21 #define SSH_MAX_HOSTS_FILES 32
22 #define MAX_CANON_DOMAINS 32
23 #define PATH_MAX_SUN (sizeof((struct sockaddr_un *)0)->sun_path)
25 struct allowed_cname {
33 char *forward_agent_sock_path;
35 int forward_x11_timeout;
36 int forward_x11_trusted;
37 int exit_on_forward_failure;
39 struct ForwardOptions fwd_opts;
40 int pubkey_authentication;
41 int hostbased_authentication;
42 int gss_authentication;
46 int gss_renewal_rekey;
47 char *gss_client_identity;
48 char *gss_server_identity;
49 char *gss_kex_algorithms;
50 int password_authentication;
52 int kbd_interactive_authentication;
53 char *kbd_interactive_devices;
56 int strict_host_key_checking;
63 int ip_qos_interactive;
65 SyslogFacility log_facility;
67 u_int num_log_verbose;
71 int connection_attempts;
73 int connection_timeout;
75 int number_of_password_prompts;
79 char *hostkeyalgorithms;
81 char *ca_sign_algorithms;
90 u_int num_system_hostfiles;
91 char *system_hostfiles[SSH_MAX_HOSTS_FILES];
92 u_int num_user_hostfiles;
93 char *user_hostfiles[SSH_MAX_HOSTS_FILES];
94 char *preferred_authentications;
97 char *pkcs11_provider;
99 int verify_host_key_dns;
101 int num_identity_files;
102 char *identity_files[SSH_MAX_IDENTITY_FILES];
103 int identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
104 struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES];
106 int num_certificate_files;
107 char *certificate_files[SSH_MAX_CERTIFICATE_FILES];
108 int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES];
109 struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES];
111 int add_keys_to_agent;
112 int add_keys_to_agent_lifespan;
113 char *identity_agent;
116 int num_local_forwards;
117 struct Forward *local_forwards;
120 int num_remote_forwards;
121 struct Forward *remote_forwards;
122 int clear_forwardings;
125 char **permitted_remote_opens;
126 u_int num_permitted_remote_opens;
129 char *stdio_forward_host;
130 int stdio_forward_port;
132 int enable_ssh_keysign;
137 int disable_multithreaded;
140 int no_host_authentication_for_localhost;
142 int server_alive_interval;
143 int server_alive_count_max;
153 int control_persist_timeout;
155 int hash_known_hosts;
162 int permit_local_command;
163 char *remote_command;
169 int fork_after_authentication;
171 int proxy_use_fdpass;
173 int num_canonical_domains;
174 char *canonical_domains[MAX_CANON_DOMAINS];
175 int canonicalize_hostname;
176 int canonicalize_max_dots;
177 int canonicalize_fallback_local;
178 int num_permitted_cnames;
179 struct allowed_cname permitted_cnames[MAX_CANON_DOMAINS];
181 char *revoked_host_keys;
183 int fingerprint_hash;
187 char *hostbased_accepted_algos;
188 char *pubkey_accepted_algos;
195 char *known_hosts_command;
197 int required_rsa_size;
198 int enable_escape_commandline;
200 char *ignored_unknown;
203 #define SSH_PUBKEY_AUTH_NO 0x00
204 #define SSH_PUBKEY_AUTH_UNBOUND 0x01
205 #define SSH_PUBKEY_AUTH_HBOUND 0x02
206 #define SSH_PUBKEY_AUTH_ALL 0x03
208 #define SSH_CANONICALISE_NO 0
209 #define SSH_CANONICALISE_YES 1
210 #define SSH_CANONICALISE_ALWAYS 2
212 #define SSHCTL_MASTER_NO 0
213 #define SSHCTL_MASTER_YES 1
214 #define SSHCTL_MASTER_AUTO 2
215 #define SSHCTL_MASTER_ASK 3
216 #define SSHCTL_MASTER_AUTO_ASK 4
218 #define REQUEST_TTY_AUTO 0
219 #define REQUEST_TTY_NO 1
220 #define REQUEST_TTY_YES 2
221 #define REQUEST_TTY_FORCE 3
223 #define SESSION_TYPE_NONE 0
224 #define SESSION_TYPE_SUBSYSTEM 1
225 #define SESSION_TYPE_DEFAULT 2
227 #define SSHCONF_CHECKPERM 1
228 #define SSHCONF_USERCONF 2
229 #define SSHCONF_FINAL 4
230 #define SSHCONF_NEVERMATCH 8
232 #define SSH_UPDATE_HOSTKEYS_NO 0
233 #define SSH_UPDATE_HOSTKEYS_YES 1
234 #define SSH_UPDATE_HOSTKEYS_ASK 2
236 #define SSH_STRICT_HOSTKEY_OFF 0
237 #define SSH_STRICT_HOSTKEY_NEW 1
238 #define SSH_STRICT_HOSTKEY_YES 2
239 #define SSH_STRICT_HOSTKEY_ASK 3
241 const char *kex_default_pk_alg(
void);
242 char *ssh_connection_hash(
const char *thishost,
const char *host,
243 const char *portstr,
const char *user);
244 void initialize_options(Options *);
245 int fill_default_options(Options *);
246 void fill_default_options_for_canonicalization(Options *);
247 void free_options(Options *o);
248 int process_config_line(Options *,
struct passwd *,
const char *,
249 const char *,
char *,
const char *,
int,
int *,
int);
250 int read_config_file(
const char *,
struct passwd *,
const char *,
251 const char *, Options *,
int,
int *);
252 int parse_forward(
struct Forward *,
const char *,
int,
int);
253 int parse_jump(
const char *, Options *,
int);
254 int parse_ssh_uri(
const char *,
char **,
char **,
int *);
255 int default_ssh_port(
void);
256 int option_clear_or_none(
const char *);
257 int config_has_permitted_cnames(Options *);
258 void dump_client_config(Options *o,
const char *host);
260 void add_local_forward(Options *,
const struct Forward *);
261 void add_remote_forward(Options *,
const struct Forward *);
262 void add_identity_file(Options *,
const char *,
const char *,
int);
263 void add_certificate_file(Options *,
const char *,
int);