diff -ruN openssh-3.6.1p1/acconfig.h openssh-3.6.1p1+x509g/acconfig.h --- openssh-3.6.1p1/acconfig.h 2003-03-10 02:38:10.000000000 +0200 +++ openssh-3.6.1p1+x509g/acconfig.h 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.149 2003/03/10 00:38:10 djm Exp $ */ +/* $Id$*/ #ifndef _CONFIG_H #define _CONFIG_H @@ -292,6 +292,9 @@ /* Specify default $PATH */ #undef USER_PATH +/* Specify location of ssh CA root */ +#undef SSHCADIR + /* Specify location of ssh.pid */ #undef _PATH_SSH_PIDDIR diff -ruN openssh-3.6.1p1/auth2-pubkey.c openssh-3.6.1p1+x509g/auth2-pubkey.c --- openssh-3.6.1p1/auth2-pubkey.c 2002-06-06 23:27:56.000000000 +0300 +++ openssh-3.6.1p1+x509g/auth2-pubkey.c 2003-04-05 09:06:01.000000000 +0300 @@ -1,5 +1,7 @@ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. + * X509 certificates support, + * Copyright (c) 2003 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-pubkey.c,v 1.2 2002/05/31 11:35:15 markus Exp $"); +RCSID("$OpenBSD$"); #include "ssh2.h" #include "xmalloc.h" @@ -40,6 +42,7 @@ #include "auth-options.h" #include "canohost.h" #include "monitor_wrap.h" +#include "ssh-x509.h" /* import */ extern ServerOptions options; @@ -244,6 +247,13 @@ fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); verbose("Found matching %s key: %s", key_type(found), fp); + if ((key->type == KEY_X509_RSA) || + (key->type == KEY_X509_DSA)) { + if (ssh_x509store_check(key->x509) != 1) { + found_key = 0; + verbose("x509store reject matching key"); + } + } xfree(fp); break; } diff -ruN openssh-3.6.1p1/authfd.c openssh-3.6.1p1+x509g/authfd.c --- openssh-3.6.1p1/authfd.c 2003-01-24 02:36:23.000000000 +0200 +++ openssh-3.6.1p1+x509g/authfd.c 2003-04-05 09:06:01.000000000 +0300 @@ -12,6 +12,8 @@ * * SSH2 implementation, * Copyright (c) 2000 Markus Friedl. All rights reserved. + * X509 certificate support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -35,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.58 2003/01/23 13:50:27 markus Exp $"); +RCSID("$OpenBSD$"); #include @@ -474,6 +476,7 @@ buffer_put_cstring(b, key_ssh_name(key)); switch (key->type) { case KEY_RSA: + case KEY_X509_RSA: buffer_put_bignum2(b, key->rsa->n); buffer_put_bignum2(b, key->rsa->e); buffer_put_bignum2(b, key->rsa->d); @@ -482,6 +485,7 @@ buffer_put_bignum2(b, key->rsa->q); break; case KEY_DSA: + case KEY_X509_DSA: buffer_put_bignum2(b, key->dsa->p); buffer_put_bignum2(b, key->dsa->q); buffer_put_bignum2(b, key->dsa->g); @@ -489,6 +493,21 @@ buffer_put_bignum2(b, key->dsa->priv_key); break; } + if ((key->type == KEY_X509_RSA) || (key->type == KEY_X509_DSA)) { + int len; + void* str; + unsigned char *p; + + len = i2d_X509(key->x509, NULL); + str = xmalloc(len); + if (str == NULL) + { error("ssh_encode_identity_ssh2: out of memory"); return; } + + p = str; + i2d_X509(key->x509, &p); + buffer_put_string(b, str, len); + xfree(str); + } buffer_put_cstring(b, comment); } @@ -516,6 +535,8 @@ break; case KEY_RSA: case KEY_DSA: + case KEY_X509_RSA: + case KEY_X509_DSA: type = constrained ? SSH2_AGENTC_ADD_ID_CONSTRAINED : SSH2_AGENTC_ADD_IDENTITY; @@ -570,7 +591,7 @@ buffer_put_int(&msg, BN_num_bits(key->rsa->n)); buffer_put_bignum(&msg, key->rsa->e); buffer_put_bignum(&msg, key->rsa->n); - } else if (key->type == KEY_DSA || key->type == KEY_RSA) { + } else if (key->type == KEY_DSA || key->type == KEY_RSA || key->type == KEY_X509_DSA || key->type == KEY_X509_RSA ) { key_to_blob(key, &blob, &blen); buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY); buffer_put_string(&msg, blob, blen); diff -ruN openssh-3.6.1p1/authfile.c openssh-3.6.1p1+x509g/authfile.c --- openssh-3.6.1p1/authfile.c 2003-03-15 02:36:18.000000000 +0200 +++ openssh-3.6.1p1+x509g/authfile.c 2003-04-05 09:06:01.000000000 +0300 @@ -13,6 +13,8 @@ * * * Copyright (c) 2000 Markus Friedl. All rights reserved. + * X509 certificate support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -36,7 +38,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.52 2003/03/13 11:42:18 markus Exp $"); +RCSID("$OpenBSD$"); #include #include @@ -51,6 +53,7 @@ #include "log.h" #include "authfile.h" #include "rsa.h" +#include "ssh-x509.h" /* Version identification string for SSH v1 identity files. */ static const char authfile_id_string[] = @@ -195,6 +198,10 @@ success = PEM_write_RSAPrivateKey(fp, key->rsa, cipher, passphrase, len, NULL, NULL); break; + case KEY_X509_RSA: + case KEY_X509_DSA: + success = x509key_save_pem(fp, key, cipher, passphrase, len); + break; } fclose(fp); return success; @@ -211,6 +218,8 @@ break; case KEY_DSA: case KEY_RSA: + case KEY_X509_RSA: + case KEY_X509_DSA: return key_save_private_pem(key, filename, passphrase, comment); break; @@ -447,6 +456,7 @@ Key *prv = NULL; char *name = ""; + debug("read PEM private key begin"); fp = fdopen(fd, "r"); if (fp == NULL) { error("fdopen failed: %s", strerror(errno)); @@ -484,6 +494,8 @@ error("PEM_read_PrivateKey: mismatch or " "unknown EVP_PKEY save_type %d", pk->save_type); } + if (prv) + x509key_load_cert(prv, fp); fclose(fp); if (pk != NULL) EVP_PKEY_free(pk); @@ -629,6 +641,7 @@ Key *pub; char file[MAXPATHLEN]; + debug3("key_load_public(%.200s,...)", filename); pub = key_load_public_type(KEY_RSA1, filename, commentp); if (pub != NULL) return pub; diff -ruN openssh-3.6.1p1/config.h.in openssh-3.6.1p1+x509g/config.h.in --- openssh-3.6.1p1/config.h.in 2003-04-01 14:57:29.000000000 +0300 +++ openssh-3.6.1p1+x509g/config.h.in 2003-04-05 09:06:01.000000000 +0300 @@ -1,5 +1,5 @@ /* config.h.in. Generated from configure.ac by autoheader. */ -/* $Id: acconfig.h,v 1.149 2003/03/10 00:38:10 djm Exp $ */ +/* $Id$*/ #ifndef _CONFIG_H #define _CONFIG_H @@ -292,6 +292,9 @@ /* Specify default $PATH */ #undef USER_PATH +/* Specify location of ssh CA root */ +#undef SSHCADIR + /* Specify location of ssh.pid */ #undef _PATH_SSH_PIDDIR diff -ruN openssh-3.6.1p1/configure openssh-3.6.1p1+x509g/configure --- openssh-3.6.1p1/configure 2003-04-01 14:57:28.000000000 +0300 +++ openssh-3.6.1p1+x509g/configure 2003-04-05 09:06:02.000000000 +0300 @@ -874,6 +874,7 @@ --with-ipv4-default Use IPv4 by connections unless '-6' specified --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses --with-bsd-auth Enable BSD auth support + --with-sshca-dir=PATH Specify location of ssh CA root --with-pid-dir=PATH Specify location of ssh.pid file --with-lastlog=FILE|DIR specify lastlog location common locations @@ -9096,6 +9097,66 @@ rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi +# Check vulnerable for ASN.1 encoding errors OpenSSL version. +# see http://www.openssl.org/news/secadv_20020730.txt +echo "$as_me:$LINENO: checking for ASN.1 encoding errors vulnerable OpenSSL version" >&5 +echo $ECHO_N "checking for ASN.1 encoding errors vulnerable OpenSSL version... $ECHO_C" >&6 +if test "$cross_compiling" = yes; then + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 +echo "$as_me: error: cannot run test program while cross compiling" >&2;} + { (exit 1); exit 1; }; } +else + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + +#include +#include + +int main(void) { + unsigned long ssl_ver = SSLeay(); + /* 0.9.6X where X > e */ + if ((0x0090606fL <= ssl_ver) && (ssl_ver <= 0x00906fffL)) + exit (0); + /* 0.9.7X where X > beta2 */ + if ((0x00907003L <= ssl_ver)) + exit (0); + exit (1); + return (1); +} + +_ACEOF +rm -f conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +( exit $ac_status ) + + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + { echo "$as_me:$LINENO: WARNING: Your OpenSSL library might is vulnerable for ASN.1 encoding errors" >&5 +echo "$as_me: WARNING: Your OpenSSL library might is vulnerable for ASN.1 encoding errors" >&2;} + + +fi +rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi + # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the # version in OpenSSL. Skip this for PAM if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then @@ -16674,6 +16735,33 @@ fi; +# Where to place ssh CA root +sshcadir='${sysconfdir}/ca' +sshcadir=`eval echo ${sshcadir}` +sshcadir=`eval echo ${sshcadir}` +case $sshcadir in + NONE/*) sshcadir=`echo $sshcadir | sed "s~NONE~$ac_default_prefix~"` ;; +esac + + +# Check whether --with-sshca-dir or --without-sshca-dir was given. +if test "${with_sshca_dir+set}" = set; then + withval="$with_sshca_dir" + + if test "x$withval" != "xno" ; then + sshcadir=$withval + fi + + +fi; + +cat >>confdefs.h <<_ACEOF +#define SSHCADIR "$sshcadir" +_ACEOF + + + + # Where to place sshd.pid piddir=/var/run # make sure the directory exists @@ -17217,7 +17305,7 @@ fi -ac_config_files="$ac_config_files Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds" +ac_config_files="$ac_config_files Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds tests/CA/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -17694,6 +17782,7 @@ "openbsd-compat/Makefile" ) CONFIG_FILES="$CONFIG_FILES openbsd-compat/Makefile" ;; "scard/Makefile" ) CONFIG_FILES="$CONFIG_FILES scard/Makefile" ;; "ssh_prng_cmds" ) CONFIG_FILES="$CONFIG_FILES ssh_prng_cmds" ;; + "tests/CA/Makefile" ) CONFIG_FILES="$CONFIG_FILES tests/CA/Makefile" ;; "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 echo "$as_me: error: invalid argument: $ac_config_target" >&2;} @@ -17835,6 +17924,7 @@ s,@MANTYPE@,$MANTYPE,;t t s,@mansubdir@,$mansubdir,;t t s,@user_path@,$user_path,;t t +s,@sshcadir@,$sshcadir,;t t s,@piddir@,$piddir,;t t CEOF @@ -18300,6 +18390,7 @@ echo " User binaries: $B" echo " System binaries: $C" echo " Configuration files: $D" +echo " CA root: $sshcadir" echo " Askpass program: $E" echo " Manual pages: $F" echo " PID file: $G" diff -ruN openssh-3.6.1p1/configure.ac openssh-3.6.1p1+x509g/configure.ac --- openssh-3.6.1p1/configure.ac 2003-03-21 03:18:09.000000000 +0200 +++ openssh-3.6.1p1+x509g/configure.ac 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.113 2003/03/21 01:18:09 mouring Exp $ +# $Id$ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -904,6 +904,35 @@ ] ) +# Check vulnerable for ASN.1 encoding errors OpenSSL version. +# see http://www.openssl.org/news/secadv_20020730.txt +AC_MSG_CHECKING([for ASN.1 encoding errors vulnerable OpenSSL version]) +AC_TRY_RUN( + [ +#include +#include + +int main(void) { + unsigned long ssl_ver = SSLeay(); + /* 0.9.6X where X > e */ + if ((0x0090606fL <= ssl_ver) && (ssl_ver <= 0x00906fffL)) + exit (0); + /* 0.9.7X where X > beta2 */ + if ((0x00907003L <= ssl_ver)) + exit (0); + exit (1); + return (1); +} + ], + [ + AC_MSG_RESULT(no) + ], + [ + AC_MSG_RESULT(yes) + AC_MSG_WARN(Your OpenSSL library might is vulnerable for ASN.1 encoding errors) + ] +) + # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the # version in OpenSSL. Skip this for PAM if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then @@ -2226,6 +2255,27 @@ ] ) +# Where to place ssh CA root +sshcadir='${sysconfdir}/ca' +sshcadir=`eval echo ${sshcadir}` +sshcadir=`eval echo ${sshcadir}` +case $sshcadir in + NONE/*) sshcadir=`echo $sshcadir | sed "s~NONE~$ac_default_prefix~"` ;; +esac + +AC_ARG_WITH(sshca-dir, + [ --with-sshca-dir=PATH Specify location of ssh CA root], + [ + if test "x$withval" != "xno" ; then + sshcadir=$withval + fi + ] +) + +AC_DEFINE_UNQUOTED(SSHCADIR, "$sshcadir") +AC_SUBST(sshcadir) + + # Where to place sshd.pid piddir=/var/run # make sure the directory exists @@ -2486,7 +2536,7 @@ fi AC_EXEEXT -AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds]) +AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds tests/CA/Makefile]) AC_OUTPUT # Print summary of options @@ -2508,6 +2558,7 @@ echo " User binaries: $B" echo " System binaries: $C" echo " Configuration files: $D" +echo " CA root: $sshcadir" echo " Askpass program: $E" echo " Manual pages: $F" echo " PID file: $G" diff -ruN openssh-3.6.1p1/hostfile.c openssh-3.6.1p1+x509g/hostfile.c --- openssh-3.6.1p1/hostfile.c 2002-08-01 04:21:57.000000000 +0300 +++ openssh-3.6.1p1+x509g/hostfile.c 2003-04-05 09:06:01.000000000 +0300 @@ -13,6 +13,8 @@ * * Copyright (c) 1999, 2000 Markus Friedl. All rights reserved. * Copyright (c) 1999 Niels Provos. All rights reserved. + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -36,13 +38,14 @@ */ #include "includes.h" -RCSID("$OpenBSD: hostfile.c,v 1.30 2002/07/24 16:11:18 markus Exp $"); +RCSID("$OpenBSD$"); #include "packet.h" #include "match.h" #include "key.h" #include "hostfile.h" #include "log.h" +#include "ssh-x509.h" /* * Parses an RSA (number of bits, e, n) or DSA key from a string. Moves the @@ -221,7 +224,13 @@ if (!f) return 0; fprintf(f, "%s ", host); - if (key_write(key, f)) { + if ((key->type == KEY_X509_RSA) || (key->type == KEY_X509_DSA)) { + /* key_write will print x509 certificate in blob format :-( */ + success = x509key_write_subject(key, f); + } else { + success = key_write(key, f); + } + if (success) { success = 1; } else { error("add_host_to_hostfile: saving key in %s failed", filename); diff -ruN openssh-3.6.1p1/key.c openssh-3.6.1p1+x509g/key.c --- openssh-3.6.1p1/key.c 2003-02-24 03:01:41.000000000 +0200 +++ openssh-3.6.1p1+x509g/key.c 2003-04-05 09:06:01.000000000 +0300 @@ -10,6 +10,8 @@ * * * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -32,13 +34,14 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: key.c,v 1.51 2003/02/12 09:33:04 markus Exp $"); +RCSID("$OpenBSD$"); #include #include "xmalloc.h" #include "key.h" #include "rsa.h" +#include "ssh-x509.h" #include "uuencode.h" #include "buffer.h" #include "bufaux.h" @@ -55,9 +58,11 @@ k->flags = 0; k->dsa = NULL; k->rsa = NULL; + k->x509 = NULL; switch (k->type) { case KEY_RSA1: case KEY_RSA: + case KEY_X509_RSA: if ((rsa = RSA_new()) == NULL) fatal("key_new: RSA_new failed"); if ((rsa->n = BN_new()) == NULL) @@ -65,8 +70,13 @@ if ((rsa->e = BN_new()) == NULL) fatal("key_new: BN_new failed"); k->rsa = rsa; + if (k->type == KEY_X509_RSA) { + if ((k->x509 = X509_new()) == NULL) + fatal("key_new: X509_new failed"); + } break; case KEY_DSA: + case KEY_X509_DSA: if ((dsa = DSA_new()) == NULL) fatal("key_new: DSA_new failed"); if ((dsa->p = BN_new()) == NULL) @@ -78,6 +88,10 @@ if ((dsa->pub_key = BN_new()) == NULL) fatal("key_new: BN_new failed"); k->dsa = dsa; + if (k->type == KEY_X509_DSA) { + if ((k->x509 = X509_new()) == NULL) + fatal("key_new: X509_new failed"); + } break; case KEY_UNSPEC: break; @@ -95,6 +109,7 @@ switch (k->type) { case KEY_RSA1: case KEY_RSA: + case KEY_X509_RSA: if ((k->rsa->d = BN_new()) == NULL) fatal("key_new_private: BN_new failed"); if ((k->rsa->iqmp = BN_new()) == NULL) @@ -107,10 +122,25 @@ fatal("key_new_private: BN_new failed"); if ((k->rsa->dmp1 = BN_new()) == NULL) fatal("key_new_private: BN_new failed"); + if (k->type == KEY_X509_RSA) { + debug3("key_new_private: X509(rsa) MORE ...?"); + /* + if ((k->x509 = X509_new()) == NULL) + fatal("key_new: X509_new failed"); + */ + } break; case KEY_DSA: + case KEY_X509_DSA: if ((k->dsa->priv_key = BN_new()) == NULL) fatal("key_new_private: BN_new failed"); + if (k->type == KEY_X509_DSA) { + debug3("key_new_private: X509(dsa) MORE ...?"); + /* + if ((k->x509 = X509_new()) == NULL) + fatal("key_new: X509_new failed"); + */ + } break; case KEY_UNSPEC: break; @@ -135,6 +165,21 @@ DSA_free(k->dsa); k->dsa = NULL; break; + case KEY_X509_RSA: + case KEY_X509_DSA: + if (k->dsa != NULL) { + DSA_free(k->dsa); + k->dsa = NULL; + } + if (k->rsa != NULL) { + RSA_free(k->rsa); + k->rsa = NULL; + } + if (k->x509 != NULL) { + X509_free(k->x509); + k->x509 = NULL; + } + break; case KEY_UNSPEC: break; default: @@ -143,6 +188,7 @@ } xfree(k); } + int key_equal(Key *a, Key *b) { @@ -162,6 +208,10 @@ BN_cmp(a->dsa->g, b->dsa->g) == 0 && BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0; break; + case KEY_X509_RSA: + case KEY_X509_DSA: + return ssh_x509_equal(a, b) == 0; + break; default: fatal("key_equal: bad key type %d", a->type); break; @@ -203,6 +253,8 @@ break; case KEY_DSA: case KEY_RSA: + case KEY_X509_RSA: + case KEY_X509_DSA: key_to_blob(k, &blob, &len); break; case KEY_UNSPEC: @@ -406,6 +458,8 @@ case KEY_UNSPEC: case KEY_RSA: case KEY_DSA: + case KEY_X509_RSA: + case KEY_X509_DSA: space = strchr(cp, ' '); if (space == NULL) { debug3("key_read: missing whitespace"); @@ -430,6 +484,9 @@ debug3("key_read: type mismatch"); return -1; } + k = x509key_from_subject(type, cp); + if(k != NULL) + goto noblob; len = 2*strlen(cp); blob = xmalloc(len); n = uudecode(cp, blob, len); @@ -449,7 +506,30 @@ key_free(k); return -1; } +noblob: /*XXXX*/ + if (ret->type == KEY_X509_RSA || + ret->type == KEY_X509_DSA ) { + if (ret->rsa != NULL) + RSA_free(ret->rsa); + ret->rsa = k->rsa; + k->rsa = NULL; + if (ret->dsa != NULL) + DSA_free(ret->dsa); + ret->dsa = k->dsa; + k->dsa = NULL; + if (ret->x509 != NULL) + X509_free(ret->x509); + ret->x509 = k->x509; + k->x509 = NULL; +#ifdef DEBUG_PK + if (ret->type == KEY_X509_RSA) + RSA_print_fp(stderr, ret->rsa, 8); + else + DSA_print_fp(stderr, ret->dsa, 8); +#endif + success = 1; + } else if (ret->type == KEY_RSA) { if (ret->rsa != NULL) RSA_free(ret->rsa); @@ -516,6 +596,8 @@ } xfree(blob); xfree(uu); + } else if ( (key->type == KEY_X509_RSA) || (key->type == KEY_X509_DSA) ) { + success = x509key_write(key, f); } return success; } @@ -533,6 +615,14 @@ case KEY_DSA: return "DSA"; break; + case KEY_X509_RSA: + if(k->rsa) return "RSA+cert"; + return "X509(rsa)"; + break; + case KEY_X509_DSA: + if(k->dsa) return "DSA+cert"; + return "X509(dsa)"; + break; } return "unknown"; } @@ -547,6 +637,12 @@ case KEY_DSA: return "ssh-dss"; break; + case KEY_X509_RSA: + return "x509v3-sign-rsa"; + break; + case KEY_X509_DSA: + return "x509v3-sign-dss"; + break; } return "ssh-unknown"; } @@ -562,6 +658,10 @@ case KEY_DSA: return BN_num_bits(k->dsa->p); break; + case KEY_X509_RSA: + case KEY_X509_DSA: + return ssh_x509_key_size(k); + break; } return 0; } @@ -636,6 +736,7 @@ int key_type_from_name(char *name) { + debug3("call key_type_from_name(%.200s) ...", name); if (strcmp(name, "rsa1") == 0) { return KEY_RSA1; } else if (strcmp(name, "rsa") == 0) { @@ -646,6 +747,10 @@ return KEY_RSA; } else if (strcmp(name, "ssh-dss") == 0) { return KEY_DSA; + } else if (strcmp(name, "x509v3-sign-rsa") == 0) { + return KEY_X509_RSA; + } else if (strcmp(name, "x509v3-sign-dss") == 0) { + return KEY_X509_DSA; } debug2("key_type_from_name: unknown key type '%s'", name); return KEY_UNSPEC; @@ -680,14 +785,19 @@ char *ktype; int rlen, type; Key *key = NULL; + debug3("key_from_blob(..., %d)", blen); #ifdef DEBUG_PK dump_base64(stderr, blob, blen); #endif + if ((key = x509key_from_blob(blob, blen)) != NULL) { + return key; + } buffer_init(&b); buffer_append(&b, blob, blen); ktype = buffer_get_string(&b, NULL); type = key_type_from_name(ktype); + debug3("key_from_blob(..., ...) ktype=%.30s", ktype); switch (type) { case KEY_RSA: @@ -747,6 +857,11 @@ buffer_put_bignum2(&b, key->rsa->e); buffer_put_bignum2(&b, key->rsa->n); break; + case KEY_X509_RSA: + case KEY_X509_DSA: + if (!x509key_to_blob(key, &b)) + return 0; + break; default: error("key_to_blob: unsupported key type %d", key->type); buffer_free(&b); @@ -777,6 +892,10 @@ case KEY_RSA: return ssh_rsa_sign(key, sigp, lenp, data, datalen); break; + case KEY_X509_RSA: + case KEY_X509_DSA: + return ssh_x509_sign(key, sigp, lenp, data, datalen); + break; default: error("key_sign: illegal key type %d", key->type); return -1; @@ -804,6 +923,10 @@ case KEY_RSA: return ssh_rsa_verify(key, signature, signaturelen, data, datalen); break; + case KEY_X509_RSA: + case KEY_X509_DSA: + return ssh_x509_verify(key, signature, signaturelen, data, datalen); + break; default: error("key_verify: illegal key type %d", key->type); return -1; @@ -826,6 +949,7 @@ switch (k->type) { case KEY_RSA1: case KEY_RSA: + case KEY_X509_RSA: if ((pk->rsa = RSA_new()) == NULL) fatal("key_demote: RSA_new failed"); if ((pk->rsa->e = BN_dup(k->rsa->e)) == NULL) @@ -834,6 +958,7 @@ fatal("key_demote: BN_dup failed"); break; case KEY_DSA: + case KEY_X509_DSA: if ((pk->dsa = DSA_new()) == NULL) fatal("key_demote: DSA_new failed"); if ((pk->dsa->p = BN_dup(k->dsa->p)) == NULL) @@ -846,9 +971,19 @@ fatal("key_demote: BN_dup failed"); break; default: - fatal("key_free: bad key type %d", k->type); + fatal("key_demote: bad key type %d", k->type); break; } + switch (k->type) { + case KEY_X509_RSA: + case KEY_X509_DSA: + if(k->x509) { + if ((pk->x509 = X509_dup(k->x509)) == NULL) + fatal("key_demote: X509_dup failed"); + } else + fatal("key_demote: no X509 data"); + break; + } return (pk); } diff -ruN openssh-3.6.1p1/key.h openssh-3.6.1p1+x509g/key.h --- openssh-3.6.1p1/key.h 2003-02-24 03:01:41.000000000 +0200 +++ openssh-3.6.1p1+x509g/key.h 2003-04-05 09:06:00.000000000 +0300 @@ -1,7 +1,9 @@ -/* $OpenBSD: key.h,v 1.20 2003/02/12 09:33:04 markus Exp $ */ +/* $OpenBSD$ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -28,12 +30,15 @@ #include #include +#include typedef struct Key Key; enum types { KEY_RSA1, KEY_RSA, KEY_DSA, + KEY_X509_RSA, + KEY_X509_DSA, KEY_UNSPEC }; enum fp_type { @@ -53,6 +58,7 @@ int flags; RSA *rsa; DSA *dsa; + X509 *x509; }; Key *key_new(int); diff -ruN openssh-3.6.1p1/log.c openssh-3.6.1p1+x509g/log.c --- openssh-3.6.1p1/log.c 2003-01-14 13:22:43.000000000 +0200 +++ openssh-3.6.1p1+x509g/log.c 2003-04-05 09:06:01.000000000 +0300 @@ -34,7 +34,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: log.c,v 1.25 2003/01/11 18:29:43 markus Exp $"); +RCSID("$OpenBSD$"); #include "log.h" #include "xmalloc.h" @@ -334,6 +334,11 @@ } } +LogLevel +get_log_level(void) { + return log_level; +} + #define MSGBUFSIZ 1024 void diff -ruN openssh-3.6.1p1/log.h openssh-3.6.1p1+x509g/log.h --- openssh-3.6.1p1/log.h 2002-07-24 00:01:57.000000000 +0300 +++ openssh-3.6.1p1+x509g/log.h 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -/* $OpenBSD: log.h,v 1.8 2002/07/19 15:43:33 markus Exp $ */ +/* $OpenBSD$ */ /* * Author: Tatu Ylonen @@ -49,6 +49,7 @@ } LogLevel; void log_init(char *, LogLevel, SyslogFacility, int); +LogLevel get_log_level(void); SyslogFacility log_facility_number(char *); LogLevel log_level_number(char *); diff -ruN openssh-3.6.1p1/Makefile.in openssh-3.6.1p1+x509g/Makefile.in --- openssh-3.6.1p1/Makefile.in 2003-03-21 02:34:34.000000000 +0200 +++ openssh-3.6.1p1+x509g/Makefile.in 2003-04-05 09:06:01.000000000 +0300 @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.228 2003/03/21 00:34:34 mouring Exp $ +# $Id$ # uncomment if you run a non bourne compatable shell. Ie. csh #SHELL = @SH@ @@ -14,6 +14,7 @@ mandir=@mandir@ mansubdir=@mansubdir@ sysconfdir=@sysconfdir@ +sshcadir=@sshcadir@ piddir=@piddir@ srcdir=@srcdir@ top_srcdir=@top_srcdir@ @@ -30,6 +31,7 @@ STRIP_OPT=@STRIP_OPT@ PATHS= -DSSHDIR=\"$(sysconfdir)\" \ + -DSSHCADIR=\"$(sshcadir)\" \ -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ -D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \ @@ -58,6 +60,8 @@ INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@ INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@ +X509_OBJS=ssh-x509.o x509store.o + TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT) LIBSSH_OBJS=authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o \ @@ -67,7 +71,7 @@ key.o dispatch.o kex.o mac.o uuencode.o misc.o \ rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o kexgex.o \ kexdhc.o kexgexc.o scard.o msg.o progressmeter.o \ - entropy.o + entropy.o $(X509_OBJS) SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect1.o sshconnect2.o @@ -100,6 +104,10 @@ -e 's|/etc/ssh/ssh_host_key|$(sysconfdir)/ssh_host_key|g' \ -e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \ -e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \ + -e 's|/etc/ssh/ca/ca-bundle.crt|$(sshcadir)/ca-bundle.crt|g' \ + -e 's|/etc/ssh/ca/crt|$(sshcadir)/crt|g' \ + -e 's|/etc/ssh/ca/ca-bundle.crl|$(sshcadir)/ca-bundle.crl|g' \ + -e 's|/etc/ssh/ca/crl|$(sshcadir)/crl|g' \ -e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \ -e 's|/etc/ssh/moduli|$(sysconfdir)/moduli|g' \ -e 's|/etc/sshrc|$(sysconfdir)/sshrc|g' \ @@ -184,6 +192,7 @@ rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core (cd openbsd-compat && $(MAKE) clean) + (cd tests/CA && $(MAKE) clean) distclean: rm -f *.o *.a $(TARGETS) logintest config.cache config.log @@ -192,6 +201,7 @@ rm -rf autom4te.cache (cd openbsd-compat && $(MAKE) distclean) (cd scard && $(MAKE) distclean) + (cd tests/CA && $(MAKE) distclean) veryclean: rm -f configure config.h.in *.0 @@ -200,6 +210,7 @@ rm -f Makefile config.h config.status ssh_prng_cmds *~ (cd openbsd-compat && $(MAKE) distclean) (cd scard && $(MAKE) distclean) + (cd tests/CA && $(MAKE) distclean) mrproper: distclean @@ -233,6 +244,8 @@ $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5 $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8 $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir) + $(srcdir)/mkinstalldirs $(DESTDIR)$(sshcadir) + $(srcdir)/mkinstalldirs $(DESTDIR)$(piddir) (umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH)) $(INSTALL) -m 0755 $(STRIP_OPT) ssh $(DESTDIR)$(bindir)/ssh $(INSTALL) -m 0755 $(STRIP_OPT) scp $(DESTDIR)$(bindir)/scp @@ -359,3 +372,23 @@ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 + + +check: $(TARGETS) check-certs + +check-certs: + @if test ! -d "tests/CA"; then \ + mkdir -p "tests/CA" || exit 1; \ + fi + @BUILDDIR="`pwd`"; \ + ( cd "tests/CA" && \ + $(MAKE) \ + TEST_SSH_SSH="$${BUILDDIR}/ssh" \ + TEST_SSH_SSHD="$${BUILDDIR}/sshd" \ + TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent" \ + TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add" \ + TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen" \ + TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan" \ + TEST_SSH_SFTP="$${BUILDDIR}/sftp" \ + TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server" \ + $@ ) diff -ruN openssh-3.6.1p1/myproposal.h openssh-3.6.1p1+x509g/myproposal.h --- openssh-3.6.1p1/myproposal.h 2002-04-05 01:10:39.000000000 +0300 +++ openssh-3.6.1p1+x509g/myproposal.h 2003-04-05 09:06:00.000000000 +0300 @@ -1,7 +1,9 @@ -/* $OpenBSD: myproposal.h,v 1.14 2002/04/03 09:26:11 markus Exp $ */ +/* $OpenBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -24,7 +26,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1" -#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" +#define KEX_DEFAULT_PK_ALG "x509v3-sign-rsa,x509v3-sign-dss,ssh-rsa,ssh-dss" #define KEX_DEFAULT_ENCRYPT \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \ "aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se" diff -ruN openssh-3.6.1p1/pathnames.h openssh-3.6.1p1+x509g/pathnames.h --- openssh-3.6.1p1/pathnames.h 2002-06-06 22:57:34.000000000 +0300 +++ openssh-3.6.1p1+x509g/pathnames.h 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.13 2002/05/23 19:24:30 markus Exp $ */ +/* $OpenBSD$ */ /* * Author: Tatu Ylonen @@ -10,6 +10,29 @@ * software must be clearly marked as such, and if the derived work is * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". + * + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #define ETCDIR "/etc" @@ -167,3 +190,20 @@ #ifndef ASKPASS_PROGRAM #define ASKPASS_PROGRAM "/usr/lib/ssh/ssh-askpass" #endif /* ASKPASS_PROGRAM */ + + +#ifndef SSHCADIR +#define SSHCADIR SSHDIR "/ca" +#endif + +/* x509 user store */ +#define _PATH_USERCA_CERTIFICATE_FILE "~/" _PATH_SSH_USER_DIR "/ca-bundle.crt" +#define _PATH_USERCA_CERTIFICATE_PATH "~/" _PATH_SSH_USER_DIR "/crt" +#define _PATH_USERCA_REVOCATION_FILE "~/" _PATH_SSH_USER_DIR "/ca-bundle.crl" +#define _PATH_USERCA_REVOCATION_PATH "~/" _PATH_SSH_USER_DIR "/crl" + +/* x509 global store */ +#define _PATH_CA_CERTIFICATE_FILE SSHCADIR "/ca-bundle.crt" +#define _PATH_CA_CERTIFICATE_PATH SSHCADIR "/crt" +#define _PATH_CA_REVOCATION_FILE SSHCADIR "/ca-bundle.crl" +#define _PATH_CA_REVOCATION_PATH SSHCADIR "/crl" diff -ruN openssh-3.6.1p1/readconf.c openssh-3.6.1p1+x509g/readconf.c --- openssh-3.6.1p1/readconf.c 2003-04-01 14:43:39.000000000 +0300 +++ openssh-3.6.1p1+x509g/readconf.c 2003-04-05 09:06:01.000000000 +0300 @@ -9,10 +9,33 @@ * software must be clearly marked as such, and if the derived work is * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". + * + * X509 certificate store support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.104 2003/04/01 10:22:21 markus Exp $"); +RCSID("$OpenBSD$"); #include "ssh.h" #include "xmalloc.h" @@ -25,6 +48,7 @@ #include "misc.h" #include "kex.h" #include "mac.h" +#include "tildexpand.h" /* Format of the configuration file: @@ -114,6 +138,11 @@ oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, oClearAllForwardings, oNoHostAuthenticationForLocalhost, + sAllowedServerCertPurpose, + sCACertificateFile, sCACertificatePath, + sCARevocationFile, sCARevocationPath, + sUserCACertificateFile, sUserCACertificatePath, + sUserCARevocationFile, sUserCARevocationPath, oEnableSSHKeysign, oDeprecated } OpCodes; @@ -188,6 +217,15 @@ { "clearallforwardings", oClearAllForwardings }, { "enablesshkeysign", oEnableSSHKeysign }, { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, + { "allowedcertpurpose", sAllowedServerCertPurpose }, + { "cacertificatefile", sCACertificateFile }, + { "cacertificatepath", sCACertificatePath }, + { "carevocationfile", sCARevocationFile }, + { "carevocationpath", sCARevocationPath }, + { "usercacertificatefile", sUserCACertificateFile }, + { "usercacertificatepath", sUserCACertificatePath }, + { "usercarevocationfile", sUserCARevocationFile }, + { "usercarevocationpath", sUserCARevocationPath }, { NULL, oBadOption } }; @@ -670,6 +708,58 @@ intptr = &options->enable_ssh_keysign; goto parse_flag; + case sAllowedServerCertPurpose: + arg = strdelim(&s); + if (arg && *arg) { + if (strcasecmp(arg, "skip") == 0) goto skip_purpose; + + { /* convert string to OpenSSL index */ + int purpose_index; + purpose_index = sshserver_cert_purpose (arg); + if (purpose_index < 0) + fatal("config error: unsupported purpose '%.30s' in file %s line %d.", arg, filename, linenum); + + options->allowedcertpurpose = purpose_index; + } + } else { +skip_purpose: + options->allowedcertpurpose = -2; + verbose("config warning: option is set to don`t check certificate purpose in file %s line %d.", filename, linenum); + } + break; + + case sCACertificateFile: + case sCACertificatePath: + case sCARevocationFile: + case sCARevocationPath: + case sUserCACertificateFile: + case sUserCACertificatePath: + case sUserCARevocationFile: + case sUserCARevocationPath: + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing argument.", filename, linenum); + switch (opcode) { + case sCACertificateFile: + options->ca.certificate_file = xstrdup(arg); break; + case sCACertificatePath: + options->ca.certificate_path = xstrdup(arg); break; + case sCARevocationFile: + options->ca.revocation_file = xstrdup(arg); break; + case sCARevocationPath: + options->ca.revocation_path = xstrdup(arg); break; + case sUserCACertificateFile: + options->userca.certificate_file = xstrdup(arg); break; + case sUserCACertificatePath: + options->userca.certificate_path = xstrdup(arg); break; + case sUserCARevocationFile: + options->userca.revocation_file = xstrdup(arg); break; + case sUserCARevocationPath: + options->userca.revocation_path = xstrdup(arg); break; + default: + } + break; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -795,6 +885,44 @@ options->smartcard_device = NULL; options->enable_ssh_keysign = - 1; options->no_host_authentication_for_localhost = - 1; + options->allowedcertpurpose = -1; + options->ca.certificate_file = NULL; + options->ca.certificate_path = NULL; + options->ca.revocation_file = NULL; + options->ca.revocation_path = NULL; + options->userca.certificate_file = NULL; + options->userca.certificate_path = NULL; + options->userca.revocation_file = NULL; + options->userca.revocation_path = NULL; +} + +static int +ssh_x509store_init (Options *options) { + int x509_store_loaded = 0; + + ssh_x509store_setpurpose(options->allowedcertpurpose); + + if(ssh_x509store_addlocations(&options->userca)) { + x509_store_loaded = 1; + } + if(ssh_x509store_addlocations(&options->ca)) { + x509_store_loaded = 1; + } + + return x509_store_loaded; +} + +static void +tilde_expand_filename2(char **_fn, char* _default) { + extern uid_t original_real_uid; + + if (*_fn == NULL) { + *_fn = tilde_expand_filename(_default, original_real_uid); + } else { + char *p = *_fn; + *_fn = tilde_expand_filename(*_fn, original_real_uid); + xfree(p); + } } /* @@ -916,4 +1044,22 @@ /* options->hostname will be set in the main program if appropriate */ /* options->host_key_alias should not be set by default */ /* options->preferred_authentications will be set in ssh */ + + if (options->allowedcertpurpose == -1) + options->allowedcertpurpose = sshserver_cert_purpose("sslserver"); + if (options->ca.certificate_file == NULL) + options->ca.certificate_file = _PATH_CA_CERTIFICATE_FILE; + if (options->ca.certificate_path == NULL) + options->ca.certificate_path = _PATH_CA_CERTIFICATE_PATH; + if (options->ca.revocation_file == NULL) + options->ca.revocation_file = _PATH_CA_REVOCATION_FILE; + if (options->ca.revocation_path == NULL) + options->ca.revocation_path = _PATH_CA_REVOCATION_PATH; + + tilde_expand_filename2(&options->userca.certificate_file, _PATH_USERCA_CERTIFICATE_FILE); + tilde_expand_filename2(&options->userca.certificate_path, _PATH_USERCA_CERTIFICATE_PATH); + tilde_expand_filename2(&options->userca.revocation_file , _PATH_USERCA_REVOCATION_FILE ); + tilde_expand_filename2(&options->userca.revocation_path , _PATH_USERCA_REVOCATION_PATH ); + + ssh_x509store_init(options); } diff -ruN openssh-3.6.1p1/readconf.h openssh-3.6.1p1+x509g/readconf.h --- openssh-3.6.1p1/readconf.h 2003-04-01 14:43:40.000000000 +0300 +++ openssh-3.6.1p1+x509g/readconf.h 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.46 2003/04/01 10:22:21 markus Exp $ */ +/* $OpenBSD$*/ /* * Author: Tatu Ylonen @@ -11,12 +11,36 @@ * software must be clearly marked as such, and if the derived work is * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". + * + * X509 certificate store support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef READCONF_H #define READCONF_H #include "key.h" +#include "x509store.h" /* Data structure for representing a forwarding request. */ @@ -102,6 +126,13 @@ int enable_ssh_keysign; int no_host_authentication_for_localhost; + + /* allowed server certificate purpose */ + int allowedcertpurpose; + /* sshd PKI(X509) global store */ + X509StoreOptions ca; + /* sshd PKI(X509) user store */ + X509StoreOptions userca; } Options; diff -ruN openssh-3.6.1p1/README.x509v3 openssh-3.6.1p1+x509g/README.x509v3 --- openssh-3.6.1p1/README.x509v3 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/README.x509v3 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,273 @@ + Roumen Petrov + Sofia, Bulgaria + Fri Jan 30 2003 + +How to use X.509 certificates with OpenSSH? + + +Identity or hostkey file for protocol version 2 can contain private key +plus x509 certificate in PEM format. Note that protocol version 2 keys +are in PEM format. To use X.509 certificate as identity or hostkey user +should convert certificate in PEM format and append to file. After this +with "ssh-keygen -y ..." user must update "pub" file. +File (identity or hostkey) with X.509 certificate (RSA key): +-----BEGIN RSA PRIVATE KEY----- +..... +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +..... +-----END CERTIFICATE----- +Note that to use X.509 certificates in OpenSSH files must contain +private key followed by certificate. + + +1.) server configuration: +1.1.) .../sshd_config +1.1.1.) "X509 store". "X509 store" is used to verify client keys. +AllowedCertPurpose sslclient + The intended use off the X509 client certificate. + +CACertificateFile /etc/ssh/ca/ca-bundle.crt + This file contain multiple certificates of certificate signers in PEM +format concatenated together. You can get a copy from openssl, apache, +KDE, mutt, etc. packages. Original file might is exported from Netscape +certificate database and one download URL is: + http://www.modssl.org/contrib/ca-bundle.crt.tar.gz + +CACertificatePath /etc/ssh/ca/crt + "Hash dir" with certificates of certificate signers. Each certificate +should be stored in separate file with name [HASH].[NUMBER], where +[HASH] is certificate hash value and [NUMBER] is an integer starting +from zero. Hash is result from command like this: +$ openssl x509 -in certificate_file_name -noout -hash + +CARevocationFile /etc/ssh/ca/ca-bundle.crl + This file contain multiple "Certificate Revocation List" (CRL) of +certificate signers in PEM format concatenated together. + +CARevocationPath /etc/ssh/ca/crl + "Hash dir" with "Certificate Revocation List" (CRL) of certificate +signers. Each CRL should be stored in separate file with name +[HASH].r[NUMBER], where [HASH] is CRL hash value and [NUMBER] is an +integer starting from zero. Hash is result from command like this: +$ openssl crl -in crl_file_name -noout -hash + +1.1.2.) HostKey files... + Host key for protocol version 2 can contain private key plus x509 +certificate in PEM format. + + +1.2.) append in USER_HOME/.ssh/authorized_keys a record with following +format: + +where: +KEY_TYPE:=x509v3-sign-rsa|x509v3-sign-dss (case sensitive !) +WORDDN:={Distinguished Name| + Distinguished-Name| + Distinguished_Name| + DistinguishedName| + DN| + Subject} +WORDDNSUFF:='='|':'|'' +NOTES: +- WORDDN is case insensitive ! + +- is like output from command: +$ openssl x509 -noout -subject -in A_CERTIFICATE_FILE + +- can be in RFC2253 format like output from command: +$ openssl x509 -noout -subject -in A_CERTIFICATE_FILE -nameopt RFC2253 + +- Order of items in is not important and separator +can be symbol "/", "," or mixed. All following subjects are equal: +a)CN=OpenSSH RSA test certificate(dsa),OU=OpenSSH Testers,O=OpenSSH Test Team,ST=World,C=XX +b)/C=XX/ST=World/O=OpenSSH Test Team/OU=OpenSSH Testers/CN=OpenSSH RSA test certificate(dsa) +c)/O=OpenSSH Test Team/OU=OpenSSH Testers/C=XX/ST=World/CN=OpenSSH RSA test certificate(dsa) +d)O=OpenSSH Test Team,OU=OpenSSH Testers/C=XX,ST=World/CN=OpenSSH RSA test certificate(dsa) + + +Shell sample: +$ printf '%s' "x509v3-sign-rsa "; + openssl x509 -noout -subject \ + -in A_OPENSSH_CERT_FILE \ + >> $HOME/.ssh/authorized_keys + +NOTES: +- adjust user authorized_keys file ownership - user must have at least +read access. +- SecSH x509v3 key type is "x509v3-sign-rsa" or "x509v3-sign-dss". + + +2.) client settings: +2.1.) IdentityFile + Depends from client. To use X.509 certificate "OpenSSH id-file" must +contain both sections - private key and certificate in PEM format: +Note: Don't forget to update public key file with command: +$ ssh-keygen -y -f KEY_FILE_NAME > KEY_FILE_NAME.pub +Command ssh-add use public key file! + +2.2.) global ssh_config or $HOME/.ssh/config + Check options AllowedCertPurpose, [User]CACertificatePath, +[User]CACertificateFile, [User]CARevocationFile and +[User]CARevocationPath. See p. 1.1.1. All nine options are for "x509 +store". "x509 store" is used to verify server hostkey. + +Note: When we use own CA we must import CA certificate[s] to +"x509 store". More info on: + http://satva.skalasoft.com/~rumen/domino_CA/#dca2bundle + + + +3.) test x509 certificates. + +3.1.) In openssh build dir run "make check". +If x509 test scripts fail edit file OPENSSH_SOURCE_PATH/tests/CA/config +or set some environment variables. +Output from make check is in color and when is redirected to file later +we can see content best with command "less -r ...". +When script run a test command print star '*' followed by simple +information about command. When command succeed script print at right +"done" in GREEN(!) otherwise "failed" in RED(!). After failed command +script show on next lines in RED(!) response, skip execution of next +command/script, print message like this: +.... +Testing OpenSSH client with certificates finished. + status: failed +.... +Note that failed is in RED(!) and exit code is NONZERO(!). +Some command in a test script must fail. Part of "simple information" +about command expected fail is in RED(!). When command fail script print +"done" (THIS IS CORRECT - COMMAND MUST FAIL) and on next lines print in +GREEN(!) response. Usualy this occur when server reject logon. +WHEN ALL TESTS SUCCEED output is: +.... +Testing OpenSSH client with certificates finished. + status: done +.... +Note that "done" is in GREEN(!) and exit code is ZERO(!). + + +Description of variables is config file: + +3.1.1) main variables: + - SUDO + (only in config) + on some system sshd must be started as root. + If necessary set variable to sudo and configure sudo'ers. + - TMPDIR + (environment or config) + directory for temporary files. If not set its value is selected + from /tmp, /var/tmp or /usr/tmp. + - SSH_X509TESTS + (environment or config) + list with test scripts. A test script is in file with following + name: test-.sh.inc. + +3.1.2) openssl: + - OPENSSL + (environment or config) + path to openssl binary. The default is result from command: + `which openssl`. + - RSA_DIGEST_LIST + (environment or config) + list with RSA digests in support of openssl. The default value is + build at run time from following digest list "md5 sha1 md2 md4 + rmd160" and contain only supported from openssl. + +3.1.3) server section: + Read sshd_config.5 manual page for valid values. + - SSHD_PORT + (environment or config) + specifies the port number that server listens on and client connect + to on localhost. The default is 20022. + - SSHD_LISTENADDRESS + (only in config) + Same as sshd option "ListenAddress" but without(!) port number. + The default is "127.0.0.1". + - SSHSERVER_USEPRIVILEGESEPARATION="yes": + (only in config) + sshd "UsePrivilegeSeparation" option. + if necessary set to "no", to disable privilege separation. + - SSHSERVER_SYSLOGFACILITY=AUTH + (only in config) + sshd "SyslogFacility" option. + - SSHSERVER_LOGLEVEL=INFO + (only in config) + sshd 'LogLevel' option. + +3.1.4) certificates: + - Variables related to test certificates and CA. + (only in config) + +3.1.5.) Sample commands to run tests: +$ OPENSLL=/usr/local/openssl/0.9.6h/bin/openssl make check +$ SSHD_PORT=1122 SSH_X509TESTS="agent blob_auth" make check +$ RSA_DIGEST_LIST="md5 sha1" make check + + +3.2.) Current test scripts uses only rsa as server hostkey. + To test sshd with x509 certificate please find in file +openssh_tests.sh variable TEST_SSHD_HOSTKEY and change it. Sample: +TEST_SSH_HOSTKEY="${CWD}/testhostkey_rsa-rsa_md5" + + +3.3.) Test SecSH from "Microsoft Windows OSes". + This is not part of document. +Tips: use created after make check files: +- convert OPENSSH_BUILD_PATH/tests/CA/ca-test/crt/*crt.pem CA + certificates from PEM to DER format and import in + "Windows keystore" +- import OPENSSH_BUILD_PATH/tests/CA/testid_*.p12 in + "Windows keystore" +- setup your client to use certificate[s](see SecSH client manuals). +DON`T FORGET TO REMOVE entries from "Windows keystore" after test! + + +3.4.) Go to OPENSSH_BUILD_PATH/tests/CA and run command "make clean" to +remove all client/server and CA files. + + +3.5.) files in OPENSSH_SOURCE_PATH/tests/CA directory: +config : configuration file + +1-cre_cadb.sh: + create "Test CA" directories and files. + +2-cre_cakeys.sh: + create "Test CA" private keys and certificates. + +3-cre_certs.sh: + create client/server certificates. + this command create files with mask + "PATH_TO_KEYFILEn-[.]" + , where is in format "rsa_" or "dsa". + DIGEST are form variable "RSA_DIGEST_LIST" specified in "config" + file. Files without extention are openssh identity or hostkey files. + File with .pub extention contain openssh public key (BLOB format). + File with .crt extention contain openssl "text output" for identity + files. File with .p12 extention are for "Microsoft Windows keystore". + + +verify.sh: + to check certificates against "Test CA". Note: check only + testid_*.crt and testhostkey_*.crt files in current directory. + +functions: + common usefull functions + +openssh_tests.sh: + main test script - call other testscripts. + +test-blob_auth.sh.inc, +test-dn_auth_file.sh.inc, +test-dn_auth_path.sh.inc, +test-agent.sh.inc, +test-crl.sh.inc: + see DESCRIPTION in each file. + +Note that hostbased authentication we cannot test without to install. +Generated testhostkey_* certificates are with sslserver and sslclient +purposes and you can use them to test manualy hostbased authentication. + + +Enjoy ;-) diff -ruN openssh-3.6.1p1/scp.0 openssh-3.6.1p1+x509g/scp.0 --- openssh-3.6.1p1/scp.0 2003-04-01 14:57:30.000000000 +0300 +++ openssh-3.6.1p1+x509g/scp.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,17 +1,17 @@ -SCP(1) BSD General Commands Manual SCP(1) +SCP(1) System General Commands Manual SCP(1) -^[[1mNAME^[[0m - ^[[1mscp ^[[22mM-bMM-^R secure copy (remote file copy program) +NAME + scp - secure copy (remote file copy program) -^[[1mSYNOPSIS^[[0m - ^[[1mscp ^[[22m[^[[1mM-bMM-^RpqrvBC1246^[[22m] [^[[1mM-bMM-^RF ^[[4m^[[22mssh_config^[[24m] [^[[1mM-bMM-^RS ^[[4m^[[22mprogram^[[24m] [^[[1mM-bMM-^RP ^[[4m^[[22mport^[[24m] [^[[1mM-bMM-^Rc ^[[4m^[[22mcipher^[[24m] - [^[[1mM-bMM-^Ri ^[[4m^[[22midentity_file^[[24m] [^[[1mM-bMM-^Rl ^[[4m^[[22mlimit^[[24m] [^[[1mM-bMM-^Ro ^[[4m^[[22mssh_option^[[24m] [[^[[4muser@^[[24m]^[[4mhost1^[[24m:]^[[4mfile1^[[0m - [^[[4m...