xref: /freebsd/crypto/openssh/ssh.h (revision 41059135ce931c0f1014a999ffabc6bc470ce856)
1 /* $OpenBSD: ssh.h,v 1.83 2015/12/11 03:19:09 djm Exp $ */
2 
3 /*
4  * Author: Tatu Ylonen <ylo@cs.hut.fi>
5  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6  *                    All rights reserved
7  *
8  * As far as I am concerned, the code I have written for this software
9  * can be used freely for any purpose.  Any derived versions of this
10  * software must be clearly marked as such, and if the derived work is
11  * incompatible with the protocol description in the RFC file, it must be
12  * called by a name other than "ssh" or "Secure Shell".
13  */
14 
15 /* Cipher used for encrypting authentication files. */
16 #define SSH_AUTHFILE_CIPHER	SSH_CIPHER_3DES
17 
18 /* Default port number. */
19 #define SSH_DEFAULT_PORT	22
20 
21 /*
22  * Maximum number of certificate files that can be specified
23  * in configuration files or on the command line.
24  */
25 #define SSH_MAX_CERTIFICATE_FILES	100
26 
27 /*
28  * Maximum number of RSA authentication identity files that can be specified
29  * in configuration files or on the command line.
30  */
31 #define SSH_MAX_IDENTITY_FILES		100
32 
33 /*
34  * Maximum length of lines in authorized_keys file.
35  * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
36  * some room for options and comments.
37  */
38 #define SSH_MAX_PUBKEY_BYTES		16384
39 
40 /*
41  * Major protocol version.  Different version indicates major incompatibility
42  * that prevents communication.
43  *
44  * Minor protocol version.  Different version indicates minor incompatibility
45  * that does not prevent interoperation.
46  */
47 #define PROTOCOL_MAJOR_1	1
48 #define PROTOCOL_MINOR_1	5
49 
50 /* We support both SSH1 and SSH2 */
51 #define PROTOCOL_MAJOR_2	2
52 #define PROTOCOL_MINOR_2	0
53 
54 /*
55  * Name for the service.  The port named by this service overrides the
56  * default port if present.
57  */
58 #define SSH_SERVICE_NAME	"ssh"
59 
60 /*
61  * Name of the environment variable containing the process ID of the
62  * authentication agent.
63  */
64 #define SSH_AGENTPID_ENV_NAME	"SSH_AGENT_PID"
65 
66 /*
67  * Name of the environment variable containing the pathname of the
68  * authentication socket.
69  */
70 #define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
71 
72 /*
73  * Environment variable for overwriting the default location of askpass
74  */
75 #define SSH_ASKPASS_ENV		"SSH_ASKPASS"
76 
77 /*
78  * Force host key length and server key length to differ by at least this
79  * many bits.  This is to make double encryption with rsaref work.
80  */
81 #define SSH_KEY_BITS_RESERVED		128
82 
83 /*
84  * Length of the session key in bytes.  (Specified as 256 bits in the
85  * protocol.)
86  */
87 #define SSH_SESSION_KEY_LENGTH		32
88 
89 /* Used to identify ``EscapeChar none'' */
90 #define SSH_ESCAPECHAR_NONE		-2
91 
92 /*
93  * unprivileged user when UsePrivilegeSeparation=yes;
94  * sshd will change its privileges to this user and its
95  * primary group.
96  */
97 #ifndef SSH_PRIVSEP_USER
98 #define SSH_PRIVSEP_USER		"sshd"
99 #endif
100 
101 /* Minimum modulus size (n) for RSA keys. */
102 #define SSH_RSA_MINIMUM_MODULUS_SIZE	768
103 
104 /* Listen backlog for sshd, ssh-agent and forwarding sockets */
105 #define SSH_LISTEN_BACKLOG		128
106