		-2
92 
93 /* Name of Kerberos service for SSH to use. */
94 #define KRB4_SERVICE_NAME		"rcmd"
95 
96 /*
97  * unprivileged user when UsePrivilegeSeparation=yes;
98  * sshd will change its privileges to this user and its
99  * primary group.
100  */
101 #define SSH_PRIVSEP_USER		"sshd"
102 
103 /* Minimum modulus size (n) for RSA keys. */
104 #define SSH_RSA_MINIMUM_MODULUS_SIZE	768
105 
106 /* Listen backlog for sshd, ssh-agent and forwarding sockets */
107 #define SSH_LISTEN_BACKLOG		128
108