^[[24m] [[^[[4muser@^[[24m]^[[4mhost2^[[24m:]^[[4mfile2^[[0m +SYNOPSIS + scp [-pqrvBC1246] [-F ssh_config] [-S program] [-P port] [-c cipher] + [-i identity_file] [-l limit] [-o ssh_option] [[user@]host1:]file1 + [...] [[user@]host2:]file2 -^[[1mDESCRIPTION^[[0m - ^[[1mscp ^[[22mcopies files between hosts on a network. It uses ssh(1) for data +DESCRIPTION + scp copies files between hosts on a network. It uses ssh(1) for data transfer, and uses the same authentication and provides the same security - as ssh(1). Unlike rcp(1), ^[[1mscp ^[[22mwill ask for passwords or passphrases if + as ssh(1). Unlike rcp(1), scp will ask for passwords or passphrases if they are needed for authentication. Any file name may contain a host and user specification to indicate that @@ -20,74 +20,74 @@ The options are as follows: - ^[[1mM-bMM-^Rc ^[[4m^[[22mcipher^[[0m + -c cipher Selects the cipher to use for encrypting the data transfer. This option is directly passed to ssh(1). - ^[[1mM-bMM-^Ri ^[[4m^[[22midentity_file^[[0m + -i identity_file Selects the file from which the identity (private key) for RSA authentication is read. This option is directly passed to ssh(1). - ^[[1mM-bMM-^Rl ^[[4m^[[22mlimit^[[0m + -l limit Limits the used bandwidth, specified in Kbit/s. - ^[[1mM-bMM-^Rp ^[[22mPreserves modification times, access times, and modes from the + -p Preserves modification times, access times, and modes from the original file. - ^[[1mM-bMM-^Rr ^[[22mRecursively copy entire directories. + -r Recursively copy entire directories. - ^[[1mM-bMM-^Rv ^[[22mVerbose mode. Causes ^[[1mscp ^[[22mand ssh(1) to print debugging messages + -v Verbose mode. Causes scp and ssh(1) to print debugging messages about their progress. This is helpful in debugging connection, authentication, and configuration problems. - ^[[1mM-bMM-^RB ^[[22mSelects batch mode (prevents asking for passwords or + -B Selects batch mode (prevents asking for passwords or passphrases). - ^[[1mM-bMM-^Rq ^[[22mDisables the progress meter. + -q Disables the progress meter. - ^[[1mM-bMM-^RC ^[[22mCompression enable. Passes the ^[[1mM-bMM-^RC ^[[22mflag to ssh(1) to enable comM-bM-^@M-^P + -C Compression enable. Passes the -C flag to ssh(1) to enable com- pression. - ^[[1mM-bMM-^RF ^[[4m^[[22mssh_config^[[0m - Specifies an alternative perM-bM-^@M-^Puser configuration file for ^[[1mssh^[[22m. + -F ssh_config + Specifies an alternative per-user configuration file for ssh. This option is directly passed to ssh(1). - ^[[1mM-bMM-^RP ^[[4m^[[22mport^[[0m + -P port Specifies the port to connect to on the remote host. Note that - this option is written with a capital M-bM-^@M-^XPM-bM-^@M-^Y, because ^[[1mM-bMM-^Rp ^[[22mis already + this option is written with a capital `P', because -p is already reserved for preserving the times and modes of the file in rcp(1). - ^[[1mM-bMM-^RS ^[[4m^[[22mprogram^[[0m - Name of ^[[4mprogram^[[24m to use for the encrypted connection. The program + -S program + Name of program to use for the encrypted connection. The program must understand ssh(1) options. - ^[[1mM-bMM-^Ro ^[[4m^[[22mssh_option^[[0m - Can be used to pass options to ^[[1mssh ^[[22min the format used in + -o ssh_option + Can be used to pass options to ssh in the format used in ssh_config(5). This is useful for specifying options for which - there is no separate ^[[1mscp ^[[22mcommandM-bM-^@M-^Pline flag. + there is no separate scp command-line flag. - ^[[1mM-bMM-^R1 ^[[22mForces ^[[1mscp ^[[22mto use protocol 1. + -1 Forces scp to use protocol 1. - ^[[1mM-bMM-^R2 ^[[22mForces ^[[1mscp ^[[22mto use protocol 2. + -2 Forces scp to use protocol 2. - ^[[1mM-bMM-^R4 ^[[22mForces ^[[1mscp ^[[22mto use IPv4 addresses only. + -4 Forces scp to use IPv4 addresses only. - ^[[1mM-bMM-^R6 ^[[22mForces ^[[1mscp ^[[22mto use IPv6 addresses only. + -6 Forces scp to use IPv6 addresses only. -^[[1mDIAGNOSTICS^[[0m - ^[[1mscp ^[[22mexits with 0 on success or >0 if an error occurred. +DIAGNOSTICS + scp exits with 0 on success or >0 if an error occurred. -^[[1mAUTHORS^[[0m +AUTHORS Timo Rinne and Tatu Ylonen -^[[1mHISTORY^[[0m - ^[[1mscp ^[[22mis based on the rcp(1) program in BSD source code from the Regents of +HISTORY + scp is based on the rcp(1) program in BSD source code from the Regents of the University of California. -^[[1mSEE ALSO^[[0m - rcp(1), sftp(1), ssh(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pagent(1), sshM-bM-^@M-^Pkeygen(1), +SEE ALSO + rcp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5), sshd(8) BSD September 25, 1999 BSD diff -ruN openssh-3.6.1p1/servconf.c openssh-3.6.1p1+x509g/servconf.c --- openssh-3.6.1p1/servconf.c 2003-02-24 03:04:34.000000000 +0200 +++ openssh-3.6.1p1+x509g/servconf.c 2003-04-05 09:06:01.000000000 +0300 @@ -7,10 +7,33 @@ * software must be clearly marked as such, and if the derived work is * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". + * + * X509 certificate store support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.116 2003/02/21 09:05:53 markus Exp $"); +RCSID("$OpenBSD$"); #if defined(KRB4) #include @@ -123,11 +146,29 @@ options->client_alive_count_max = -1; options->authorized_keys_file = NULL; options->authorized_keys_file2 = NULL; + options->allowedcertpurpose = -1; + options->ca.certificate_file = NULL; + options->ca.certificate_path = NULL; + options->ca.revocation_file = NULL; + options->ca.revocation_path = NULL; /* Needs to be accessable in many places */ use_privsep = -1; } +static int +sshd_x509store_init (ServerOptions *options) { + int x509_store_loaded = 0; + + ssh_x509store_setpurpose(options->allowedcertpurpose); + + if(ssh_x509store_addlocations(&options->ca)) { + x509_store_loaded = 1; + } + + return x509_store_loaded; +} + void fill_default_server_options(ServerOptions *options) { @@ -256,6 +297,17 @@ if (options->authorized_keys_file == NULL) options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; + if (options->allowedcertpurpose == -1) + options->allowedcertpurpose = sshclient_cert_purpose("sslclient"); + if (options->ca.certificate_file == NULL) + options->ca.certificate_file = _PATH_CA_CERTIFICATE_FILE; + if (options->ca.certificate_path == NULL) + options->ca.certificate_path = _PATH_CA_CERTIFICATE_PATH; + if (options->ca.revocation_file == NULL) + options->ca.revocation_file = _PATH_CA_REVOCATION_FILE; + if (options->ca.revocation_path == NULL) + options->ca.revocation_path = _PATH_CA_REVOCATION_PATH; + /* Turn privilege separation on by default */ if (use_privsep == -1) use_privsep = 1; @@ -269,6 +321,7 @@ } #endif + sshd_x509store_init(options); } /* Keyword tokens. */ @@ -302,6 +355,9 @@ sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, sUsePrivilegeSeparation, + sAllowedClientCertPurpose, + sCACertificateFile, sCACertificatePath, + sCARevocationFile, sCARevocationPath, sDeprecated } ServerOpCodes; @@ -380,6 +436,11 @@ { "authorizedkeysfile", sAuthorizedKeysFile }, { "authorizedkeysfile2", sAuthorizedKeysFile2 }, { "useprivilegeseparation", sUsePrivilegeSeparation}, + { "allowedcertpurpose", sAllowedClientCertPurpose }, + { "cacertificatefile", sCACertificateFile }, + { "cacertificatepath", sCACertificatePath }, + { "carevocationfile", sCARevocationFile }, + { "carevocationpath", sCARevocationPath }, { NULL, sBadOption } }; @@ -909,6 +970,47 @@ intptr = &options->client_alive_count_max; goto parse_int; + case sAllowedClientCertPurpose: + arg = strdelim(&cp); + if (arg && *arg) { + if (strcasecmp(arg, "skip") == 0) goto skip_purpose; + + { /* convert string to OpenSSL index */ + int purpose_index; + purpose_index = sshclient_cert_purpose (arg); + if (purpose_index < 0) + fatal("config error: unsupported purpose '%.30s' in file %s line %d.", arg, filename, linenum); + + options->allowedcertpurpose = purpose_index; + } + } else { +skip_purpose: + options->allowedcertpurpose = -2; + verbose("config warning: option is set to don`t check certificate purpose in file %s line %d.", filename, linenum); + } + break; + + + case sCACertificateFile: + case sCACertificatePath: + case sCARevocationFile: + case sCARevocationPath: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing argument.", filename, linenum); + switch (opcode) { + case sCACertificateFile: + options->ca.certificate_file = xstrdup(arg); break; + case sCACertificatePath: + options->ca.certificate_path = xstrdup(arg); break; + case sCARevocationFile: + options->ca.revocation_file = xstrdup(arg); break; + case sCARevocationPath: + options->ca.revocation_path = xstrdup(arg); break; + default: + } + break; + case sDeprecated: log("%s line %d: Deprecated option %s", filename, linenum, arg); diff -ruN openssh-3.6.1p1/servconf.h openssh-3.6.1p1+x509g/servconf.h --- openssh-3.6.1p1/servconf.h 2002-08-01 04:28:39.000000000 +0300 +++ openssh-3.6.1p1+x509g/servconf.h 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.59 2002/07/30 17:03:55 markus Exp $ */ +/* $OpenBSD$ */ /* * Author: Tatu Ylonen @@ -11,11 +11,36 @@ * software must be clearly marked as such, and if the derived work is * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". + * + * X509 certificate store support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef SERVCONF_H #define SERVCONF_H +#include "x509store.h" + #define MAX_PORTS 256 /* Max # ports. */ #define MAX_ALLOW_USERS 256 /* Max # users on allow list. */ @@ -132,6 +157,11 @@ char *authorized_keys_file; /* File containing public keys */ char *authorized_keys_file2; int pam_authentication_via_kbd_int; + + /* allowed client certificate purpose */ + int allowedcertpurpose; + /* sshd PKI(X509) global store */ + X509StoreOptions ca; } ServerOptions; void initialize_server_options(ServerOptions *); diff -ruN openssh-3.6.1p1/sftp.0 openssh-3.6.1p1+x509g/sftp.0 --- openssh-3.6.1p1/sftp.0 2003-04-01 14:57:31.000000000 +0300 +++ openssh-3.6.1p1+x509g/sftp.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,180 +1,180 @@ -SFTP(1) BSD General Commands Manual SFTP(1) +SFTP(1) System General Commands Manual SFTP(1) -^[[1mNAME^[[0m - ^[[1msftp ^[[22mM-bMM-^R Secure file transfer program +NAME + sftp - Secure file transfer program -^[[1mSYNOPSIS^[[0m - ^[[1msftp ^[[22m[^[[1mM-bMM-^RvC1^[[22m] [^[[1mM-bMM-^Rb ^[[4m^[[22mbatchfile^[[24m] [^[[1mM-bMM-^Ro ^[[4m^[[22mssh_option^[[24m] [^[[1mM-bMM-^Rs ^[[4m^[[22msubsystem^[[24m | ^[[4msftp_server^[[24m] - [^[[1mM-bMM-^RB ^[[4m^[[22mbuffer_size^[[24m] [^[[1mM-bMM-^RF ^[[4m^[[22mssh_config^[[24m] [^[[1mM-bMM-^RP ^[[4m^[[22msftp_server^[[24m ^[[4mpath^[[24m] - [^[[1mM-bMM-^RR ^[[4m^[[22mnum_requests^[[24m] [^[[1mM-bMM-^RS ^[[4m^[[22mprogram^[[24m] ^[[4mhost^[[0m - ^[[1msftp ^[[22m[[^[[4muser^[[24m@]^[[4mhost^[[24m[:^[[4mfile^[[24m [^[[4mfile^[[24m]]] - ^[[1msftp ^[[22m[[^[[4muser^[[24m@]^[[4mhost^[[24m[:^[[4mdir^[[24m[^[[4m/^[[24m]]] +SYNOPSIS + sftp [-vC1] [-b batchfile] [-o ssh_option] [-s subsystem | sftp_server] + [-B buffer_size] [-F ssh_config] [-P sftp_server path] + [-R num_requests] [-S program] host + sftp [[user@]host[:file [file]]] + sftp [[user@]host[:dir[/]]] -^[[1mDESCRIPTION^[[0m - ^[[1msftp ^[[22mis an interactive file transfer program, similar to ftp(1), which +DESCRIPTION + sftp is an interactive file transfer program, similar to ftp(1), which performs all operations over an encrypted ssh(1) transport. It may also - use many features of ssh, such as public key authentication and compresM-bM-^@M-^P - sion. ^[[1msftp ^[[22mconnects and logs into the specified ^[[4mhost^[[24m, then enters an + use many features of ssh, such as public key authentication and compres- + sion. sftp connects and logs into the specified host, then enters an interactive command mode. - The second usage format will retrieve files automatically if a nonM-bM-^@M-^PinterM-bM-^@M-^P - active authentication method is used; otherwise it will do so after sucM-bM-^@M-^P + The second usage format will retrieve files automatically if a non-inter- + active authentication method is used; otherwise it will do so after suc- cessful interactive authentication. - The last usage format allows the sftp client to start in a remote direcM-bM-^@M-^P + The last usage format allows the sftp client to start in a remote direc- tory. The options are as follows: - ^[[1mM-bMM-^Rb ^[[4m^[[22mbatchfile^[[0m - Batch mode reads a series of commands from an input ^[[4mbatchfile^[[0m - instead of ^[[4mstdin^[[24m. Since it lacks user interaction it should be - used in conjunction with nonM-bM-^@M-^Pinteractive authentication. ^[[1msftp^[[0m - will abort if any of the following commands fail: ^[[1mget^[[22m, ^[[1mput^[[22m, - ^[[1mrename^[[22m, ^[[1mln^[[22m, ^[[1mrm^[[22m, ^[[1mmkdir^[[22m, ^[[1mchdir^[[22m, ^[[1mls^[[22m, ^[[1mlchdir^[[22m, ^[[1mchmod^[[22m, ^[[1mchown^[[22m, ^[[1mchgrp^[[22m, - ^[[1mlpwd ^[[22mand ^[[1mlmkdir^[[22m. Termination on error can be suppressed on a - command by command basis by prefixing the command with a ^[[1mM-bM-^@M-^YM-bM-^@M-^PM-bM-^@M-^Y^[[0m - character (For example, ^[[1mM-bM-^@M-^Prm /tmp/blah* ^[[22m). + -b batchfile + Batch mode reads a series of commands from an input batchfile + instead of stdin. Since it lacks user interaction it should be + used in conjunction with non-interactive authentication. sftp + will abort if any of the following commands fail: get, put, + rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, + lpwd and lmkdir. Termination on error can be suppressed on a + command by command basis by prefixing the command with a '-' + character (For example, -rm /tmp/blah* ). - ^[[1mM-bMM-^Ro ^[[4m^[[22mssh_option^[[0m - Can be used to pass options to ^[[1mssh ^[[22min the format used in + -o ssh_option + Can be used to pass options to ssh in the format used in ssh_config(5). This is useful for specifying options for which - there is no separate ^[[1msftp ^[[22mcommandM-bM-^@M-^Pline flag. For example, to - specify an alternate port use: ^[[1msftp M-bM-^@M-^PoPort=24^[[22m. + there is no separate sftp command-line flag. For example, to + specify an alternate port use: sftp -oPort=24. - ^[[1mM-bMM-^Rs ^[[4m^[[22msubsystem^[[24m | ^[[4msftp_server^[[0m + -s subsystem | sftp_server Specifies the SSH2 subsystem or the path for an sftp server on the remote host. A path is useful for using sftp over protocol - version 1, or when the remote ^[[1msshd ^[[22mdoes not have an sftp subsysM-bM-^@M-^P + version 1, or when the remote sshd does not have an sftp subsys- tem configured. - ^[[1mM-bMM-^Rv ^[[22mRaise logging level. This option is also passed to ssh. + -v Raise logging level. This option is also passed to ssh. - ^[[1mM-bMM-^RB ^[[4m^[[22mbuffer_size^[[0m - Specify the size of the buffer that ^[[1msftp ^[[22muses when transferring + -B buffer_size + Specify the size of the buffer that sftp uses when transferring files. Larger buffers require fewer round trips at the cost of higher memory consumption. The default is 32768 bytes. - ^[[1mM-bMM-^RC ^[[22mEnables compression (via sshM-bM-^@M-^Ys ^[[1mM-bMM-^RC ^[[22mflag). + -C Enables compression (via ssh's -C flag). - ^[[1mM-bMM-^RF ^[[4m^[[22mssh_config^[[0m - Specifies an alternative perM-bM-^@M-^Puser configuration file for ^[[1mssh^[[22m. + -F ssh_config + Specifies an alternative per-user configuration file for ssh. This option is directly passed to ssh(1). - ^[[1mM-bMM-^RP ^[[4m^[[22msftp_server^[[24m ^[[4mpath^[[0m - Connect directly to a local ^[[1msftpM-bM-^@M-^Pserver ^[[22m(rather than via ^[[1mssh^[[22m) + -P sftp_server path + Connect directly to a local sftp-server (rather than via ssh) This option may be useful in debugging the client and server. - ^[[1mM-bMM-^RR ^[[4m^[[22mnum_requests^[[0m + -R num_requests Specify how many requests may be outstanding at any one time. Increasing this may slightly improve file transfer speed but will increase memory usage. The default is 16 outstanding requests. - ^[[1mM-bMM-^RS ^[[4m^[[22mprogram^[[0m - Name of the ^[[4mprogram^[[24m to use for the encrypted connection. The + -S program + Name of the program to use for the encrypted connection. The program must understand ssh(1) options. - ^[[1mM-bMM-^R1 ^[[22mSpecify the use of protocol version 1. + -1 Specify the use of protocol version 1. -^[[1mINTERACTIVE COMMANDS^[[0m - Once in interactive mode, ^[[1msftp ^[[22munderstands a set of commands similar to +INTERACTIVE COMMANDS + Once in interactive mode, sftp understands a set of commands similar to those of ftp(1). Commands are case insensitive and pathnames may be enclosed in quotes if they contain spaces. - ^[[1mbye ^[[22mQuit sftp. + bye Quit sftp. - ^[[1mcd ^[[4m^[[22mpath^[[0m - Change remote directory to ^[[4mpath^[[24m. + cd path + Change remote directory to path. - ^[[1mlcd ^[[4m^[[22mpath^[[0m - Change local directory to ^[[4mpath^[[24m. + lcd path + Change local directory to path. - ^[[1mchgrp ^[[4m^[[22mgrp^[[24m ^[[4mpath^[[0m - Change group of file ^[[4mpath^[[24m to ^[[4mgrp^[[24m. ^[[4mgrp^[[24m must be a numeric GID. + chgrp grp path + Change group of file path to grp. grp must be a numeric GID. - ^[[1mchmod ^[[4m^[[22mmode^[[24m ^[[4mpath^[[0m - Change permissions of file ^[[4mpath^[[24m to ^[[4mmode^[[24m. + chmod mode path + Change permissions of file path to mode. - ^[[1mchown ^[[4m^[[22mown^[[24m ^[[4mpath^[[0m - Change owner of file ^[[4mpath^[[24m to ^[[4mown^[[24m. ^[[4mown^[[24m must be a numeric UID. + chown own path + Change owner of file path to own. own must be a numeric UID. - ^[[1mexit ^[[22mQuit sftp. + exit Quit sftp. - ^[[1mget ^[[22m[^[[4mflags^[[24m] ^[[4mremoteM-bM-^@M-^Ppath^[[24m [^[[4mlocalM-bM-^@M-^Ppath^[[24m] - Retrieve the ^[[4mremoteM-bM-^@M-^Ppath^[[24m and store it on the local machine. If + get [flags] remote-path [local-path] + Retrieve the remote-path and store it on the local machine. If the local path name is not specified, it is given the same name - it has on the remote machine. If the ^[[1mM-bMM-^RP ^[[22mflag is specified, then - the fileM-bM-^@M-^Ys full permission and access time are copied too. + it has on the remote machine. If the -P flag is specified, then + the file's full permission and access time are copied too. - ^[[1mhelp ^[[22mDisplay help text. + help Display help text. - ^[[1mlls ^[[22m[^[[4mlsM-bM-^@M-^Poptions^[[24m [^[[4mpath^[[24m]] - Display local directory listing of either ^[[4mpath^[[24m or current direcM-bM-^@M-^P - tory if ^[[4mpath^[[24m is not specified. + lls [ls-options [path]] + Display local directory listing of either path or current direc- + tory if path is not specified. - ^[[1mlmkdir ^[[4m^[[22mpath^[[0m - Create local directory specified by ^[[4mpath^[[24m. + lmkdir path + Create local directory specified by path. - ^[[1mln ^[[4m^[[22moldpath^[[24m ^[[4mnewpath^[[0m - Create a symbolic link from ^[[4moldpath^[[24m to ^[[4mnewpath^[[24m. + ln oldpath newpath + Create a symbolic link from oldpath to newpath. - ^[[1mlpwd ^[[22mPrint local working directory. + lpwd Print local working directory. - ^[[1mls ^[[22m[^[[4mflags^[[24m] [^[[4mpath^[[24m] - Display remote directory listing of either ^[[4mpath^[[24m or current direcM-bM-^@M-^P - tory if ^[[4mpath^[[24m is not specified. If the ^[[1mM-bMM-^Rl ^[[22mflag is specified, then + ls [flags] [path] + Display remote directory listing of either path or current direc- + tory if path is not specified. If the -l flag is specified, then display additional details including permissions and ownership information. - ^[[1mlumask ^[[4m^[[22mumask^[[0m - Set local umask to ^[[4mumask^[[24m. + lumask umask + Set local umask to umask. - ^[[1mmkdir ^[[4m^[[22mpath^[[0m - Create remote directory specified by ^[[4mpath^[[24m. + mkdir path + Create remote directory specified by path. - ^[[1mprogress^[[0m + progress Toggle display of progress meter. - ^[[1mput ^[[22m[^[[4mflags^[[24m] ^[[4mlocalM-bM-^@M-^Ppath^[[24m [^[[4mremoteM-bM-^@M-^Ppath^[[24m] - Upload ^[[4mlocalM-bM-^@M-^Ppath^[[24m and store it on the remote machine. If the + put [flags] local-path [remote-path] + Upload local-path and store it on the remote machine. If the remote path name is not specified, it is given the same name it - has on the local machine. If the ^[[1mM-bMM-^RP ^[[22mflag is specified, then the - fileM-bM-^@M-^Ys full permission and access time are copied too. + has on the local machine. If the -P flag is specified, then the + file's full permission and access time are copied too. - ^[[1mpwd ^[[22mDisplay remote working directory. + pwd Display remote working directory. - ^[[1mquit ^[[22mQuit sftp. + quit Quit sftp. - ^[[1mrename ^[[4m^[[22moldpath^[[24m ^[[4mnewpath^[[0m - Rename remote file from ^[[4moldpath^[[24m to ^[[4mnewpath^[[24m. + rename oldpath newpath + Rename remote file from oldpath to newpath. - ^[[1mrmdir ^[[4m^[[22mpath^[[0m - Remove remote directory specified by ^[[4mpath^[[24m. + rmdir path + Remove remote directory specified by path. - ^[[1mrm ^[[4m^[[22mpath^[[0m - Delete remote file specified by ^[[4mpath^[[24m. + rm path + Delete remote file specified by path. - ^[[1msymlink ^[[4m^[[22moldpath^[[24m ^[[4mnewpath^[[0m - Create a symbolic link from ^[[4moldpath^[[24m to ^[[4mnewpath^[[24m. + symlink oldpath newpath + Create a symbolic link from oldpath to newpath. - ^[[1mversion^[[0m - Display the ^[[1msftp ^[[22mprotocol version. + version + Display the sftp protocol version. - ! ^[[4mcommand^[[0m - Execute ^[[4mcommand^[[24m in local shell. + ! command + Execute command in local shell. ! Escape to local shell. ? Synonym for help. -^[[1mAUTHORS^[[0m +AUTHORS Damien Miller -^[[1mSEE ALSO^[[0m - scp(1), ssh(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pkeygen(1), ssh_config(5), sftpM-bM-^@M-^Pserver(8), +SEE ALSO + scp(1), ssh(1), ssh-add(1), ssh-keygen(1), ssh_config(5), sftp-server(8), sshd(8) - T. Ylonen and S. Lehtinen, ^[[4mSSH^[[24m ^[[4mFile^[[24m ^[[4mTransfer^[[24m ^[[4mProtocol^[[24m, draftM-bM-^@M-^PietfM-bM-^@M-^PsecshM-bM-^@M-^P - filexferM-bM-^@M-^P00.txt, January 2001, work in progress material. + T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- + filexfer-00.txt, January 2001, work in progress material. BSD February 4, 2001 BSD diff -ruN openssh-3.6.1p1/sftp-server.0 openssh-3.6.1p1+x509g/sftp-server.0 --- openssh-3.6.1p1/sftp-server.0 2003-04-01 14:57:31.000000000 +0300 +++ openssh-3.6.1p1+x509g/sftp-server.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,27 +1,27 @@ -SFTPM-bM-^@M-^PSERVER(8) BSD System ManagerM-bM-^@M-^Ys Manual SFTPM-bM-^@M-^PSERVER(8) +SFTP-SERVER(8) System Manager's Manual SFTP-SERVER(8) -^[[1mNAME^[[0m - ^[[1msftpM-bM-^@M-^Pserver ^[[22mM-bMM-^R SFTP server subsystem +NAME + sftp-server - SFTP server subsystem -^[[1mSYNOPSIS^[[0m - ^[[1msftpM-bM-^@M-^Pserver^[[0m +SYNOPSIS + sftp-server -^[[1mDESCRIPTION^[[0m - ^[[1msftpM-bM-^@M-^Pserver ^[[22mis a program that speaks the server side of SFTP protocol to - stdout and expects client requests from stdin. ^[[1msftpM-bM-^@M-^Pserver ^[[22mis not - intended to be called directly, but from sshd(8) using the ^[[1mSubsystem^[[0m +DESCRIPTION + sftp-server is a program that speaks the server side of SFTP protocol to + stdout and expects client requests from stdin. sftp-server is not + intended to be called directly, but from sshd(8) using the Subsystem option. See sshd(8) for more information. -^[[1mSEE ALSO^[[0m +SEE ALSO sftp(1), ssh(1), sshd(8) - T. Ylonen and S. Lehtinen, ^[[4mSSH^[[24m ^[[4mFile^[[24m ^[[4mTransfer^[[24m ^[[4mProtocol^[[24m, draftM-bM-^@M-^PietfM-bM-^@M-^PsecshM-bM-^@M-^P - filexferM-bM-^@M-^P00.txt, January 2001, work in progress material. + T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- + filexfer-00.txt, January 2001, work in progress material. -^[[1mAUTHORS^[[0m +AUTHORS Markus Friedl -^[[1mHISTORY^[[0m - ^[[1msftpM-bM-^@M-^Pserver ^[[22mfirst appeared in OpenBSD 2.8 . +HISTORY + sftp-server first appeared in OpenBSD 2.8 . BSD August 30, 2000 BSD diff -ruN openssh-3.6.1p1/ssh.0 openssh-3.6.1p1+x509g/ssh.0 --- openssh-3.6.1p1/ssh.0 2003-04-01 14:57:31.