21 #define SSH_MAX_HOSTS_FILES 32
22 #define MAX_CANON_DOMAINS 32
23 #define PATH_MAX_SUN (sizeof((struct sockaddr_un *)0)->sun_path)
25 struct allowed_cname {
32 char *forward_agent_sock_path;
34 int forward_x11_timeout;
35 int forward_x11_trusted;
36 int exit_on_forward_failure;
38 struct ForwardOptions fwd_opts;
39 int pubkey_authentication;
40 int hostbased_authentication;
41 int gss_authentication;
45 int gss_renewal_rekey;
46 char *gss_client_identity;
47 char *gss_server_identity;
48 char *gss_kex_algorithms;
49 int password_authentication;
51 int kbd_interactive_authentication;
52 char *kbd_interactive_devices;
55 int strict_host_key_checking;
62 int ip_qos_interactive;
64 SyslogFacility log_facility;
66 u_int num_log_verbose;
70 int connection_attempts;
72 int connection_timeout;
74 int number_of_password_prompts;
78 char *hostkeyalgorithms;
80 char *ca_sign_algorithms;
89 u_int num_system_hostfiles;
90 char *system_hostfiles[SSH_MAX_HOSTS_FILES];
91 u_int num_user_hostfiles;
92 char *user_hostfiles[SSH_MAX_HOSTS_FILES];
93 char *preferred_authentications;
96 char *pkcs11_provider;
98 int verify_host_key_dns;
100 int num_identity_files;
101 char *identity_files[SSH_MAX_IDENTITY_FILES];
102 int identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
103 struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES];
105 int num_certificate_files;
106 char *certificate_files[SSH_MAX_CERTIFICATE_FILES];
107 int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES];
108 struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES];
110 int add_keys_to_agent;
111 int add_keys_to_agent_lifespan;
112 char *identity_agent;
115 int num_local_forwards;
116 struct Forward *local_forwards;
119 int num_remote_forwards;
120 struct Forward *remote_forwards;
121 int clear_forwardings;
124 char **permitted_remote_opens;
125 u_int num_permitted_remote_opens;
128 char *stdio_forward_host;
129 int stdio_forward_port;
131 int enable_ssh_keysign;
136 int disable_multithreaded;
139 int no_host_authentication_for_localhost;
141 int server_alive_interval;
142 int server_alive_count_max;
152 int control_persist_timeout;
154 int hash_known_hosts;
161 int permit_local_command;
162 char *remote_command;
168 int fork_after_authentication;
170 int proxy_use_fdpass;
172 int num_canonical_domains;
173 char *canonical_domains[MAX_CANON_DOMAINS];
174 int canonicalize_hostname;
175 int canonicalize_max_dots;
176 int canonicalize_fallback_local;
177 int num_permitted_cnames;
178 struct allowed_cname permitted_cnames[MAX_CANON_DOMAINS];
180 char *revoked_host_keys;
182 int fingerprint_hash;
186 char *hostbased_accepted_algos;
187 char *pubkey_accepted_algos;
194 char *known_hosts_command;
196 char *ignored_unknown;
199 #define SSH_CANONICALISE_NO 0
200 #define SSH_CANONICALISE_YES 1
201 #define SSH_CANONICALISE_ALWAYS 2
203 #define SSHCTL_MASTER_NO 0
204 #define SSHCTL_MASTER_YES 1
205 #define SSHCTL_MASTER_AUTO 2
206 #define SSHCTL_MASTER_ASK 3
207 #define SSHCTL_MASTER_AUTO_ASK 4
209 #define REQUEST_TTY_AUTO 0
210 #define REQUEST_TTY_NO 1
211 #define REQUEST_TTY_YES 2
212 #define REQUEST_TTY_FORCE 3
214 #define SESSION_TYPE_NONE 0
215 #define SESSION_TYPE_SUBSYSTEM 1
216 #define SESSION_TYPE_DEFAULT 2
218 #define SSHCONF_CHECKPERM 1
219 #define SSHCONF_USERCONF 2
220 #define SSHCONF_FINAL 4
221 #define SSHCONF_NEVERMATCH 8
223 #define SSH_UPDATE_HOSTKEYS_NO 0
224 #define SSH_UPDATE_HOSTKEYS_YES 1
225 #define SSH_UPDATE_HOSTKEYS_ASK 2
227 #define SSH_STRICT_HOSTKEY_OFF 0
228 #define SSH_STRICT_HOSTKEY_NEW 1
229 #define SSH_STRICT_HOSTKEY_YES 2
230 #define SSH_STRICT_HOSTKEY_ASK 3
232 const char *kex_default_pk_alg(
void);
233 char *ssh_connection_hash(
const char *thishost,
const char *host,
234 const char *portstr,
const char *user);
235 void initialize_options(Options *);
236 int fill_default_options(Options *);
237 void fill_default_options_for_canonicalization(Options *);
238 void free_options(Options *o);
239 int process_config_line(Options *,
struct passwd *,
const char *,
240 const char *,
char *,
const char *,
int,
int *,
int);
241 int read_config_file(
const char *,
struct passwd *,
const char *,
242 const char *, Options *,
int,
int *);
243 int parse_forward(
struct Forward *,
const char *,
int,
int);
244 int parse_jump(
const char *, Options *,
int);
245 int parse_ssh_uri(
const char *,
char **,
char **,
int *);
246 int default_ssh_port(
void);
247 int option_clear_or_none(
const char *);
248 void dump_client_config(Options *o,
const char *host);
250 void add_local_forward(Options *,
const struct Forward *);
251 void add_remote_forward(Options *,
const struct Forward *);
252 void add_identity_file(Options *,
const char *,
const char *,
int);
253 void add_certificate_file(Options *,
const char *,
int);