xref: /freebsd/crypto/openssh/ssh.h (revision a03411e84728e9b267056fd31c7d1d9d1dc1b01e)
1 /* $OpenBSD: ssh.h,v 1.90 2020/07/14 23:57:01 djm Exp $ */
2 
3 /*
4  * Author: Tatu Ylonen <ylo@cs.hut.fi>
5  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6  *                    All rights reserved
7  *
8  * As far as I am concerned, the code I have written for this software
9  * can be used freely for any purpose.  Any derived versions of this
10  * software must be clearly marked as such, and if the derived work is
11  * incompatible with the protocol description in the RFC file, it must be
12  * called by a name other than "ssh" or "Secure Shell".
13  */
14 
15 /* Cipher used for encrypting authentication files. */
16 #define SSH_AUTHFILE_CIPHER	SSH_CIPHER_3DES
17 
18 /* Default port number. */
19 #define SSH_DEFAULT_PORT	22
20 
21 /*
22  * Maximum number of certificate files that can be specified
23  * in configuration files or on the command line.
24  */
25 #define SSH_MAX_CERTIFICATE_FILES	100
26 
27 /*
28  * Maximum number of RSA authentication identity files that can be specified
29  * in configuration files or on the command line.
30  */
31 #define SSH_MAX_IDENTITY_FILES		100
32 
33 /*
34  * Major protocol version.  Different version indicates major incompatibility
35  * that prevents communication.
36  *
37  * Minor protocol version.  Different version indicates minor incompatibility
38  * that does not prevent interoperation.
39  */
40 #define PROTOCOL_MAJOR_1	1
41 #define PROTOCOL_MINOR_1	5
42 
43 /* We support only SSH2 */
44 #define PROTOCOL_MAJOR_2	2
45 #define PROTOCOL_MINOR_2	0
46 
47 /*
48  * Name for the service.  The port named by this service overrides the
49  * default port if present.
50  */
51 #define SSH_SERVICE_NAME	"ssh"
52 
53 /*
54  * Name of the environment variable containing the process ID of the
55  * authentication agent.
56  */
57 #define SSH_AGENTPID_ENV_NAME	"SSH_AGENT_PID"
58 
59 /*
60  * Name of the environment variable containing the pathname of the
61  * authentication socket.
62  */
63 #define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
64 
65 /*
66  * Environment variable for overwriting the default location of askpass
67  */
68 #define SSH_ASKPASS_ENV		"SSH_ASKPASS"
69 
70 /*
71  * Environment variable to control whether or not askpass is used.
72  */
73 #define SSH_ASKPASS_REQUIRE_ENV		"SSH_ASKPASS_REQUIRE"
74 
75 /*
76  * Force host key length and server key length to differ by at least this
77  * many bits.  This is to make double encryption with rsaref work.
78  */
79 #define SSH_KEY_BITS_RESERVED		128
80 
81 /*
82  * Length of the session key in bytes.  (Specified as 256 bits in the
83  * protocol.)
84  */
85 #define SSH_SESSION_KEY_LENGTH		32
86 
87 /* Used to identify ``EscapeChar none'' */
88 #define SSH_ESCAPECHAR_NONE		-2
89 
90 /*
91  * unprivileged user when UsePrivilegeSeparation=yes;
92  * sshd will change its privileges to this user and its
93  * primary group.
94  */
95 #ifndef SSH_PRIVSEP_USER
96 #define SSH_PRIVSEP_USER		"sshd"
97 #endif
98 
99 /* Listen backlog for sshd, ssh-agent and forwarding sockets */
100 #define SSH_LISTEN_BACKLOG		128
101 
102 /* Limits for banner exchange */
103 #define SSH_MAX_BANNER_LEN		8192
104 #define SSH_MAX_PRE_BANNER_LINES	1024
105