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,455 +1,459 @@ -SSH(1) BSD General Commands Manual SSH(1) +SSH(1) System General Commands Manual SSH(1) -^[[1mNAME^[[0m - ^[[1mssh ^[[22mM-bMM-^R OpenSSH SSH client (remote login program) +NAME + ssh - OpenSSH SSH client (remote login program) -^[[1mSYNOPSIS^[[0m - ^[[1mssh ^[[22m[^[[1mM-bMM-^Rl ^[[4m^[[22mlogin_name^[[24m] ^[[4mhostname^[[24m | ^[[4muser@hostname^[[24m [^[[4mcommand^[[24m] +SYNOPSIS + ssh [-l login_name] hostname | user@hostname [command] - ^[[1mssh ^[[22m[^[[1mM-bMM-^RafgknqstvxACNTX1246^[[22m] [^[[1mM-bMM-^Rb ^[[4m^[[22mbind_address^[[24m] [^[[1mM-bMM-^Rc ^[[4m^[[22mcipher_spec^[[24m] - [^[[1mM-bMM-^Re ^[[4m^[[22mescape_char^[[24m] [^[[1mM-bMM-^Ri ^[[4m^[[22midentity_file^[[24m] [^[[1mM-bMM-^Rl ^[[4m^[[22mlogin_name^[[24m] [^[[1mM-bMM-^Rm ^[[4m^[[22mmac_spec^[[24m] - [^[[1mM-bMM-^Ro ^[[4m^[[22moption^[[24m] [^[[1mM-bMM-^Rp ^[[4m^[[22mport^[[24m] [^[[1mM-bMM-^RF ^[[4m^[[22mconfigfile^[[24m] [^[[1mM-bMM-^RL ^[[4m^[[22mport^[[24m:^[[4mhost^[[24m:^[[4mhostport^[[24m] - [^[[1mM-bMM-^RR ^[[4m^[[22mport^[[24m:^[[4mhost^[[24m:^[[4mhostport^[[24m] [^[[1mM-bMM-^RD ^[[4m^[[22mport^[[24m] ^[[4mhostname^[[24m | ^[[4muser@hostname^[[24m [^[[4mcommand^[[24m] + ssh [-afgknqstvxACNTX1246] [-b bind_address] [-c cipher_spec] + [-e escape_char] [-i identity_file] [-l login_name] [-m mac_spec] + [-o option] [-p port] [-F configfile] [-L port:host:hostport] + [-R port:host:hostport] [-D port] hostname | user@hostname [command] -^[[1mDESCRIPTION^[[0m - ^[[1mssh ^[[22m(SSH client) is a program for logging into a remote machine and for +DESCRIPTION + ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. - ^[[1mssh ^[[22mconnects and logs into the specified ^[[4mhostname^[[24m. The user must prove + ssh connects and logs into the specified hostname. The user must prove his/her identity to the remote machine using one of several methods depending on the protocol version used: - ^[[1mSSH protocol version 1^[[0m + SSH protocol version 1 - First, if the machine the user logs in from is listed in ^[[4m/etc/hosts.equiv^[[0m - or ^[[4m/etc/shosts.equiv^[[24m on the remote machine, and the user names are the + First, if the machine the user logs in from is listed in /etc/hosts.equiv + or /etc/shosts.equiv on the remote machine, and the user names are the same on both sides, the user is immediately permitted to log in. Second, - if ^[[4m.rhosts^[[24m or ^[[4m.shosts^[[24m exists in the userM-bM-^@M-^Ys home directory on the remote + if .rhosts or .shosts exists in the user's home directory on the remote machine and contains a line containing the name of the client machine and the name of the user on that machine, the user is permitted to log in. This form of authentication alone is normally not allowed by the server because it is not secure. - The second authentication method is the ^[[4mrhosts^[[24m or ^[[4mhosts.equiv^[[24m method comM-bM-^@M-^P - bined with RSAM-bM-^@M-^Pbased host authentication. It means that if the login - would be permitted by ^[[4m$HOME/.rhosts^[[24m, ^[[4m$HOME/.shosts^[[24m, ^[[4m/etc/hosts.equiv^[[24m, or - ^[[4m/etc/shosts.equiv^[[24m, and if additionally the server can verify the clientM-bM-^@M-^Ys - host key (see ^[[4m/etc/ssh/ssh_known_hosts^[[24m and ^[[4m$HOME/.ssh/known_hosts^[[24m in the - ^[[4mFILES^[[24m section), only then login is permitted. This authentication method - closes security holes due to IP spoofing, DNS spoofing and routing spoofM-bM-^@M-^P - ing. [Note to the administrator: ^[[4m/etc/hosts.equiv^[[24m, ^[[4m$HOME/.rhosts^[[24m, and + The second authentication method is the rhosts or hosts.equiv method com- + bined with RSA-based host authentication. It means that if the login + would be permitted by $HOME/.rhosts, $HOME/.shosts, /etc/hosts.equiv, or + /etc/shosts.equiv, and if additionally the server can verify the client's + host key (see /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts in the + FILES section), only then login is permitted. This authentication method + closes security holes due to IP spoofing, DNS spoofing and routing spoof- + ing. [Note to the administrator: /etc/hosts.equiv, $HOME/.rhosts, and the rlogin/rsh protocol in general, are inherently insecure and should be disabled if security is desired.] - As a third authentication method, ^[[1mssh ^[[22msupports RSA based authentication. - The scheme is based on publicM-bM-^@M-^Pkey cryptography: there are cryptosystems + As a third authentication method, ssh supports RSA based authentication. + The scheme is based on public-key cryptography: there are cryptosystems where encryption and decryption are done using separate keys, and it is not possible to derive the decryption key from the encryption key. RSA is one such system. The idea is that each user creates a public/private key pair for authentication purposes. The server knows the public key, and only the user knows the private key. The file - ^[[4m$HOME/.ssh/authorized_keys^[[24m lists the public keys that are permitted for - logging in. When the user logs in, the ^[[1mssh ^[[22mprogram tells the server + $HOME/.ssh/authorized_keys lists the public keys that are permitted for + logging in. When the user logs in, the ssh program tells the server which key pair it would like to use for authentication. The server checks if this key is permitted, and if so, sends the user (actually the - ^[[1mssh ^[[22mprogram running on behalf of the user) a challenge, a random number, - encrypted by the userM-bM-^@M-^Ys public key. The challenge can only be decrypted - using the proper private key. The userM-bM-^@M-^Ys client then decrypts the chalM-bM-^@M-^P + ssh program running on behalf of the user) a challenge, a random number, + encrypted by the user's public key. The challenge can only be decrypted + using the proper private key. The user's client then decrypts the chal- lenge using the private key, proving that he/she knows the private key but without disclosing it to the server. - ^[[1mssh ^[[22mimplements the RSA authentication protocol automatically. The user - creates his/her RSA key pair by running sshM-bM-^@M-^Pkeygen(1). This stores the - private key in ^[[4m$HOME/.ssh/identity^[[24m and the public key in - ^[[4m$HOME/.ssh/identity.pub^[[24m in the userM-bM-^@M-^Ys home directory. The user should - then copy the ^[[4midentity.pub^[[24m to ^[[4m$HOME/.ssh/authorized_keys^[[24m in his/her home - directory on the remote machine (the ^[[4mauthorized_keys^[[24m file corresponds to - the conventional ^[[4m$HOME/.rhosts^[[24m file, and has one key per line, though the + ssh implements the RSA authentication protocol automatically. The user + creates his/her RSA key pair by running ssh-keygen(1). This stores the + private key in $HOME/.ssh/identity and the public key in + $HOME/.ssh/identity.pub in the user's home directory. The user should + then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her home + directory on the remote machine (the authorized_keys file corresponds to + the conventional $HOME/.rhosts file, and has one key per line, though the lines can be very long). After this, the user can log in without giving - the password. RSA authentication is much more secure than rhosts authenM-bM-^@M-^P + the password. RSA authentication is much more secure than rhosts authen- tication. - The most convenient way to use RSA authentication may be with an authenM-bM-^@M-^P - tication agent. See sshM-bM-^@M-^Pagent(1) for more information. + The most convenient way to use RSA authentication may be with an authen- + tication agent. See ssh-agent(1) for more information. - If other authentication methods fail, ^[[1mssh ^[[22mprompts the user for a passM-bM-^@M-^P + If other authentication methods fail, ssh prompts the user for a pass- word. The password is sent to the remote host for checking; however, since all communications are encrypted, the password cannot be seen by someone listening on the network. - ^[[1mSSH protocol version 2^[[0m + SSH protocol version 2 When a user connects using protocol version 2 similar authentication methods are available. Using the default values for - ^[[1mPreferredAuthentications^[[22m, the client will try to authenticate first using + PreferredAuthentications, the client will try to authenticate first using the hostbased method; if this method fails public key authentication is - attempted, and finally if this method fails keyboardM-bM-^@M-^Pinteractive and + attempted, and finally if this method fails keyboard-interactive and password authentication are tried. The public key method is similar to RSA authentication described in the previous section and allows the RSA or DSA algorithm to be used: The - client uses his private key, ^[[4m$HOME/.ssh/id_dsa^[[24m or ^[[4m$HOME/.ssh/id_rsa^[[24m, to - sign the session identifier and sends the result to the server. The - server checks whether the matching public key is listed in - ^[[4m$HOME/.ssh/authorized_keys^[[24m and grants access if both the key is found and - the signature is correct. The session identifier is derived from a - shared DiffieM-bM-^@M-^PHellman value and is only known to the client and the - server. + client uses his private key, $HOME/.ssh/id_dsa or $HOME/.ssh/id_rsa, + which can contain a x509 certificate in addition to key to sign the ses- + sion identifier and sends the result to the server. The server checks + whether the matching public key or certificate is listed in + $HOME/.ssh/authorized_keys and grants access if both the key is found and + the signature is correct. In case with x509 certificate server perform + additional verification of that certificate through database with cer- + tificates and CRLs of certificate signers. The session identifier is + derived from a shared Diffie-Hellman value and is only known to the + client and the server. If public key authentication fails or is not available a password can be - sent encrypted to the remote host for proving the userM-bM-^@M-^Ys identity. + sent encrypted to the remote host for proving the user's identity. - Additionally, ^[[1mssh ^[[22msupports hostbased or challenge response authenticaM-bM-^@M-^P + Additionally, ssh supports hostbased or challenge response authentica- tion. - Protocol 2 provides additional mechanisms for confidentiality (the trafM-bM-^@M-^P + Protocol 2 provides additional mechanisms for confidentiality (the traf- fic is encrypted using 3DES, Blowfish, CAST128 or Arcfour) and integrity - (hmacM-bM-^@M-^Pmd5, hmacM-bM-^@M-^Psha1). Note that protocol 1 lacks a strong mechanism for + (hmac-md5, hmac-sha1). Note that protocol 1 lacks a strong mechanism for ensuring the integrity of the connection. - ^[[1mLogin session and remote execution^[[0m + Login session and remote execution - When the userM-bM-^@M-^Ys identity has been accepted by the server, the server + When the user's identity has been accepted by the server, the server either executes the given command, or logs into the machine and gives the user a normal shell on the remote machine. All communication with the remote command or shell will be automatically encrypted. - If a pseudoM-bM-^@M-^Pterminal has been allocated (normal login session), the user + If a pseudo-terminal has been allocated (normal login session), the user may use the escape characters noted below. If no pseudo tty has been allocated, the session is transparent and can be used to reliably transfer binary data. On most systems, setting the - escape character to M-bM-^@M-^\noneM-bM-^@M-^] will also make the session transparent even if - a tty is used. + escape character to ``none'' will also make the session transparent even + if a tty is used. The session terminates when the command or shell on the remote machine - exits and all X11 and TCP/IP connections have been closed. The exit staM-bM-^@M-^P - tus of the remote program is returned as the exit status of ^[[1mssh^[[22m. + exits and all X11 and TCP/IP connections have been closed. The exit sta- + tus of the remote program is returned as the exit status of ssh. - ^[[1mEscape Characters^[[0m + Escape Characters - When a pseudo terminal has been requested, ssh supports a number of funcM-bM-^@M-^P + When a pseudo terminal has been requested, ssh supports a number of func- tions through the use of an escape character. - A single tilde character can be sent as ^[[1m~~ ^[[22mor by following the tilde by a + A single tilde character can be sent as ~~ or by following the tilde by a character other than those described below. The escape character must - always follow a newline to be interpreted as special. The escape characM-bM-^@M-^P - ter can be changed in configuration files using the ^[[1mEscapeChar ^[[22mconfiguraM-bM-^@M-^P - tion directive or on the command line by the ^[[1mM-bMM-^Re ^[[22moption. + always follow a newline to be interpreted as special. The escape charac- + ter can be changed in configuration files using the EscapeChar configura- + tion directive or on the command line by the -e option. - The supported escapes (assuming the default M-bM-^@M-^X~M-bM-^@M-^Y) are: + The supported escapes (assuming the default `~') are: - ^[[1m~. ^[[22mDisconnect + ~. Disconnect - ^[[1m~^Z ^[[22mBackground ssh + ~^Z Background ssh - ^[[1m~# ^[[22mList forwarded connections + ~# List forwarded connections - ^[[1m~& ^[[22mBackground ssh at logout when waiting for forwarded connection / + ~& Background ssh at logout when waiting for forwarded connection / X11 sessions to terminate - ^[[1m~? ^[[22mDisplay a list of escape characters + ~? Display a list of escape characters - ^[[1m~C ^[[22mOpen command line (only useful for adding port forwardings using - the ^[[1mM-bMM-^RL ^[[22mand ^[[1mM-bMM-^RR ^[[22moptions) + ~C Open command line (only useful for adding port forwardings using + the -L and -R options) - ^[[1m~R ^[[22mRequest rekeying of the connection (only useful for SSH protocol + ~R Request rekeying of the connection (only useful for SSH protocol version 2 and if the peer supports it) - ^[[1mX11 and TCP forwarding^[[0m + X11 and TCP forwarding - If the ^[[1mForwardX11 ^[[22mvariable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or, see the description of - the ^[[1mM-bMM-^RX ^[[22mand ^[[1mM-bMM-^Rx ^[[22moptions described later) and the user is using X11 (the + If the ForwardX11 variable is set to ``yes'' (or, see the description of + the -X and -x options described later) and the user is using X11 (the DISPLAY environment variable is set), the connection to the X11 display is automatically forwarded to the remote side in such a way that any X11 programs started from the shell (or command) will go through the encrypted channel, and the connection to the real X server will be made - from the local machine. The user should not manually set DISPLAY. ForM-bM-^@M-^P + from the local machine. The user should not manually set DISPLAY. For- warding of X11 connections can be configured on the command line or in configuration files. - The DISPLAY value set by ^[[1mssh ^[[22mwill point to the server machine, but with a + The DISPLAY value set by ssh will point to the server machine, but with a display number greater than zero. This is normal, and happens because - ^[[1mssh ^[[22mcreates a M-bM-^@M-^\proxyM-bM-^@M-^] X server on the server machine for forwarding the + ssh creates a ``proxy'' X server on the server machine for forwarding the connections over the encrypted channel. - ^[[1mssh ^[[22mwill also automatically set up Xauthority data on the server machine. + ssh will also automatically set up Xauthority data on the server machine. For this purpose, it will generate a random authorization cookie, store it in Xauthority on the server, and verify that any forwarded connections carry this cookie and replace it by the real cookie when the connection is opened. The real authentication cookie is never sent to the server machine (and no cookies are sent in the plain). - If the ^[[1mForwardAgent ^[[22mvariable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or, see the description of - the ^[[1mM-bMM-^RA ^[[22mand ^[[1mM-bMM-^Ra ^[[22moptions described later) and the user is using an authentiM-bM-^@M-^P - cation agent, the connection to the agent is automatically forwarded to - the remote side. + If the ForwardAgent variable is set to ``yes'' (or, see the description + of the -A and -a options described later) and the user is using an + authentication agent, the connection to the agent is automatically for- + warded to the remote side. Forwarding of arbitrary TCP/IP connections over the secure channel can be specified either on the command line or in a configuration file. One possible application of TCP/IP forwarding is a secure connection to an electronic purse; another is going through firewalls. - ^[[1mServer authentication^[[0m + Server authentication - ^[[1mssh ^[[22mautomatically maintains and checks a database containing identificaM-bM-^@M-^P + ssh automatically maintains and checks a database containing identifica- tions for all hosts it has ever been used with. Host keys are stored in - ^[[4m$HOME/.ssh/known_hosts^[[24m in the userM-bM-^@M-^Ys home directory. Additionally, the - file ^[[4m/etc/ssh/ssh_known_hosts^[[24m is automatically checked for known hosts. - Any new hosts are automatically added to the userM-bM-^@M-^Ys file. If a hostM-bM-^@M-^Ys - identification ever changes, ^[[1mssh ^[[22mwarns about this and disables password - authentication to prevent a trojan horse from getting the userM-bM-^@M-^Ys passM-bM-^@M-^P - word. Another purpose of this mechanism is to prevent manM-bM-^@M-^PinM-bM-^@M-^PtheM-bM-^@M-^Pmiddle + $HOME/.ssh/known_hosts in the user's home directory. Additionally, the + file /etc/ssh/ssh_known_hosts is automatically checked for known hosts. + Any new hosts are automatically added to the user's file. If a host's + identification ever changes, ssh warns about this and disables password + authentication to prevent a trojan horse from getting the user's pass- + word. Another purpose of this mechanism is to prevent man-in-the-middle attacks which could otherwise be used to circumvent the encryption. The - ^[[1mStrictHostKeyChecking ^[[22moption can be used to prevent logins to machines + StrictHostKeyChecking option can be used to prevent logins to machines whose host key is not known or has changed. The options are as follows: - ^[[1mM-bMM-^Ra ^[[22mDisables forwarding of the authentication agent connection. + -a Disables forwarding of the authentication agent connection. - ^[[1mM-bMM-^RA ^[[22mEnables forwarding of the authentication agent connection. This - can also be specified on a perM-bM-^@M-^Phost basis in a configuration + -A Enables forwarding of the authentication agent connection. This + can also be specified on a per-host basis in a configuration file. Agent forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the - agentM-bM-^@M-^Ys UnixM-bM-^@M-^Pdomain socket) can access the local agent through + agent's Unix-domain socket) can access the local agent through the forwarded connection. An attacker cannot obtain key material from the agent, however they can perform operations on the keys that enable them to authenticate using the identities loaded into the agent. - ^[[1mM-bMM-^Rb ^[[4m^[[22mbind_address^[[0m + -b bind_address Specify the interface to transmit from on machines with multiple interfaces or aliased addresses. - ^[[1mM-bMM-^Rc ^[[4m^[[22mblowfish|3des|des^[[0m - Selects the cipher to use for encrypting the session. ^[[4m3des^[[24m is - used by default. It is believed to be secure. ^[[4m3des^[[24m (tripleM-bM-^@M-^Pdes) - is an encryptM-bM-^@M-^PdecryptM-bM-^@M-^Pencrypt triple with three different keys. - ^[[4mblowfish^[[24m is a fast block cipher, it appears very secure and is - much faster than ^[[4m3des^[[24m. ^[[4mdes^[[24m is only supported in the ^[[1mssh ^[[22mclient + -c blowfish|3des|des + Selects the cipher to use for encrypting the session. 3des is + used by default. It is believed to be secure. 3des (triple-des) + is an encrypt-decrypt-encrypt triple with three different keys. + blowfish is a fast block cipher, it appears very secure and is + much faster than 3des. des is only supported in the ssh client for interoperability with legacy protocol 1 implementations that - do not support the ^[[4m3des^[[24m cipher. Its use is strongly discouraged + do not support the 3des cipher. Its use is strongly discouraged due to cryptographic weaknesses. - ^[[1mM-bMM-^Rc ^[[4m^[[22mcipher_spec^[[0m - Additionally, for protocol version 2 a commaM-bM-^@M-^Pseparated list of - ciphers can be specified in order of preference. See ^[[1mCiphers ^[[22mfor + -c cipher_spec + Additionally, for protocol version 2 a comma-separated list of + ciphers can be specified in order of preference. See Ciphers for more information. - ^[[1mM-bMM-^Re ^[[4m^[[22mch|^ch|none^[[0m - Sets the escape character for sessions with a pty (default: M-bM-^@M-^X~M-bM-^@M-^Y). + -e ch|^ch|none + Sets the escape character for sessions with a pty (default: `~'). The escape character is only recognized at the beginning of a - line. The escape character followed by a dot (M-bM-^@M-^X.M-bM-^@M-^Y) closes the - connection, followed by controlM-bM-^@M-^PZ suspends the connection, and + line. The escape character followed by a dot (`.') closes the + connection, followed by control-Z suspends the connection, and followed by itself sends the escape character once. Setting the - character to M-bM-^@M-^\noneM-bM-^@M-^] disables any escapes and makes the session + character to ``none'' disables any escapes and makes the session fully transparent. - ^[[1mM-bMM-^Rf ^[[22mRequests ^[[1mssh ^[[22mto go to background just before command execution. - This is useful if ^[[1mssh ^[[22mis going to ask for passwords or + -f Requests ssh to go to background just before command execution. + This is useful if ssh is going to ask for passwords or passphrases, but the user wants it in the background. This - implies ^[[1mM-bMM-^Rn^[[22m. The recommended way to start X11 programs at a - remote site is with something like ^[[1mssh M-bM-^@M-^Pf host xterm^[[22m. + implies -n. The recommended way to start X11 programs at a + remote site is with something like ssh -f host xterm. - ^[[1mM-bMM-^Rg ^[[22mAllows remote hosts to connect to local forwarded ports. + -g Allows remote hosts to connect to local forwarded ports. - ^[[1mM-bMM-^Ri ^[[4m^[[22midentity_file^[[0m + -i identity_file Selects a file from which the identity (private key) for RSA or - DSA authentication is read. The default is ^[[4m$HOME/.ssh/identity^[[0m - for protocol version 1, and ^[[4m$HOME/.ssh/id_rsa^[[24m and - ^[[4m$HOME/.ssh/id_dsa^[[24m for protocol version 2. Identity files may - also be specified on a perM-bM-^@M-^Phost basis in the configuration file. - It is possible to have multiple ^[[1mM-bMM-^Ri ^[[22moptions (and multiple identiM-bM-^@M-^P - ties specified in configuration files). + DSA authentication is read. The default is $HOME/.ssh/identity + for protocol version 1, and $HOME/.ssh/id_rsa and + $HOME/.ssh/id_dsa for protocol version 2. For protocol version 2 + is possible identity to contain in addition a x509 certificate. + Identity files may also be specified on a per-host basis in the + configuration file. It is possible to have multiple -i options + (and multiple identities specified in configuration files). - ^[[1mM-bMM-^RI ^[[4m^[[22msmartcard_device^[[0m + -I smartcard_device Specifies which smartcard device to use. The argument is the - device ^[[1mssh ^[[22mshould use to communicate with a smartcard used for - storing the userM-bM-^@M-^Ys private RSA key. + device ssh should use to communicate with a smartcard used for + storing the user's private RSA key. - ^[[1mM-bMM-^Rk ^[[22mDisables forwarding of Kerberos tickets and AFS tokens. This may - also be specified on a perM-bM-^@M-^Phost basis in the configuration file. + -k Disables forwarding of Kerberos tickets and AFS tokens. This may + also be specified on a per-host basis in the configuration file. - ^[[1mM-bMM-^Rl ^[[4m^[[22mlogin_name^[[0m + -l login_name Specifies the user to log in as on the remote machine. This also - may be specified on a perM-bM-^@M-^Phost basis in the configuration file. + may be specified on a per-host basis in the configuration file. - ^[[1mM-bMM-^Rm ^[[4m^[[22mmac_spec^[[0m - Additionally, for protocol version 2 a commaM-bM-^@M-^Pseparated list of + -m mac_spec + Additionally, for protocol version 2 a comma-separated list of MAC (message authentication code) algorithms can be specified in - order of preference. See the ^[[1mMACs ^[[22mkeyword for more information. + order of preference. See the MACs keyword for more information. - ^[[1mM-bMM-^Rn ^[[22mRedirects stdin from ^[[4m/dev/null^[[24m (actually, prevents reading from - stdin). This must be used when ^[[1mssh ^[[22mis run in the background. A + -n Redirects stdin from /dev/null (actually, prevents reading from + stdin). This must be used when ssh is run in the background. A common trick is to use this to run X11 programs on a remote - machine. For example, ^[[1mssh M-bM-^@M-^Pn shadows.cs.hut.fi emacs & ^[[22mwill + machine. For example, ssh -n shadows.cs.hut.fi emacs & will start an emacs on shadows.cs.hut.fi, and the X11 connection will - be automatically forwarded over an encrypted channel. The ^[[1mssh^[[0m + be automatically forwarded over an encrypted channel. The ssh program will be put in the background. (This does not work if - ^[[1mssh ^[[22mneeds to ask for a password or passphrase; see also the ^[[1mM-bMM-^Rf^[[0m + ssh needs to ask for a password or passphrase; see also the -f option.) - ^[[1mM-bMM-^RN ^[[22mDo not execute a remote command. This is useful for just forM-bM-^@M-^P + -N Do not execute a remote command. This is useful for just for- warding ports (protocol version 2 only). - ^[[1mM-bMM-^Ro ^[[4m^[[22moption^[[0m - Can be used to give options in the format used in the configuraM-bM-^@M-^P + -o option + Can be used to give options in the format used in the configura- tion file. This is useful for specifying options for which there - is no separate commandM-bM-^@M-^Pline flag. + is no separate command-line flag. - ^[[1mM-bMM-^Rp ^[[4m^[[22mport^[[0m + -p port Port to connect to on the remote host. This can be specified on - a perM-bM-^@M-^Phost basis in the configuration file. + a per-host basis in the configuration file. - ^[[1mM-bMM-^Rq ^[[22mQuiet mode. Causes all warning and diagnostic messages to be + -q Quiet mode. Causes all warning and diagnostic messages to be suppressed. - ^[[1mM-bMM-^Rs ^[[22mMay be used to request invocation of a subsystem on the remote + -s May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which - facilitate the use of SSH as a secure transport for other appliM-bM-^@M-^P - cations (eg. sftp). The subsystem is specified as the remote comM-bM-^@M-^P + facilitate the use of SSH as a secure transport for other appli- + cations (eg. sftp). The subsystem is specified as the remote com- mand. - ^[[1mM-bMM-^Rt ^[[22mForce pseudoM-bM-^@M-^Ptty allocation. This can be used to execute arbiM-bM-^@M-^P - trary screenM-bM-^@M-^Pbased programs on a remote machine, which can be - very useful, e.g., when implementing menu services. Multiple ^[[1mM-bMM-^Rt^[[0m - options force tty allocation, even if ^[[1mssh ^[[22mhas no local tty. - - ^[[1mM-bMM-^RT ^[[22mDisable pseudoM-bM-^@M-^Ptty allocation. - - ^[[1mM-bMM-^Rv ^[[22mVerbose mode. Causes ^[[1mssh ^[[22mto print debugging messages about its - progress. This is helpful in debugging connection, authenticaM-bM-^@M-^P - tion, and configuration problems. Multiple ^[[1mM-bMM-^Rv ^[[22moptions increases + -t Force pseudo-tty allocation. This can be used to execute arbi- + trary screen-based programs on a remote machine, which can be + very useful, e.g., when implementing menu services. Multiple -t + options force tty allocation, even if ssh has no local tty. + + -T Disable pseudo-tty allocation. + + -v Verbose mode. Causes ssh to print debugging messages about its + progress. This is helpful in debugging connection, authentica- + tion, and configuration problems. Multiple -v options increases the verbosity. Maximum is 3. - ^[[1mM-bMM-^Rx ^[[22mDisables X11 forwarding. + -x Disables X11 forwarding. - ^[[1mM-bMM-^RX ^[[22mEnables X11 forwarding. This can also be specified on a perM-bM-^@M-^Phost + -X Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file. X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the - userM-bM-^@M-^Ys X authorization database) can access the local X11 display + user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. - ^[[1mM-bMM-^RC ^[[22mRequests compression of all data (including stdin, stdout, + -C Requests compression of all data (including stdin, stdout, stderr, and data for forwarded X11 and TCP/IP connections). The compression algorithm is the same used by gzip(1), and the - M-bM-^@M-^\levelM-bM-^@M-^] can be controlled by the ^[[1mCompressionLevel ^[[22moption for proM-bM-^@M-^P - tocol version 1. Compression is desirable on modem lines and + ``level'' can be controlled by the CompressionLevel option for + protocol version 1. Compression is desirable on modem lines and other slow connections, but will only slow down things on fast - networks. The default value can be set on a hostM-bM-^@M-^PbyM-bM-^@M-^Phost basis - in the configuration files; see the ^[[1mCompression ^[[22moption. + networks. The default value can be set on a host-by-host basis + in the configuration files; see the Compression option. - ^[[1mM-bMM-^RF ^[[4m^[[22mconfigfile^[[0m - Specifies an alternative perM-bM-^@M-^Puser configuration file. If a conM-bM-^@M-^P - figuration file is given on the command line, the systemM-bM-^@M-^Pwide - configuration file (^[[4m/etc/ssh/ssh_config^[[24m) will be ignored. The - default for the perM-bM-^@M-^Puser configuration file is ^[[4m$HOME/.ssh/config^[[24m. + -F configfile + Specifies an alternative per-user configuration file. If a con- + figuration file is given on the command line, the system-wide + configuration file (/etc/ssh/ssh_config) will be ignored. The + default for the per-user configuration file is $HOME/.ssh/config. - ^[[1mM-bMM-^RL ^[[4m^[[22mport:host:hostport^[[0m + -L port:host:hostport Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. This - works by allocating a socket to listen to ^[[4mport^[[24m on the local side, + works by allocating a socket to listen to port on the local side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to - ^[[4mhost^[[24m port ^[[4mhostport^[[24m from the remote machine. Port forwardings can - also be specified in the configuration file. Only root can forM-bM-^@M-^P + host port hostport from the remote machine. Port forwardings can + also be specified in the configuration file. Only root can for- ward privileged ports. IPv6 addresses can be specified with an - alternative syntax: ^[[4mport/host/hostport^[[0m + alternative syntax: port/host/hostport - ^[[1mM-bMM-^RR ^[[4m^[[22mport:host:hostport^[[0m + -R port:host:hostport Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side. This - works by allocating a socket to listen to ^[[4mport^[[24m on the remote - side, and whenever a connection is made to this port, the connecM-bM-^@M-^P + works by allocating a socket to listen to port on the remote + side, and whenever a connection is made to this port, the connec- tion is forwarded over the secure channel, and a connection is - made to ^[[4mhost^[[24m port ^[[4mhostport^[[24m from the local machine. Port forwardM-bM-^@M-^P + made to host port hostport from the local machine. Port forward- ings can also be specified in the configuration file. Privileged ports can be forwarded only when logging in as root on the remote machine. IPv6 addresses can be specified with an alternative - syntax: ^[[4mport/host/hostport^[[0m + syntax: port/host/hostport - ^[[1mM-bMM-^RD ^[[4m^[[22mport^[[0m - Specifies a local M-bM-^@M-^\dynamicM-bM-^@M-^] applicationM-bM-^@M-^Plevel port forwarding. - This works by allocating a socket to listen to ^[[4mport^[[24m on the local - side, and whenever a connection is made to this port, the connecM-bM-^@M-^P + -D port + Specifies a local ``dynamic'' application-level port forwarding. + This works by allocating a socket to listen to port on the local + side, and whenever a connection is made to this port, the connec- tion is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 protocol is supported, and - ^[[1mssh ^[[22mwill act as a SOCKS4 server. Only root can forward priviM-bM-^@M-^P + ssh will act as a SOCKS4 server. Only root can forward privi- leged ports. Dynamic port forwardings can also be specified in the configuration file. - ^[[1mM-bMM-^R1 ^[[22mForces ^[[1mssh ^[[22mto try protocol version 1 only. + -1 Forces ssh to try protocol version 1 only. - ^[[1mM-bMM-^R2 ^[[22mForces ^[[1mssh ^[[22mto try protocol version 2 only. + -2 Forces ssh to try protocol version 2 only. - ^[[1mM-bMM-^R4 ^[[22mForces ^[[1mssh ^[[22mto use IPv4 addresses only. + -4 Forces ssh to use IPv4 addresses only. - ^[[1mM-bMM-^R6 ^[[22mForces ^[[1mssh ^[[22mto use IPv6 addresses only. + -6 Forces ssh to use IPv6 addresses only. -^[[1mCONFIGURATION FILES^[[0m - ^[[1mssh ^[[22mmay additionally obtain configuration data from a perM-bM-^@M-^Puser configuraM-bM-^@M-^P - tion file and a systemM-bM-^@M-^Pwide configuration file. The file format and conM-bM-^@M-^P +CONFIGURATION FILES + ssh may additionally obtain configuration data from a per-user configura- + tion file and a system-wide configuration file. The file format and con- figuration options are described in ssh_config(5). -^[[1mENVIRONMENT^[[0m - ^[[1mssh ^[[22mwill normally set the following environment variables: +ENVIRONMENT + ssh will normally set the following environment variables: DISPLAY The DISPLAY variable indicates the location of the X11 server. - It is automatically set by ^[[1mssh ^[[22mto point to a value of the form - M-bM-^@M-^\hostname:nM-bM-^@M-^] where hostname indicates the host where the shell - runs, and n is an integer >= 1. ^[[1mssh ^[[22muses this special value to + It is automatically set by ssh to point to a value of the form + ``hostname:n'' where hostname indicates the host where the shell + runs, and n is an integer >= 1. ssh uses this special value to forward X11 connections over the secure channel. The user should normally not set DISPLAY explicitly, as that will render the X11 connection insecure (and will require the user to manually copy any required authorization cookies). - HOME Set to the path of the userM-bM-^@M-^Ys home directory. + HOME Set to the path of the user's home directory. LOGNAME Synonym for USER; set for compatibility with systems that use this variable. - MAIL Set to the path of the userM-bM-^@M-^Ys mailbox. + MAIL Set to the path of the user's mailbox. - PATH Set to the default PATH, as specified when compiling ^[[1mssh^[[22m. + PATH Set to the default PATH, as specified when compiling ssh. SSH_ASKPASS - If ^[[1mssh ^[[22mneeds a passphrase, it will read the passphrase from the - current terminal if it was run from a terminal. If ^[[1mssh ^[[22mdoes not + If ssh needs a passphrase, it will read the passphrase from the + current terminal if it was run from a terminal. If ssh does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the program specified by SSH_ASKPASS and open an X11 window to read the passphrase. This is particularly - useful when calling ^[[1mssh ^[[22mfrom a ^[[4m.Xsession^[[24m or related script. + useful when calling ssh from a .Xsession or related script. (Note that on some machines it may be necessary to redirect the - input from ^[[4m/dev/null^[[24m to make this work.) + input from /dev/null to make this work.) SSH_AUTH_SOCK - Identifies the path of a unixM-bM-^@M-^Pdomain socket used to communicate + Identifies the path of a unix-domain socket used to communicate with the agent. SSH_CONNECTION Identifies the client and server ends of the connection. The - variable contains four spaceM-bM-^@M-^Pseparated values: client ipM-bM-^@M-^Paddress, - client port number, server ipM-bM-^@M-^Paddress and server port number. + variable contains four space-separated values: client ip-address, + client port number, server ip-address and server port number. SSH_ORIGINAL_COMMAND - The variable contains the original command line if a forced comM-bM-^@M-^P - mand is executed. It can be used to extract the original arguM-bM-^@M-^P + The variable contains the original command line if a forced com- + mand is executed. It can be used to extract the original argu- ments. SSH_TTY - This is set to the name of the tty (path to the device) associM-bM-^@M-^P + This is set to the name of the tty (path to the device) associ- ated with the current shell or command. If the current session has no tty, this variable is not set. @@ -459,66 +463,74 @@ USER Set to the name of the user logging in. - Additionally, ^[[1mssh ^[[22mreads ^[[4m$HOME/.ssh/environment^[[24m, and adds lines of the - format M-bM-^@M-^\VARNAME=valueM-bM-^@M-^] to the environment if the file exists and if users - are allowed to change their environment. See the ^[[1mPermitUserEnvironment^[[0m - option in sshd_config(5). + Additionally, ssh reads $HOME/.ssh/environment, and adds lines of the + format ``VARNAME=value'' to the environment if the file exists and if + users are allowed to change their environment. See the + PermitUserEnvironment option in sshd_config(5). -^[[1mFILES^[[0m +FILES $HOME/.ssh/known_hosts Records host keys for all hosts the user has logged into that are - not in ^[[4m/etc/ssh/ssh_known_hosts^[[24m. See sshd(8). + not in /etc/ssh/ssh_known_hosts. See sshd(8). $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa Contains the authentication identity of the user. They are for protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively. - These files contain sensitive data and should be readable by the - user but not accessible by others (read/write/execute). Note - that ^[[1mssh ^[[22mignores a private key file if it is accessible by othM-bM-^@M-^P - ers. It is possible to specify a passphrase when generating the - key; the passphrase will be used to encrypt the sensitive part of - this file using 3DES. + It is possible protocol version 2 identity to contain identity + plus x509 certificate. These files contain sensitive data and + should be readable by the user but not accessible by others + (read/write/execute). Note that ssh ignores a private key file + if it is accessible by others. It is possible to specify a + passphrase when generating the key; the passphrase will be used + to encrypt the sensitive part of this file using 3DES. $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub Contains the public key for authentication (public part of the - identity file in humanM-bM-^@M-^Preadable form). The contents of the - ^[[4m$HOME/.ssh/identity.pub^[[24m file should be added to - ^[[4m$HOME/.ssh/authorized_keys^[[24m on all machines where the user wishes - to log in using protocol version 1 RSA authentication. The conM-bM-^@M-^P - tents of the ^[[4m$HOME/.ssh/id_dsa.pub^[[24m and ^[[4m$HOME/.ssh/id_rsa.pub^[[24m file - should be added to ^[[4m$HOME/.ssh/authorized_keys^[[24m on all machines + identity file in human-readable form). Note that protocol ver- + sion 2 while a identity contain private key and x509 certificate + this file must contain that certificate. The contents of the + $HOME/.ssh/identity.pub file should be added to + $HOME/.ssh/authorized_keys on all machines where the user wishes + to log in using protocol version 1 RSA authentication. The con- + tents of the $HOME/.ssh/id_dsa.pub and $HOME/.ssh/id_rsa.pub file + should be added to $HOME/.ssh/authorized_keys on all machines where the user wishes to log in using protocol version 2 DSA/RSA - authentication. These files are not sensitive and can (but need - not) be readable by anyone. These files are never used automatiM-bM-^@M-^P - cally and are not necessary; they are only provided for the conM-bM-^@M-^P + authentication. In case with x509 certificates user can use + ``new style''. Instead to add content of file to authorized_keys + user can write certificate ``Distinguished Name''. See sshd(8) + manual page. These files are not sensitive and can (but need + not) be readable by anyone. These files are never used automati- + cally and are not necessary; they are only provided for the con- venience of the user. $HOME/.ssh/config - This is the perM-bM-^@M-^Puser configuration file. The file format and + This is the per-user configuration file. The file format and configuration options are described in ssh_config(5). $HOME/.ssh/authorized_keys - Lists the public keys (RSA/DSA) that can be used for logging in - as this user. The format of this file is described in the - sshd(8) manual page. In the simplest form the format is the same - as the .pub identity files. This file is not highly sensitive, - but the recommended permissions are read/write for the user, and - not accessible by others. + Lists the public keys (RSA/DSA) or certificates that can be used + for logging in as this user. The format of this file is + described in the sshd(8) manual page. In the simplest form the + format is the same as the .pub identity files. This file is not + highly sensitive, but the recommended permissions are read/write + for the user, and not accessible by others. /etc/ssh/ssh_known_hosts Systemwide list of known host keys. This file should be prepared by the system administrator to contain the public host keys of - all machines in the organization. This file should be worldM-bM-^@M-^P + all machines in the organization. This file should be world- readable. This file contains public keys, one per line, in the - following format (fields separated by spaces): system name, pubM-bM-^@M-^P - lic key and optional comment field. When different names are - used for the same machine, all such names should be listed, sepaM-bM-^@M-^P - rated by commas. The format is described on the sshd(8) manual - page. + following format (fields separated by spaces): system name, pub- + lic key and optional comment field. When a x509 certificate is + used as host key instead of public key line contain certificate + (old style) or certificate ``Distinguished Name''. When differ- + ent names are used for the same machine, all such names should be + listed, separated by commas. The format is described on the + sshd(8) manual page. The canonical system name (as returned by name servers) is used by sshd(8) to verify the client host when logging in; other names - are needed because ^[[1mssh ^[[22mdoes not convert the userM-bM-^@M-^Psupplied name to + are needed because ssh does not convert the user-supplied name to a canonical name before checking the key, because someone with access to the name servers would then be able to fool host authentication. @@ -530,22 +542,49 @@ /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key These three files contain the private parts of the host keys and - are used for ^[[1mRhostsRSAAuthentication ^[[22mand ^[[1mHostbasedAuthentication^[[22m. - If the protocol version 1 ^[[1mRhostsRSAAuthentication ^[[22mmethod is used, - ^[[1mssh ^[[22mmust be setuid root, since the host key is readable only by - root. For protocol version 2, ^[[1mssh ^[[22muses sshM-bM-^@M-^Pkeysign(8) to access - the host keys for ^[[1mHostbasedAuthentication^[[22m. This eliminates the - requirement that ^[[1mssh ^[[22mbe setuid root when that authentication - method is used. By default ^[[1mssh ^[[22mis not setuid root. + are used for RhostsRSAAuthentication and HostbasedAuthentication. + It is possible files to contain private part plus x509 certifi- + cate for protocol version 2 keys. If the protocol version 1 + RhostsRSAAuthentication method is used, ssh must be setuid root, + since the host key is readable only by root. For protocol ver- + sion 2, ssh uses ssh-keysign(8) to access the host keys for + HostbasedAuthentication. This eliminates the requirement that + ssh be setuid root when that authentication method is used. By + default ssh is not setuid root. When a certificate is used as + host key for hostbased authentication that certificate must have + client purpose too or server configuration must permit connection + without client purpose. For allowed client certificate purposes + see sshd_config(5). + + /etc/ssh/ca/ca-bundle.crt and /etc/ssh/ca/ca-bundle.crl + Part of systemwide ``X509 store''. The first file contain multi- + ple certificates and the second ``Certificate Revocation List'' + (CRLs) of certificate signers in PEM format concatenated + together. Used in verification of server host key certificate. + + /etc/ssh/ca/crt and /etc/ssh/ca/crl + Part of systemwide ``X509 store''. ``Hash dirs'' with certifi- + cates, the first file or CLRs, the second of certificate signers. + Each certificate should be stored in separate file with name + [HASH].[NUMBER] or [HASH].r[NUMBER] for the CRL, where [HASH] is + certificate or CRL hash value and [NUMBER] is an integer starting + from zero. Used in verification of server host key certificate. + + ~/.ssh/ca/ca-bundle.crt and ~/.ssh/ca/ca-bundle.crl + Part of user ``X509 store''. Same as above systemwide files. + + ~/.ssh/ca/crt and ~/.ssh/ca/crl + Part of user ``X509 store''. Same as above systemwide directo- + ries. $HOME/.rhosts - This file is used in ^[[4m.rhosts^[[24m authentication to list the host/user + This file is used in .rhosts authentication to list the host/user pairs that are permitted to log in. (Note that this file is also used by rlogin and rsh, which makes using this file insecure.) Each line of the file contains a host name (in the canonical form returned by name servers), and then a user name on that host, separated by a space. On some machines this file may need to be - worldM-bM-^@M-^Preadable if the userM-bM-^@M-^Ys home directory is on a NFS partiM-bM-^@M-^P + world-readable if the user's home directory is on a NFS parti- tion, because sshd(8) reads it as root. Additionally, this file must be owned by the user, and must not have write permissions for anyone else. The recommended permission for most machines is @@ -554,18 +593,18 @@ Note that by default sshd(8) will be installed so that it requires successful RSA host authentication before permitting .rhosts authentication. If the server machine does not have the - clientM-bM-^@M-^Ys host key in ^[[4m/etc/ssh/ssh_known_hosts^[[24m, it can be stored - in ^[[4m$HOME/.ssh/known_hosts^[[24m. The easiest way to do this is to conM-bM-^@M-^P + client's host key in /etc/ssh/ssh_known_hosts, it can be stored + in $HOME/.ssh/known_hosts. The easiest way to do this is to con- nect back to the client from the server machine using ssh; this - will automatically add the host key to ^[[4m$HOME/.ssh/known_hosts^[[24m. + will automatically add the host key to $HOME/.ssh/known_hosts. $HOME/.shosts - This file is used exactly the same way as ^[[4m.rhosts^[[24m. The purpose + This file is used exactly the same way as .rhosts. The purpose for having this file is to be able to use rhosts authentication - with ^[[1mssh ^[[22mwithout permitting login with ^[[1mrlogin ^[[22mor rsh(1). + with ssh without permitting login with rlogin or rsh(1). /etc/hosts.equiv - This file is used during ^[[4m.rhosts^[[24m ^[[4mauthentication.^[[24m It contains + This file is used during .rhosts authentication. It contains canonical hosts names, one per line (the full format is described on the sshd(8) manual page). If the client host is found in this file, login is automatically permitted provided client and server @@ -574,41 +613,42 @@ writable by root. /etc/shosts.equiv - This file is processed exactly as ^[[4m/etc/hosts.equiv^[[24m. This file - may be useful to permit logins using ^[[1mssh ^[[22mbut not using + This file is processed exactly as /etc/hosts.equiv. This file + may be useful to permit logins using ssh but not using rsh/rlogin. /etc/ssh/sshrc - Commands in this file are executed by ^[[1mssh ^[[22mwhen the user logs in - just before the userM-bM-^@M-^Ys shell (or command) is started. See the + Commands in this file are executed by ssh when the user logs in + just before the user's shell (or command) is started. See the sshd(8) manual page for more information. $HOME/.ssh/rc - Commands in this file are executed by ^[[1mssh ^[[22mwhen the user logs in - just before the userM-bM-^@M-^Ys shell (or command) is started. See the + Commands in this file are executed by ssh when the user logs in + just before the user's shell (or command) is started. See the sshd(8) manual page for more information. $HOME/.ssh/environment Contains additional definitions for environment variables, see - section ^[[4mENVIRONMENT^[[24m above. + section ENVIRONMENT above. -^[[1mDIAGNOSTICS^[[0m - ^[[1mssh ^[[22mexits with the exit status of the remote command or with 255 if an +DIAGNOSTICS + ssh exits with the exit status of the remote command or with 255 if an error occurred. -^[[1mAUTHORS^[[0m +AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P + de Raadt and Dug Song removed many bugs, re-added newer features and cre- ated OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. + versions 1.5 and 2.0. Roumen Petrov contributed support for x509 cer- + tificates. -^[[1mSEE ALSO^[[0m - rsh(1), scp(1), sftp(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pagent(1), sshM-bM-^@M-^Pkeygen(1), - telnet(1), ssh_config(5), sshM-bM-^@M-^Pkeysign(8), sshd(8) +SEE ALSO + rsh(1), scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), + telnet(1), ssh_config(5), ssh-keysign(8), sshd(8) - T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, ^[[4mSSH^[[0m - ^[[4mProtocol^[[24m ^[[4mArchitecture^[[24m, draftM-bM-^@M-^PietfM-bM-^@M-^PsecshM-bM-^@M-^ParchitectureM-bM-^@M-^P12.txt, January + T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH + Protocol Architecture, draft-ietf-secsh-architecture-12.txt, January 2002, work in progress material. BSD September 25, 1999 BSD diff -ruN openssh-3.6.1p1/ssh.1 openssh-3.6.1p1+x509g/ssh.1 --- openssh-3.6.1p1/ssh.1 2003-04-01 14:42:14.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh.1 2003-04-05 09:06:00.000000000 +0300 @@ -13,6 +13,7 @@ .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. .\" Copyright (c) 1999 Aaron Campbell. All rights reserved. .\" Copyright (c) 1999 Theo de Raadt. All rights reserved. +.\" Copyright (c) 2002 Roumen Petrov. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -34,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.168 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD$ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -226,10 +227,15 @@ .Pa $HOME/.ssh/id_dsa or .Pa $HOME/.ssh/id_rsa , +which can contain a x509 certificate in addition to key to sign the session identifier and sends the result to the server. -The server checks whether the matching public key is listed in +The server checks whether the matching public key or certificate +is listed in .Pa $HOME/.ssh/authorized_keys and grants access if both the key is found and the signature is correct. +In case with x509 certificate server perform additional verification of +that certificate through database with certificates and CRLs of certificate +signers. The session identifier is derived from a shared Diffie-Hellman value and is only known to the client and the server. .Pp @@ -478,6 +484,8 @@ and .Pa $HOME/.ssh/id_dsa for protocol version 2. +For protocol version 2 is possible identity to contain in addition +a x509 certificate. Identity files may also be specified on a per-host basis in the configuration file. It is possible to have multiple @@ -777,6 +785,8 @@ .It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa Contains the authentication identity of the user. They are for protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively. +It is possible protocol version 2 identity to contain identity plus +x509 certificate. These files contain sensitive data and should be readable by the user but not accessible by others (read/write/execute). @@ -789,6 +799,8 @@ .It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub Contains the public key for authentication (public part of the identity file in human-readable form). +Note that protocol version 2 while a identity contain private key and +x509 certificate this file must contain that certificate. The contents of the .Pa $HOME/.ssh/identity.pub file should be added to @@ -803,6 +815,14 @@ .Pa $HOME/.ssh/authorized_keys on all machines where the user wishes to log in using protocol version 2 DSA/RSA authentication. +In case with x509 certificates user can use +.Dq "new style" . +Instead to add content of file to authorized_keys user can write +certificate +.Dq "Distinguished Name" . +See +.Xr sshd 8 +manual page. These files are not sensitive and can (but need not) be readable by anyone. These files are @@ -813,7 +833,8 @@ The file format and configuration options are described in .Xr ssh_config 5 . .It Pa $HOME/.ssh/authorized_keys -Lists the public keys (RSA/DSA) that can be used for logging in as this user. +Lists the public keys (RSA/DSA) or certificates that can be used for +logging in as this user. The format of this file is described in the .Xr sshd 8 manual page. @@ -830,6 +851,9 @@ This file contains public keys, one per line, in the following format (fields separated by spaces): system name, public key and optional comment field. +When a x509 certificate is used as host key instead of public key line +contain certificate (old style) or certificate +.Dq "Distinguished Name" . When different names are used for the same machine, all such names should be listed, separated by commas. @@ -854,6 +878,8 @@ .Cm RhostsRSAAuthentication and .Cm HostbasedAuthentication . +It is possible files to contain private part plus x509 certificate for +protocol version 2 keys. If the protocol version 1 .Cm RhostsRSAAuthentication method is used, @@ -871,6 +897,37 @@ By default .Nm is not setuid root. +When a certificate is used as host key for hostbased authentication +that certificate must have client purpose too or server configuration +must permit connection without client purpose. For allowed client +certificate purposes see +.Xr sshd_config 5 . +.It Pa "/etc/ssh/ca/ca-bundle.crt" and "/etc/ssh/ca/ca-bundle.crl" +Part of systemwide +.Dq "X509 store" . +The first file contain multiple certificates and the second +.Dq "Certificate Revocation List" +(CRLs) of certificate signers in PEM format concatenated together. +Used in verification of server host key certificate. +.It Pa "/etc/ssh/ca/crt" and Pa "/etc/ssh/ca/crl" +Part of systemwide +.Dq "X509 store" . +.Dq "Hash dirs" +with certificates, the first file or CLRs, the second of +certificate signers. +Each certificate should be stored in separate file with name +[HASH].[NUMBER] or [HASH].r[NUMBER] for the CRL, where [HASH] is +certificate or CRL hash value and [NUMBER] is an integer starting +from zero. +Used in verification of server host key certificate. +.It Pa "~/.ssh/ca/ca-bundle.crt" and "~/.ssh/ca/ca-bundle.crl" +Part of user +.Dq "X509 store" . +Same as above systemwide files. +.It Pa "~/.ssh/ca/crt" and Pa "~/.ssh/ca/crl" +Part of user +.Dq "X509 store" . +Same as above systemwide directories. .It Pa $HOME/.rhosts This file is used in .Pa \&.rhosts @@ -967,6 +1024,7 @@ created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. +Roumen Petrov contributed support for x509 certificates. .Sh SEE ALSO .Xr rsh 1 , .Xr scp 1 , diff -ruN openssh-3.6.1p1/ssh-add.0 openssh-3.6.1p1+x509g/ssh-add.0 --- openssh-3.6.1p1/ssh-add.0 2003-04-01 14:57:30.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-add.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,102 +1,105 @@ -SSHM-bM-^@M-^PADD(1) BSD General Commands Manual SSHM-bM-^@M-^PADD(1) +SSH-ADD(1) System General Commands Manual SSH-ADD(1) -^[[1mNAME^[[0m - ^[[1msshM-bM-^@M-^Padd ^[[22mM-bMM-^R adds RSA or DSA identities to the authentication agent +NAME + ssh-add - adds RSA or DSA identities to the authentication agent -^[[1mSYNOPSIS^[[0m - ^[[1msshM-bM-^@M-^Padd ^[[22m[^[[1mM-bMM-^RlLdDxXc^[[22m] [^[[1mM-bMM-^Rt ^[[4m^[[22mlife^[[24m] [^[[4mfile^[[24m ^[[4m...^[[24m] - ^[[1msshM-bM-^@M-^Padd M-bMM-^Rs ^[[4m^[[22mreader^[[0m - ^[[1msshM-bM-^@M-^Padd M-bMM-^Re ^[[4m^[[22mreader^[[0m - -^[[1mDESCRIPTION^[[0m - ^[[1msshM-bM-^@M-^Padd ^[[22madds RSA or DSA identities to the authentication agent, - sshM-bM-^@M-^Pagent(1). When run without arguments, it adds the files - ^[[4m$HOME/.ssh/id_rsa^[[24m, ^[[4m$HOME/.ssh/id_dsa^[[24m and ^[[4m$HOME/.ssh/identity^[[24m. AlternaM-bM-^@M-^P +SYNOPSIS + ssh-add [-lLdDxXc] [-t life] [file ...] + ssh-add -s reader + ssh-add -e reader + +DESCRIPTION + ssh-add adds RSA or DSA identities to the authentication agent, + ssh-agent(1). When run without arguments, it adds the files + $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. Alterna- tive file names can be given on the command line. If any file requires a - passphrase, ^[[1msshM-bM-^@M-^Padd ^[[22masks for the passphrase from the user. The - passphrase is read from the userM-bM-^@M-^Ys tty. ^[[1msshM-bM-^@M-^Padd ^[[22mretries the last + passphrase, ssh-add asks for the passphrase from the user. The + passphrase is read from the user's tty. ssh-add retries the last passphrase if multiple identity files are given. The authentication agent must be running and must be an ancestor of the - current process for ^[[1msshM-bM-^@M-^Padd ^[[22mto work. + current process for ssh-add to work. The options are as follows: - ^[[1mM-bMM-^Rl ^[[22mLists fingerprints of all identities currently represented by the + -l Lists fingerprints of all identities currently represented by the agent. - ^[[1mM-bMM-^RL ^[[22mLists public key parameters of all identities currently repreM-bM-^@M-^P + -L Lists public key parameters of all identities currently repre- sented by the agent. - ^[[1mM-bMM-^Rd ^[[22mInstead of adding the identity, removes the identity from the + -d Instead of adding the identity, removes the identity from the agent. - ^[[1mM-bMM-^RD ^[[22mDeletes all identities from the agent. + -D Deletes all identities from the agent. - ^[[1mM-bMM-^Rx ^[[22mLock the agent with a password. + -x Lock the agent with a password. - ^[[1mM-bMM-^RX ^[[22mUnlock the agent. + -X Unlock the agent. - ^[[1mM-bMM-^Rt ^[[4m^[[22mlife^[[0m + -t life Set a maximum lifetime when adding identities to an agent. The - lifetime may be specified in seconds or in a time format speciM-bM-^@M-^P + lifetime may be specified in seconds or in a time format speci- fied in sshd_config(5). - ^[[1mM-bMM-^Rc ^[[22mIndicates that added identities should be subject to confirmation + -c Indicates that added identities should be subject to confirmation before being used for authentication. Confirmation is performed - by the SSH_ASKPASS program mentioned below. Successful confirmaM-bM-^@M-^P - tion is signaled by a zero exit status from the SSH_ASKPASS proM-bM-^@M-^P + by the SSH_ASKPASS program mentioned below. Successful confirma- + tion is signaled by a zero exit status from the SSH_ASKPASS pro- gram, rather than text entered into the requester. - ^[[1mM-bMM-^Rs ^[[4m^[[22mreader^[[0m - Add key in smartcard ^[[4mreader^[[24m. + -s reader + Add key in smartcard reader. - ^[[1mM-bMM-^Re ^[[4m^[[22mreader^[[0m - Remove key in smartcard ^[[4mreader^[[24m. + -e reader + Remove key in smartcard reader. -^[[1mFILES^[[0m +FILES $HOME/.ssh/identity Contains the protocol version 1 RSA authentication identity of the user. $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of - the user. + the user. It is possible to contain identity plus x509 certifi- + cate. $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of - the user. + the user. It is possible to contain identity plus x509 certifi- + cate. Identity files should not be readable by anyone but the user. Note that - ^[[1msshM-bM-^@M-^Padd ^[[22mignores identity files if they are accessible by others. + ssh-add ignores identity files if they are accessible by others. -^[[1mENVIRONMENT^[[0m +ENVIRONMENT DISPLAY and SSH_ASKPASS - If ^[[1msshM-bM-^@M-^Padd ^[[22mneeds a passphrase, it will read the passphrase from - the current terminal if it was run from a terminal. If ^[[1msshM-bM-^@M-^Padd^[[0m + If ssh-add needs a passphrase, it will read the passphrase from + the current terminal if it was run from a terminal. If ssh-add does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the program specified by SSH_ASKPASS and open an X11 window to read the passphrase. This - is particularly useful when calling ^[[1msshM-bM-^@M-^Padd ^[[22mfrom a ^[[4m.Xsession^[[24m or + is particularly useful when calling ssh-add from a .Xsession or related script. (Note that on some machines it may be necessary - to redirect the input from ^[[4m/dev/null^[[24m to make this work.) + to redirect the input from /dev/null to make this work.) SSH_AUTH_SOCK - Identifies the path of a unixM-bM-^@M-^Pdomain socket used to communicate + Identifies the path of a unix-domain socket used to communicate with the agent. -^[[1mDIAGNOSTICS^[[0m +DIAGNOSTICS Exit status is 0 on success, 1 if the specified command fails, and 2 if - ^[[1msshM-bM-^@M-^Padd ^[[22mis unable to contact the authentication agent. + ssh-add is unable to contact the authentication agent. -^[[1mAUTHORS^[[0m +AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P + de Raadt and Dug Song removed many bugs, re-added newer features and cre- ated OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. + versions 1.5 and 2.0. Roumen Petrov contributed support for x509 cer- + tificates. -^[[1mSEE ALSO^[[0m - ssh(1), sshM-bM-^@M-^Pagent(1), sshM-bM-^@M-^Pkeygen(1), sshd(8) +SEE ALSO + ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8) BSD September 25, 1999 BSD diff -ruN openssh-3.6.1p1/ssh-add.1 openssh-3.6.1p1+x509g/ssh-add.1 --- openssh-3.6.1p1/ssh-add.1 2003-04-01 14:42:14.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-add.1 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-add.1,v 1.38 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD$ .\" .\" -*- nroff -*- .\" @@ -16,6 +16,7 @@ .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. .\" Copyright (c) 1999 Aaron Campbell. All rights reserved. .\" Copyright (c) 1999 Theo de Raadt. All rights reserved. +.\" Copyright (c) 2002 Roumen Petrov. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -115,8 +116,10 @@ Contains the protocol version 1 RSA authentication identity of the user. .It Pa $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of the user. +It is possible to contain identity plus x509 certificate. .It Pa $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. +It is possible to contain identity plus x509 certificate. .El .Pp Identity files should not be readable by anyone but the user. @@ -166,6 +169,7 @@ created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. +Roumen Petrov contributed support for x509 certificates. .Sh SEE ALSO .Xr ssh 1 , .Xr ssh-agent 1 , diff -ruN openssh-3.6.1p1/ssh-add.c openssh-3.6.1p1+x509g/ssh-add.c --- openssh-3.6.1p1/ssh-add.c 2003-03-10 02:21:18.000000000 +0200 +++ openssh-3.6.1p1+x509g/ssh-add.c 2003-04-05 09:06:01.000000000 +0300 @@ -12,6 +12,8 @@ * * SSH2 implementation, * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -35,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-add.c,v 1.66 2003/03/05 22:33:43 markus Exp $"); +RCSID("$OpenBSD$"); #include @@ -49,6 +51,7 @@ #include "pathnames.h" #include "readpass.h" #include "misc.h" +#include "ssh-x509.h" #ifdef HAVE___PROGNAME extern char *__progname; @@ -234,9 +237,16 @@ key_size(key), fp, comment, key_type(key)); xfree(fp); } else { - if (!key_write(key, stdout)) - fprintf(stderr, "key_write failed"); - fprintf(stdout, " %s\n", comment); + if ((key->type == KEY_X509_RSA) || (key->type == KEY_X509_DSA)) { + /* key_write will print x509 certificate in blob format :-( */ + if(!x509key_write_subject(key, stdout)) + fprintf(stderr, "x509key_write_subject failed"); + fprintf(stdout, "\n"); + } else { + if (!key_write(key, stdout)) + fprintf(stderr, "key_write failed"); + fprintf(stdout, " %s\n", comment); + } } key_free(key); xfree(comment); diff -ruN openssh-3.6.1p1/ssh-agent.0 openssh-3.6.1p1+x509g/ssh-agent.0 --- openssh-3.6.1p1/ssh-agent.0 2003-04-01 14:57:30.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-agent.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,63 +1,63 @@ -SSHM-bM-^@M-^PAGENT(1) BSD General Commands Manual SSHM-bM-^@M-^PAGENT(1) +SSH-AGENT(1) System General Commands Manual SSH-AGENT(1) -^[[1mNAME^[[0m - ^[[1msshM-bM-^@M-^Pagent ^[[22mM-bMM-^R authentication agent +NAME + ssh-agent - authentication agent -^[[1mSYNOPSIS^[[0m - ^[[1msshM-bM-^@M-^Pagent ^[[22m[^[[1mM-bMM-^Ra ^[[4m^[[22mbind_address^[[24m] [^[[1mM-bMM-^Rc ^[[22m| ^[[1mM-bMM-^Rs^[[22m] [^[[1mM-bMM-^Rt ^[[4m^[[22mlife^[[24m] [^[[1mM-bMM-^Rd^[[22m] [^[[4mcommand^[[24m [^[[4margs^[[24m ^[[4m...^[[24m]] - ^[[1msshM-bM-^@M-^Pagent ^[[22m[^[[1mM-bMM-^Rc ^[[22m| ^[[1mM-bMM-^Rs^[[22m] ^[[1mM-bMM-^Rk^[[0m - -^[[1mDESCRIPTION^[[0m - ^[[1msshM-bM-^@M-^Pagent ^[[22mis a program to hold private keys used for public key authentiM-bM-^@M-^P - cation (RSA, DSA). The idea is that ^[[1msshM-bM-^@M-^Pagent ^[[22mis started in the beginM-bM-^@M-^P - ning of an XM-bM-^@M-^Psession or a login session, and all other windows or proM-bM-^@M-^P - grams are started as clients to the sshM-bM-^@M-^Pagent program. Through use of +SYNOPSIS + ssh-agent [-a bind_address] [-c | -s] [-t life] [-d] [command [args ...]] + ssh-agent [-c | -s] -k + +DESCRIPTION + ssh-agent is a program to hold private keys used for public key authenti- + cation (RSA, DSA). The idea is that ssh-agent is started in the begin- + ning of an X-session or a login session, and all other windows or pro- + grams are started as clients to the ssh-agent program. Through use of environment variables the agent can be located and automatically used for authentication when logging in to other machines using ssh(1). The options are as follows: - ^[[1mM-bMM-^Ra ^[[4m^[[22mbind_address^[[0m - Bind the agent to the unixM-bM-^@M-^Pdomain socket ^[[4mbind_address^[[24m. The - default is ^[[4m/tmp/sshM-bM-^@M-^PXXXXXXXX/agent.^[[24m. + -a bind_address + Bind the agent to the unix-domain socket bind_address. The + default is /tmp/ssh-XXXXXXXX/agent.. - ^[[1mM-bMM-^Rc ^[[22mGenerate CM-bM-^@M-^Pshell commands on stdout. This is the default if - SHELL looks like itM-bM-^@M-^Ys a csh style of shell. + -c Generate C-shell commands on stdout. This is the default if + SHELL looks like it's a csh style of shell. - ^[[1mM-bMM-^Rs ^[[22mGenerate Bourne shell commands on stdout. This is the default if - SHELL does not look like itM-bM-^@M-^Ys a csh style of shell. + -s Generate Bourne shell commands on stdout. This is the default if + SHELL does not look like it's a csh style of shell. - ^[[1mM-bMM-^Rk ^[[22mKill the current agent (given by the SSH_AGENT_PID environment + -k Kill the current agent (given by the SSH_AGENT_PID environment variable). - ^[[1mM-bMM-^Rt ^[[4m^[[22mlife^[[0m + -t life Set a default value for the maximum lifetime of identities added to the agent. The lifetime may be specified in seconds or in a time format specified in sshd(8). A lifetime specified for an - identity with sshM-bM-^@M-^Padd(1) overrides this value. Without this + identity with ssh-add(1) overrides this value. Without this option the default maximum lifetime is forever. - ^[[1mM-bMM-^Rd ^[[22mDebug mode. When this option is specified ^[[1msshM-bM-^@M-^Pagent ^[[22mwill not + -d Debug mode. When this option is specified ssh-agent will not fork. If a commandline is given, this is executed as a subprocess of the agent. When the command dies, so does the agent. The agent initially does not have any private keys. Keys are added using - sshM-bM-^@M-^Padd(1). When executed without arguments, sshM-bM-^@M-^Padd(1) adds the files - ^[[4m$HOME/.ssh/id_rsa^[[24m, ^[[4m$HOME/.ssh/id_dsa^[[24m and ^[[4m$HOME/.ssh/identity^[[24m. If the - identity has a passphrase, sshM-bM-^@M-^Padd(1) asks for the passphrase (using a - small X11 application if running under X11, or from the terminal if runM-bM-^@M-^P - ning without X). It then sends the identity to the agent. Several idenM-bM-^@M-^P + ssh-add(1). When executed without arguments, ssh-add(1) adds the files + $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. If the + identity has a passphrase, ssh-add(1) asks for the passphrase (using a + small X11 application if running under X11, or from the terminal if run- + ning without X). It then sends the identity to the agent. Several iden- tities can be stored in the agent; the agent can automatically use any of - these identities. ^[[1msshM-bM-^@M-^Padd M-bM-^@M-^Pl ^[[22mdisplays the identities currently held by + these identities. ssh-add -l displays the identities currently held by the agent. - The idea is that the agent is run in the userM-bM-^@M-^Ys local PC, laptop, or terM-bM-^@M-^P + The idea is that the agent is run in the user's local PC, laptop, or ter- minal. Authentication data need not be stored on any other machine, and - authentication passphrases never go over the network. However, the conM-bM-^@M-^P + authentication passphrases never go over the network. However, the con- nection to the agent is forwarded over SSH remote logins, and the user - can thus use the privileges given by the identities anywhere in the netM-bM-^@M-^P + can thus use the privileges given by the identities anywhere in the net- work in a secure way. There are two main ways to get an agent setup: Either the agent starts a @@ -69,46 +69,49 @@ The agent will never send a private key over its request channel. Instead, operations that require a private key will be performed by the - agent, and the result will be returned to the requester. This way, priM-bM-^@M-^P + agent, and the result will be returned to the requester. This way, pri- vate keys are not exposed to clients using the agent. - A unixM-bM-^@M-^Pdomain socket is created and the name of this socket is stored in + A unix-domain socket is created and the name of this socket is stored in the SSH_AUTH_SOCK environment variable. The socket is made accessible only to the current user. This method is easily abused by root or another instance of the same user. - The SSH_AGENT_PID environment variable holds the agentM-bM-^@M-^Ys process ID. + The SSH_AGENT_PID environment variable holds the agent's process ID. The agent exits automatically when the command given on the command line terminates. -^[[1mFILES^[[0m +FILES $HOME/.ssh/identity Contains the protocol version 1 RSA authentication identity of the user. $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of - the user. + the user. It is possible to contain identity plus x509 certifi- + cate. $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of - the user. + the user. It is possible to contain identity plus x509 certifi- + cate. - /tmp/sshM-bM-^@M-^PXXXXXXXX/agent. - UnixM-bM-^@M-^Pdomain sockets used to contain the connection to the authenM-bM-^@M-^P + /tmp/ssh-XXXXXXXX/agent. + Unix-domain sockets used to contain the connection to the authen- tication agent. These sockets should only be readable by the owner. The sockets should get automatically removed when the agent exits. -^[[1mAUTHORS^[[0m +AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P + de Raadt and Dug Song removed many bugs, re-added newer features and cre- ated OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. + versions 1.5 and 2.0. Roumen Petrov contributed support for x509 cer- + tificates. -^[[1mSEE ALSO^[[0m - ssh(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pkeygen(1), sshd(8) +SEE ALSO + ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) BSD September 25, 1999 BSD diff -ruN openssh-3.6.1p1/ssh-agent.1 openssh-3.6.1p1+x509g/ssh-agent.1 --- openssh-3.6.1p1/ssh-agent.1 2003-04-01 14:42:14.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-agent.1 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.37 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD$ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -13,6 +13,7 @@ .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. .\" Copyright (c) 1999 Aaron Campbell. All rights reserved. .\" Copyright (c) 1999 Theo de Raadt. All rights reserved. +.\" Copyright (c) 2002 Roumen Petrov. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -171,8 +172,10 @@ Contains the protocol version 1 RSA authentication identity of the user. .It Pa $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of the user. +It is possible to contain identity plus x509 certificate. .It Pa $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. +It is possible to contain identity plus x509 certificate. .It Pa /tmp/ssh-XXXXXXXX/agent. Unix-domain sockets used to contain the connection to the authentication agent. @@ -188,6 +191,7 @@ created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. +Roumen Petrov contributed support for x509 certificates. .Sh SEE ALSO .Xr ssh 1 , .Xr ssh-add 1 , diff -ruN openssh-3.6.1p1/ssh-agent.c openssh-3.6.1p1+x509g/ssh-agent.c --- openssh-3.6.1p1/ssh-agent.c 2003-03-15 02:37:09.000000000 +0200 +++ openssh-3.6.1p1+x509g/ssh-agent.c 2003-04-05 09:06:01.000000000 +0300 @@ -11,6 +11,8 @@ * called by a name other than "ssh" or "Secure Shell". * * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -35,7 +37,7 @@ #include "includes.h" #include "openbsd-compat/sys-queue.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.108 2003/03/13 11:44:50 markus Exp $"); +RCSID("$OpenBSD$"); #include #include @@ -50,6 +52,7 @@ #include "authfd.h" #include "compat.h" #include "log.h" +#include "ssh-x509.h" #include "readpass.h" #include "misc.h" @@ -458,6 +461,7 @@ xfree(type_name); switch (type) { case KEY_DSA: + case KEY_X509_DSA: k = key_new_private(type); buffer_get_bignum2(&e->request, k->dsa->p); buffer_get_bignum2(&e->request, k->dsa->q); @@ -466,6 +470,7 @@ buffer_get_bignum2(&e->request, k->dsa->priv_key); break; case KEY_RSA: + case KEY_X509_RSA: k = key_new_private(type); buffer_get_bignum2(&e->request, k->rsa->n); buffer_get_bignum2(&e->request, k->rsa->e); @@ -481,6 +486,24 @@ buffer_clear(&e->request); goto send; } + switch (type) { + case KEY_X509_RSA: + case KEY_X509_DSA: { + u_char *blob = NULL; + u_int blen = 0; + Key *key = NULL; + + blob = buffer_get_string(&e->request, &blen); + key = x509key_from_blob(blob, blen); + if(key == NULL) { + fatal("process_add_identity() x509key_from_blob fail"); + } + k->x509 = key->x509; + key->x509 = NULL; + key_free(key); + } + break; + } break; } /* enable blinding */ diff -ruN openssh-3.6.1p1/ssh_config openssh-3.6.1p1+x509g/ssh_config --- openssh-3.6.1p1/ssh_config 2002-07-04 03:19:41.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh_config 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $ +# $OpenBSD$ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -34,3 +34,12 @@ # Cipher 3des # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc # EscapeChar ~ +# AllowedCertPurpose sslserver +# CACertificateFile /etc/ssh/ca/ca-bundle.crt +# CACertificatePath /etc/ssh/ca/crt +# CARevocationFile /etc/ssh/ca/ca-bundle.crl +# CARevocationPath /etc/ssh/ca/crl +# UserCACertificateFile ~/.ssh/ca-bundle.crt +# UserCACertificatePath ~/.ssh/crt +# UserCARevocationFile ~/.ssh/ca-bundle.crl +# UserCARevocationPath ~/.ssh/crl diff -ruN openssh-3.6.1p1/ssh_config.0 openssh-3.6.1p1+x509g/ssh_config.0 --- openssh-3.6.1p1/ssh_config.0 2003-04-01 14:57:32.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh_config.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,400 +1,451 @@ -SSH_CONFIG(5) BSD File Formats Manual SSH_CONFIG(5) +SSH_CONFIG(5) System File Formats Manual SSH_CONFIG(5) -^[[1mNAME^[[0m - ^[[1mssh_config ^[[22mM-bMM-^R OpenSSH SSH client configuration files +NAME + ssh_config - OpenSSH SSH client configuration files -^[[1mSYNOPSIS^[[0m - ^[[4m$HOME/.ssh/config^[[0m - ^[[4m/etc/ssh/ssh_config^[[0m +SYNOPSIS + $HOME/.ssh/config + /etc/ssh/ssh_config -^[[1mDESCRIPTION^[[0m - ^[[1mssh ^[[22mobtains configuration data from the following sources in the followM-bM-^@M-^P +DESCRIPTION + ssh obtains configuration data from the following sources in the follow- ing order: - 1. commandM-bM-^@M-^Pline options - 2. userM-bM-^@M-^Ys configuration file (^[[4m$HOME/.ssh/config^[[24m) - 3. systemM-bM-^@M-^Pwide configuration file (^[[4m/etc/ssh/ssh_config^[[24m) + 1. command-line options + 2. user's configuration file ($HOME/.ssh/config) + 3. system-wide configuration file (/etc/ssh/ssh_config) - For each parameter, the first obtained value will be used. The configuM-bM-^@M-^P - ration files contain sections bracketed by M-bM-^@M-^\HostM-bM-^@M-^] specifications, and + For each parameter, the first obtained value will be used. The configu- + ration files contain sections bracketed by ``Host'' specifications, and that section is only applied for hosts that match one of the patterns given in the specification. The matched host name is the one given on the command line. - Since the first obtained value for each parameter is used, more hostM-bM-^@M-^PspeM-bM-^@M-^P + Since the first obtained value for each parameter is used, more host-spe- cific declarations should be given near the beginning of the file, and general defaults at the end. The configuration file has the following format: - Empty lines and lines starting with M-bM-^@M-^X#M-bM-^@M-^Y are comments. + Empty lines and lines starting with `#' are comments. - Otherwise a line is of the format M-bM-^@M-^\keyword argumentsM-bM-^@M-^]. Configuration + Otherwise a line is of the format ``keyword arguments''. Configuration options may be separated by whitespace or optional whitespace and exactly - one M-bM-^@M-^X=M-bM-^@M-^Y; the latter format is useful to avoid the need to quote whitesM-bM-^@M-^P - pace when specifying configuration options using the ^[[1mssh^[[22m, ^[[1mscp ^[[22mand ^[[1msftp M-bMM-^Ro^[[0m + one `='; the latter format is useful to avoid the need to quote whites- + pace when specifying configuration options using the ssh, scp and sftp -o option. - The possible keywords and their meanings are as follows (note that keyM-bM-^@M-^P - words are caseM-bM-^@M-^Pinsensitive and arguments are caseM-bM-^@M-^Psensitive): + The possible keywords and their meanings are as follows (note that key- + words are case-insensitive and arguments are case-sensitive): - ^[[1mHost ^[[22mRestricts the following declarations (up to the next ^[[1mHost ^[[22mkeyM-bM-^@M-^P + Host Restricts the following declarations (up to the next Host key- word) to be only for those hosts that match one of the patterns - given after the keyword. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^XM-bM-^@M-^Y? can be used as wildcards - in the patterns. A single M-bM-^@M-^X*M-bM-^@M-^Y as a pattern can be used to proM-bM-^@M-^P - vide global defaults for all hosts. The host is the ^[[4mhostname^[[0m - argument given on the command line (i.e., the name is not conM-bM-^@M-^P + given after the keyword. `*' and `'? can be used as wildcards + in the patterns. A single `*' as a pattern can be used to pro- + vide global defaults for all hosts. The host is the hostname + argument given on the command line (i.e., the name is not con- verted to a canonicalized host name before matching). - ^[[1mAFSTokenPassing^[[0m - Specifies whether to pass AFS tokens to remote host. The arguM-bM-^@M-^P - ment to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. This option applies - to protocol version 1 only. + AFSTokenPassing + Specifies whether to pass AFS tokens to remote host. The argu- + ment to this keyword must be ``yes'' or ``no''. This option + applies to protocol version 1 only. + + AllowedCertPurpose + The intended use for the X509 server certificate. Without this + option no chain verification will be done. Currently accepted + uses are case insensitive: + - `sslserver' , `SSL server' , `SSL_server' or `server' + - `any' , `Any Purpose' , `Any_Purpose' or `AnyPurpose' + - `skip' or `' (empty): do not check purpose. + + The default is ``sslserver''. - ^[[1mBatchMode^[[0m - If set to M-bM-^@M-^\yesM-bM-^@M-^], passphrase/password querying will be disabled. + BatchMode + If set to ``yes'', passphrase/password querying will be disabled. This option is useful in scripts and other batch jobs where no user is present to supply the password. The argument must be - M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + ``yes'' or ``no''. The default is ``no''. - ^[[1mBindAddress^[[0m + BindAddress Specify the interface to transmit from on machines with multiple interfaces or aliased addresses. Note that this option does not - work if ^[[1mUsePrivilegedPort ^[[22mis set to M-bM-^@M-^\yesM-bM-^@M-^]. + work if UsePrivilegedPort is set to ``yes''. + + CACertificateFile + This file contain multiple certificates of certificate signers in + PEM format concatenated together. The default is + /etc/ssh/ca/ca-bundle.crt + + CACertificatePath + ``Hash dir'' with certificates of certificate signers. Each cer- + tificate should be stored in separate file with name [HASH].[NUM- + BER], where [HASH] is certificate hash value and [NUMBER] is an + integer starting from zero. The default is /etc/ssh/ca/crt + + CARevocationFile + This file contain multiple ``Certificate Revocation List'' (CRL) + of certificate signers in PEM format concatenated together. The + default is /etc/ssh/ca/ca-bundle.crl + + CARevocationPath + ``Hash dir'' with ``Certificate Revocation List'' (CRL) of cer- + tificate signers. Each CRL should be stored in separate file with + name [HASH].r[NUMBER], where [HASH] is CRL hash value and [NUM- + BER] is an integer starting from zero. The default is + /etc/ssh/ca/crl - ^[[1mChallengeResponseAuthentication^[[0m + ChallengeResponseAuthentication Specifies whether to use challenge response authentication. The - argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. + argument to this keyword must be ``yes'' or ``no''. The default + is ``yes''. - ^[[1mCheckHostIP^[[0m - If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh will additionally check the - host IP address in the ^[[4mknown_hosts^[[24m file. This allows ssh to + CheckHostIP + If this flag is set to ``yes'', ssh will additionally check the + host IP address in the known_hosts file. This allows ssh to detect if a host key changed due to DNS spoofing. If the option - is set to M-bM-^@M-^\noM-bM-^@M-^], the check will not be executed. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. + is set to ``no'', the check will not be executed. The default is + ``yes''. - ^[[1mCipher ^[[22mSpecifies the cipher to use for encrypting the session in protoM-bM-^@M-^P - col version 1. Currently, M-bM-^@M-^\blowfishM-bM-^@M-^], M-bM-^@M-^\3desM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^] are supM-bM-^@M-^P - ported. ^[[4mdes^[[24m is only supported in the ^[[1mssh ^[[22mclient for interoperM-bM-^@M-^P - ability with legacy protocol 1 implementations that do not supM-bM-^@M-^P - port the ^[[4m3des^[[24m cipher. Its use is strongly discouraged due to - cryptographic weaknesses. The default is M-bM-^@M-^\3desM-bM-^@M-^]. + Cipher Specifies the cipher to use for encrypting the session in proto- + col version 1. Currently, ``blowfish'', ``3des'', and ``des'' + are supported. des is only supported in the ssh client for + interoperability with legacy protocol 1 implementations that do + not support the 3des cipher. Its use is strongly discouraged due + to cryptographic weaknesses. The default is ``3des''. - ^[[1mCiphers^[[0m + Ciphers Specifies the ciphers allowed for protocol version 2 in order of - preference. Multiple ciphers must be commaM-bM-^@M-^Pseparated. The + preference. Multiple ciphers must be comma-separated. The default is - M-bM-^@M-^XM-bM-^@M-^Xaes128M-bM-^@M-^Pcbc,3desM-bM-^@M-^Pcbc,blowfishM-bM-^@M-^Pcbc,cast128M-bM-^@M-^Pcbc,arcfour, - aes192M-bM-^@M-^Pcbc,aes256M-bM-^@M-^PcbcM-bM-^@M-^YM-bM-^@M-^Y + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, + aes192-cbc,aes256-cbc'' - ^[[1mClearAllForwardings^[[0m + ClearAllForwardings Specifies that all local, remote and dynamic port forwardings specified in the configuration files or on the command line be - cleared. This option is primarily useful when used from the ^[[1mssh^[[0m + cleared. This option is primarily useful when used from the ssh command line to clear port forwardings set in configuration - files, and is automatically set by scp(1) and sftp(1). The arguM-bM-^@M-^P - ment must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + files, and is automatically set by scp(1) and sftp(1). The argu- + ment must be ``yes'' or ``no''. The default is ``no''. - ^[[1mCompression^[[0m - Specifies whether to use compression. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] - or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + Compression + Specifies whether to use compression. The argument must be + ``yes'' or ``no''. The default is ``no''. - ^[[1mCompressionLevel^[[0m + CompressionLevel Specifies the compression level to use if compression is enabled. The argument must be an integer from 1 (fast) to 9 (slow, best). The default level is 6, which is good for most applications. The meaning of the values is the same as in gzip(1). Note that this option applies to protocol version 1 only. - ^[[1mConnectionAttempts^[[0m + ConnectionAttempts Specifies the number of tries (one per second) to make before exiting. The argument must be an integer. This may be useful in scripts if the connection sometimes fails. The default is 1. - ^[[1mDynamicForward^[[0m + DynamicForward Specifies that a TCP/IP port on the local machine be forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. - The argument must be a port number. Currently the SOCKS4 protoM-bM-^@M-^P - col is supported, and ^[[1mssh ^[[22mwill act as a SOCKS4 server. Multiple + The argument must be a port number. Currently the SOCKS4 proto- + col is supported, and ssh will act as a SOCKS4 server. Multiple forwardings may be specified, and additional forwardings can be - given on the command line. Only the superuser can forward priviM-bM-^@M-^P + given on the command line. Only the superuser can forward privi- leged ports. - ^[[1mEscapeChar^[[0m - Sets the escape character (default: M-bM-^@M-^X~M-bM-^@M-^Y). The escape character + EscapeChar + Sets the escape character (default: `~'). The escape character can also be set on the command line. The argument should be a - single character, M-bM-^@M-^X^M-bM-^@M-^Y followed by a letter, or M-bM-^@M-^\noneM-bM-^@M-^] to disable - the escape character entirely (making the connection transparent - for binary data). + single character, `^' followed by a letter, or ``none'' to dis- + able the escape character entirely (making the connection trans- + parent for binary data). - ^[[1mForwardAgent^[[0m + ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + be ``yes'' or ``no''. The default is ``no''. Agent forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the - agentM-bM-^@M-^Ys UnixM-bM-^@M-^Pdomain socket) can access the local agent through + agent's Unix-domain socket) can access the local agent through the forwarded connection. An attacker cannot obtain key material from the agent, however they can perform operations on the keys that enable them to authenticate using the identities loaded into the agent. - ^[[1mForwardX11^[[0m - Specifies whether X11 connections will be automatically rediM-bM-^@M-^P + ForwardX11 + Specifies whether X11 connections will be automatically redi- rected over the secure channel and DISPLAY set. The argument - must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + must be ``yes'' or ``no''. The default is ``no''. X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the - userM-bM-^@M-^Ys X authorization database) can access the local X11 display + user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. - ^[[1mGatewayPorts^[[0m + GatewayPorts Specifies whether remote hosts are allowed to connect to local - forwarded ports. By default, ^[[1mssh ^[[22mbinds local port forwardings to - the loopback address. This prevents other remote hosts from conM-bM-^@M-^P - necting to forwarded ports. ^[[1mGatewayPorts ^[[22mcan be used to specify - that ^[[1mssh ^[[22mshould bind local port forwardings to the wildcard + forwarded ports. By default, ssh binds local port forwardings to + the loopback address. This prevents other remote hosts from con- + necting to forwarded ports. GatewayPorts can be used to specify + that ssh should bind local port forwardings to the wildcard address, thus allowing remote hosts to connect to forwarded - ports. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + ports. The argument must be ``yes'' or ``no''. The default is + ``no''. - ^[[1mGlobalKnownHostsFile^[[0m + GlobalKnownHostsFile Specifies a file to use for the global host key database instead - of ^[[4m/etc/ssh/ssh_known_hosts^[[24m. + of /etc/ssh/ssh_known_hosts. - ^[[1mHostbasedAuthentication^[[0m + HostbasedAuthentication Specifies whether to try rhosts based authentication with public - key authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 2 only - and is similar to ^[[1mRhostsRSAAuthentication^[[22m. + key authentication. The argument must be ``yes'' or ``no''. The + default is ``no''. This option applies to protocol version 2 + only and is similar to RhostsRSAAuthentication. - ^[[1mHostKeyAlgorithms^[[0m + HostKeyAlgorithms Specifies the protocol version 2 host key algorithms that the client wants to use in order of preference. The default for this - option is: M-bM-^@M-^\sshM-bM-^@M-^Prsa,sshM-bM-^@M-^PdssM-bM-^@M-^]. + option is: ``x509v3-sign-rsa,x509v3-sign-dss,ssh-rsa,ssh-dss''. - ^[[1mHostKeyAlias^[[0m + HostKeyAlias Specifies an alias that should be used instead of the real host name when looking up or saving the host key in the host key - database files. This option is useful for tunneling ssh connecM-bM-^@M-^P + database files. This option is useful for tunneling ssh connec- tions or for multiple servers running on a single host. - ^[[1mHostName^[[0m + HostName Specifies the real host name to log into. This can be used to specify nicknames or abbreviations for hosts. Default is the name given on the command line. Numeric IP addresses are also - permitted (both on the command line and in ^[[1mHostName ^[[22mspecificaM-bM-^@M-^P + permitted (both on the command line and in HostName specifica- tions). - ^[[1mIdentityFile^[[0m - Specifies a file from which the userM-bM-^@M-^Ys RSA or DSA authentication - identity is read. The default is ^[[4m$HOME/.ssh/identity^[[24m for protocol - version 1, and ^[[4m$HOME/.ssh/id_rsa^[[24m and ^[[4m$HOME/.ssh/id_dsa^[[24m for protoM-bM-^@M-^P - col version 2. Additionally, any identities represented by the - authentication agent will be used for authentication. The file - name may use the tilde syntax to refer to a userM-bM-^@M-^Ys home direcM-bM-^@M-^P - tory. It is possible to have multiple identity files specified - in configuration files; all these identities will be tried in - sequence. + IdentityFile + Specifies a file from which the user's RSA or DSA authentication + identity is read. The default is $HOME/.ssh/identity for protocol + version 1, and $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa for proto- + col version 2. For version 2 is possible identity file to con- + tain key plus x509 certificate. Additionally, any identities + represented by the authentication agent will be used for authen- + tication. The file name may use the tilde syntax to refer to a + user's home directory. It is possible to have multiple identity + files specified in configuration files; all these identities will + be tried in sequence. - ^[[1mKeepAlive^[[0m + KeepAlive Specifies whether the system should send TCP keepalive messages to the other side. If they are sent, death of the connection or crash of one of the machines will be properly noticed. However, - this means that connections will die if the route is down temM-bM-^@M-^P + this means that connections will die if the route is down tem- porarily, and some people find it annoying. - The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send keepalives), and the client will + The default is ``yes'' (to send keepalives), and the client will notice if the network goes down or the remote host dies. This is important in scripts, and many users want it too. - To disable keepalives, the value should be set to M-bM-^@M-^\noM-bM-^@M-^]. + To disable keepalives, the value should be set to ``no''. - ^[[1mKerberosAuthentication^[[0m + KerberosAuthentication Specifies whether Kerberos authentication will be used. The - argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. + argument to this keyword must be ``yes'' or ``no''. - ^[[1mKerberosTgtPassing^[[0m + KerberosTgtPassing Specifies whether a Kerberos TGT will be forwarded to the server. This will only work if the Kerberos server is actually an AFS - kaserver. The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. + kaserver. The argument to this keyword must be ``yes'' or + ``no''. - ^[[1mLocalForward^[[0m + LocalForward Specifies that a TCP/IP port on the local machine be forwarded over the secure channel to the specified host and port from the remote machine. The first argument must be a port number, and - the second must be ^[[4mhost:port^[[24m. IPv6 addresses can be specified - with an alternative syntax: ^[[4mhost/port^[[24m. Multiple forwardings may - be specified, and additional forwardings can be given on the comM-bM-^@M-^P + the second must be host:port. IPv6 addresses can be specified + with an alternative syntax: host/port. Multiple forwardings may + be specified, and additional forwardings can be given on the com- mand line. Only the superuser can forward privileged ports. - ^[[1mLogLevel^[[0m + LogLevel Gives the verbosity level that is used when logging messages from - ^[[1mssh^[[22m. The possible values are: QUIET, FATAL, ERROR, INFO, VERM-bM-^@M-^P + ssh. The possible values are: QUIET, FATAL, ERROR, INFO, VER- BOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of verbose output. - ^[[1mMACs ^[[22mSpecifies the MAC (message authentication code) algorithms in - order of preference. The MAC algorithm is used in protocol verM-bM-^@M-^P + MACs Specifies the MAC (message authentication code) algorithms in + order of preference. The MAC algorithm is used in protocol ver- sion 2 for data integrity protection. Multiple algorithms must - be commaM-bM-^@M-^Pseparated. The default is - M-bM-^@M-^\hmacM-bM-^@M-^Pmd5,hmacM-bM-^@M-^Psha1,hmacM-bM-^@M-^Pripemd160,hmacM-bM-^@M-^Psha1M-bM-^@M-^P96,hmacM-bM-^@M-^Pmd5M-bM-^@M-^P96M-bM-^@M-^]. + be comma-separated. The default is + ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96''. - ^[[1mNoHostAuthenticationForLocalhost^[[0m + NoHostAuthenticationForLocalhost This option can be used if the home directory is shared across machines. In this case localhost will refer to a different - machine on each of the machines and the user will get many warnM-bM-^@M-^P + machine on each of the machines and the user will get many warn- ings about changed host keys. However, this option disables host authentication for localhost. The argument to this keyword must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is to check the host key for + be ``yes'' or ``no''. The default is to check the host key for localhost. - ^[[1mNumberOfPasswordPrompts^[[0m + NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The argument to this keyword must be an integer. Default is 3. - ^[[1mPasswordAuthentication^[[0m + PasswordAuthentication Specifies whether to use password authentication. The argument - to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. + to this keyword must be ``yes'' or ``no''. The default is + ``yes''. - ^[[1mPort ^[[22mSpecifies the port number to connect on the remote host. Default + Port Specifies the port number to connect on the remote host. Default is 22. - ^[[1mPreferredAuthentications^[[0m + PreferredAuthentications Specifies the order in which the client should try protocol 2 authentication methods. This allows a client to prefer one method - (e.g. ^[[1mkeyboardM-bM-^@M-^Pinteractive^[[22m) over another method (e.g. ^[[1mpassword^[[22m) + (e.g. keyboard-interactive) over another method (e.g. password) The default for this option is: - M-bM-^@M-^\hostbased,publickey,keyboardM-bM-^@M-^Pinteractive,passwordM-bM-^@M-^]. + ``hostbased,publickey,keyboard-interactive,password''. - ^[[1mProtocol^[[0m - Specifies the protocol versions ^[[1mssh ^[[22mshould support in order of - preference. The possible values are M-bM-^@M-^\1M-bM-^@M-^] and M-bM-^@M-^\2M-bM-^@M-^]. Multiple verM-bM-^@M-^P - sions must be commaM-bM-^@M-^Pseparated. The default is M-bM-^@M-^\2,1M-bM-^@M-^]. This means - that ^[[1mssh ^[[22mtries version 2 and falls back to version 1 if version 2 - is not available. + Protocol + Specifies the protocol versions ssh should support in order of + preference. The possible values are ``1'' and ``2''. Multiple + versions must be comma-separated. The default is ``2,1''. This + means that ssh tries version 2 and falls back to version 1 if + version 2 is not available. - ^[[1mProxyCommand^[[0m - Specifies the command to use to connect to the server. The comM-bM-^@M-^P + ProxyCommand + Specifies the command to use to connect to the server. The com- mand string extends to the end of the line, and is executed with - ^[[4m/bin/sh^[[24m. In the command string, M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted by the - host name to connect and M-bM-^@M-^X%pM-bM-^@M-^Y by the port. The command can be + /bin/sh. In the command string, `%h' will be substituted by the + host name to connect and `%p' by the port. The command can be basically anything, and should read from its standard input and write to its standard output. It should eventually connect an - sshd(8) server running on some machine, or execute ^[[1msshd M-bM-^@M-^Pi ^[[22msomeM-bM-^@M-^P + sshd(8) server running on some machine, or execute sshd -i some- where. Host key management will be done using the HostName of the host being connected (defaulting to the name typed by the - user). Setting the command to M-bM-^@M-^\noneM-bM-^@M-^] disables this option - entirely. Note that ^[[1mCheckHostIP ^[[22mis not available for connects + user). Setting the command to ``none'' disables this option + entirely. Note that CheckHostIP is not available for connects with a proxy command. - ^[[1mPubkeyAuthentication^[[0m + PubkeyAuthentication Specifies whether to try public key authentication. The argument - to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. - This option applies to protocol version 2 only. + to this keyword must be ``yes'' or ``no''. The default is + ``yes''. This option applies to protocol version 2 only. - ^[[1mRemoteForward^[[0m + RemoteForward Specifies that a TCP/IP port on the remote machine be forwarded over the secure channel to the specified host and port from the local machine. The first argument must be a port number, and the - second must be ^[[4mhost:port^[[24m. IPv6 addresses can be specified with - an alternative syntax: ^[[4mhost/port^[[24m. Multiple forwardings may be + second must be host:port. IPv6 addresses can be specified with + an alternative syntax: host/port. Multiple forwardings may be specified, and additional forwardings can be given on the command line. Only the superuser can forward privileged ports. - ^[[1mRhostsAuthentication^[[0m + RhostsAuthentication Specifies whether to try rhosts based authentication. Note that this declaration only affects the client side and has no effect - whatsoever on security. Most servers do not permit RhostsAuthenM-bM-^@M-^P - tication because it is not secure (see ^[[1mRhostsRSAAuthentication^[[22m). - The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default - is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only and - requires ^[[1mssh ^[[22mto be setuid root and ^[[1mUsePrivilegedPort ^[[22mto be set to - M-bM-^@M-^\yesM-bM-^@M-^]. + whatsoever on security. Most servers do not permit RhostsAuthen- + tication because it is not secure (see RhostsRSAAuthentication). + The argument to this keyword must be ``yes'' or ``no''. The + default is ``no''. This option applies to protocol version 1 + only and requires ssh to be setuid root and UsePrivilegedPort to + be set to ``yes''. - ^[[1mRhostsRSAAuthentication^[[0m + RhostsRSAAuthentication Specifies whether to try rhosts based authentication with RSA - host authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only - and requires ^[[1mssh ^[[22mto be setuid root. + host authentication. The argument must be ``yes'' or ``no''. + The default is ``no''. This option applies to protocol version 1 + only and requires ssh to be setuid root. - ^[[1mRSAAuthentication^[[0m + RSAAuthentication Specifies whether to try RSA authentication. The argument to - this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. RSA authentication will only - be attempted if the identity file exists, or an authentication - agent is running. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option - applies to protocol version 1 only. + this keyword must be ``yes'' or ``no''. RSA authentication will + only be attempted if the identity file exists, or an authentica- + tion agent is running. The default is ``yes''. Note that this + option applies to protocol version 1 only. - ^[[1mSmartcardDevice^[[0m + SmartcardDevice Specifies which smartcard device to use. The argument to this - keyword is the device ^[[1mssh ^[[22mshould use to communicate with a smartM-bM-^@M-^P - card used for storing the userM-bM-^@M-^Ys private RSA key. By default, no + keyword is the device ssh should use to communicate with a smart- + card used for storing the user's private RSA key. By default, no device is specified and smartcard support is not activated. - ^[[1mStrictHostKeyChecking^[[0m - If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ^[[1mssh ^[[22mwill never automatically add - host keys to the ^[[4m$HOME/.ssh/known_hosts^[[24m file, and refuses to conM-bM-^@M-^P + StrictHostKeyChecking + If this flag is set to ``yes'', ssh will never automatically add + host keys to the $HOME/.ssh/known_hosts file, and refuses to con- nect to hosts whose host key has changed. This provides maximum protection against trojan horse attacks, however, can be annoying - when the ^[[4m/etc/ssh/ssh_known_hosts^[[24m file is poorly maintained, or + when the /etc/ssh/ssh_known_hosts file is poorly maintained, or connections to new hosts are frequently made. This option forces the user to manually add all new hosts. If this flag is set to - M-bM-^@M-^\noM-bM-^@M-^], ^[[1mssh ^[[22mwill automatically add new host keys to the user known - hosts files. If this flag is set to M-bM-^@M-^\askM-bM-^@M-^], new host keys will be - added to the user known host files only after the user has conM-bM-^@M-^P - firmed that is what they really want to do, and ^[[1mssh ^[[22mwill refuse - to connect to hosts whose host key has changed. The host keys of - known hosts will be verified automatically in all cases. The - argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^] or M-bM-^@M-^\askM-bM-^@M-^]. The default is M-bM-^@M-^\askM-bM-^@M-^]. - - ^[[1mUsePrivilegedPort^[[0m - Specifies whether to use a privileged port for outgoing connecM-bM-^@M-^P - tions. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - If set to M-bM-^@M-^\yesM-bM-^@M-^] ^[[1mssh ^[[22mmust be setuid root. Note that this option - must be set to M-bM-^@M-^\yesM-bM-^@M-^] if ^[[1mRhostsAuthentication ^[[22mand - ^[[1mRhostsRSAAuthentication ^[[22mauthentications are needed with older + ``no'', ssh will automatically add new host keys to the user + known hosts files. If this flag is set to ``ask'', new host keys + will be added to the user known host files only after the user + has confirmed that is what they really want to do, and ssh will + refuse to connect to hosts whose host key has changed. The host + keys of known hosts will be verified automatically in all cases. + The argument must be ``yes'', ``no'' or ``ask''. The default is + ``ask''. + + UsePrivilegedPort + Specifies whether to use a privileged port for outgoing connec- + tions. The argument must be ``yes'' or ``no''. The default is + ``no''. If set to ``yes'' ssh must be setuid root. Note that + this option must be set to ``yes'' if RhostsAuthentication and + RhostsRSAAuthentication authentications are needed with older servers. - ^[[1mUser ^[[22mSpecifies the user to log in as. This can be useful when a difM-bM-^@M-^P + User Specifies the user to log in as. This can be useful when a dif- ferent user name is used on different machines. This saves the - trouble of having to remember to give the user name on the comM-bM-^@M-^P + trouble of having to remember to give the user name on the com- mand line. - ^[[1mUserKnownHostsFile^[[0m + UserCACertificateFile + User CACertificateFile , the default is ~/.ssh/ca-bundle.crt + + UserCACertificatePath + User CACertificatePath , the default is ~/.ssh/crt + + UserCARevocationFile + User CARevocationFile , the default is ~/.ssh/ca-bundle.crl + + UserCARevocationPath + User CARevocationPath , the default is ~/.ssh/crl + + UserKnownHostsFile Specifies a file to use for the user host key database instead of - ^[[4m$HOME/.ssh/known_hosts^[[24m. + $HOME/.ssh/known_hosts. - ^[[1mXAuthLocation^[[0m + XAuthLocation Specifies the full pathname of the xauth(1) program. The default - is ^[[4m/usr/X11R6/bin/xauth^[[24m. + is /usr/X11R6/bin/xauth. -^[[1mFILES^[[0m +FILES $HOME/.ssh/config - This is the perM-bM-^@M-^Puser configuration file. The format of this file - is described above. This file is used by the ^[[1mssh ^[[22mclient. This + This is the per-user configuration file. The format of this file + is described above. This file is used by the ssh client. This file does not usually contain any sensitive information, but the recommended permissions are read/write for the user, and not accessible by others. /etc/ssh/ssh_config Systemwide configuration file. This file provides defaults for - those values that are not specified in the userM-bM-^@M-^Ys configuration + those values that are not specified in the user's configuration file, and for those users who do not have a configuration file. - This file must be worldM-bM-^@M-^Preadable. + This file must be world-readable. -^[[1mAUTHORS^[[0m +AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P + de Raadt and Dug Song removed many bugs, re-added newer features and cre- ated OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. + versions 1.5 and 2.0. Roumen Petrov contributed support for x509 cer- + tificates. -^[[1mSEE ALSO^[[0m +SEE ALSO ssh(1) BSD September 25, 1999 BSD diff -ruN openssh-3.6.1p1/ssh_config.5 openssh-3.6.1p1+x509g/ssh_config.5 --- openssh-3.6.1p1/ssh_config.5 2003-04-01 14:42:14.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh_config.5 2003-04-05 09:06:00.000000000 +0300 @@ -13,6 +13,7 @@ .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. .\" Copyright (c) 1999 Aaron Campbell. All rights reserved. .\" Copyright (c) 1999 Theo de Raadt. All rights reserved. +.\" Copyright (c) 2002 Roumen Petrov. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -34,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.7 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD$ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -122,6 +123,35 @@ or .Dq no . This option applies to protocol version 1 only. +.It Cm AllowedCertPurpose +The intended use for the X509 server certificate. Without this option +no chain verification will be done. Currently accepted uses are case +insensitive: + - +.Sq sslserver +, +.Sq SSL server +, +.Sq SSL_server +or +.Sq server + - +.Sq any +, +.Sq Any Purpose +, +.Sq Any_Purpose +or +.Sq AnyPurpose + - +.Sq skip +or +.Sq +.. +(empty): do not check purpose. +.Pp +The default is +.Dq sslserver . .It Cm BatchMode If set to .Dq yes , @@ -141,6 +171,35 @@ .Cm UsePrivilegedPort is set to .Dq yes . +.Pp +.It Cm CACertificateFile +This file contain multiple certificates of certificate signers in +PEM format concatenated together. The default is +.Pa /etc/ssh/ca/ca-bundle.crt +.Pp +.It Cm CACertificatePath +.Dq "Hash dir" +with certificates of certificate signers. Each certificate should be +stored in separate file with name [HASH].[NUMBER], where [HASH] is +certificate hash value and [NUMBER] is an integer starting from zero. +The default is +.Pa /etc/ssh/ca/crt +.Pp +.It Cm CARevocationFile +This file contain multiple +.Dq "Certificate Revocation List" +(CRL) of certificate signers in PEM format concatenated together. +The default is +.Pa /etc/ssh/ca/ca-bundle.crl +.Pp +.It Cm CARevocationPath +.Dq "Hash dir" +with +.Dq "Certificate Revocation List" +(CRL) of certificate signers. Each CRL should be stored in separate +file with name [HASH].r[NUMBER], where [HASH] is CRL hash value and +[NUMBER] is an integer starting from zero. The default is +.Pa /etc/ssh/ca/crl .It Cm ChallengeResponseAuthentication Specifies whether to use challenge response authentication. The argument to this keyword must be @@ -323,7 +382,7 @@ Specifies the protocol version 2 host key algorithms that the client wants to use in order of preference. The default for this option is: -.Dq ssh-rsa,ssh-dss . +.Dq x509v3-sign-rsa,x509v3-sign-dss,ssh-rsa,ssh-dss . .It Cm HostKeyAlias Specifies an alias that should be used instead of the real host name when looking up or saving the host key @@ -346,6 +405,7 @@ and .Pa $HOME/.ssh/id_dsa for protocol version 2. +For version 2 is possible identity file to contain key plus x509 certificate. Additionally, any identities represented by the authentication agent will be used for authentication. The file name may use the tilde @@ -614,6 +674,30 @@ This can be useful when a different user name is used on different machines. This saves the trouble of having to remember to give the user name on the command line. +.Pp +.It Cm UserCACertificateFile +User +.Cm CACertificateFile +, the default is +.Pa ~/.ssh/ca-bundle.crt +.Pp +.It Cm UserCACertificatePath +User +.Cm CACertificatePath +, the default is +.Pa ~/.ssh/crt +.Pp +.It Cm UserCARevocationFile +User +.Cm CARevocationFile +, the default is +.Pa ~/.ssh/ca-bundle.crl +.Pp +.It Cm UserCARevocationPath +User +.Cm CARevocationPath +, the default is +.Pa ~/.ssh/crl .It Cm UserKnownHostsFile Specifies a file to use for the user host key database instead of @@ -652,5 +736,6 @@ created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. +Roumen Petrov contributed support for x509 certificates. .Sh SEE ALSO .Xr ssh 1 diff -ruN openssh-3.6.1p1/sshconnect.c openssh-3.6.1p1+x509g/sshconnect.c --- openssh-3.6.1p1/sshconnect.c 2002-12-23 04:06:20.000000000 +0200 +++ openssh-3.6.1p1+x509g/sshconnect.c 2003-04-05 09:06:01.000000000 +0300 @@ -10,10 +10,13 @@ * software must be clearly marked as such, and if the derived work is * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". + * + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.137 2002/11/21 23:03:51 deraadt Exp $"); +RCSID("$OpenBSD$"); #include @@ -32,6 +35,7 @@ #include "atomicio.h" #include "misc.h" #include "readpass.h" +#include "ssh-x509.h" char *client_version_string = NULL; char *server_version_string = NULL; @@ -498,6 +502,7 @@ char msg[1024]; int len, host_line, ip_line, has_keys; const char *host_file = NULL, *ip_file = NULL; + char extramsg[1024], *subject = NULL; /* * Force accepting of the host key for loopback/localhost. The @@ -643,16 +648,30 @@ has_keys = show_other_keys(host, host_key); /* The default */ fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); + if ((host_key->type == KEY_X509_RSA) || (host_key->type == KEY_X509_DSA)) { + subject = x509key_subject(host_key); + snprintf(extramsg, sizeof(extramsg), + "Distinguished name is %.*s.\n", + X509KEY_SUBJECT_MAXLEN, subject); + } else { + subject = NULL; + *extramsg = '\0'; + } snprintf(msg, sizeof(msg), "The authenticity of host '%.200s (%s)' can't be " "established%s\n" "%s key fingerprint is %s.\n" + "%s" "Are you sure you want to continue connecting " "(yes/no)? ", host, ip, has_keys ? ",\nbut keys of different type are already " "known for this host." : ".", - type, fp); + type, fp, extramsg); + if(subject != NULL) { + xfree(subject); + subject = NULL; + } xfree(fp); if (!confirm(msg)) goto fail; @@ -704,6 +723,13 @@ error("It is also possible that the %s host key has just been changed.", type); error("The fingerprint for the %s key sent by the remote host is\n%s.", type, fp); + if ((host_key->type == KEY_X509_RSA) || (host_key->type == KEY_X509_DSA)) { + subject = x509key_subject(host_key); + error("Distinguished name sent by remote host is\n%.*s.", + X509KEY_SUBJECT_MAXLEN, subject); + xfree(subject); + subject = NULL; + } error("Please contact your system administrator."); error("Add correct host key in %.100s to get rid of this message.", user_hostfile); @@ -896,7 +922,8 @@ static int show_other_keys(const char *host, Key *key) { - int type[] = { KEY_RSA1, KEY_RSA, KEY_DSA, -1}; + int type[] = { KEY_RSA1, KEY_RSA, KEY_DSA, KEY_X509_RSA, KEY_X509_DSA, -1}; + int i, found = 0; for (i = 0; type[i] != -1; i++) { diff -ruN openssh-3.6.1p1/sshd.0 openssh-3.6.1p1+x509g/sshd.0 --- openssh-3.6.1p1/sshd.0 2003-04-01 14:57:31.000000000 +0300 +++ openssh-3.6.1p1+x509g/sshd.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,28 +1,28 @@ -SSHD(8) BSD System ManagerM-bM-^@M-^Ys Manual SSHD(8) +SSHD(8) System Manager's Manual SSHD(8) -^[[1mNAME^[[0m - ^[[1msshd ^[[22mM-bMM-^R OpenSSH SSH daemon +NAME + sshd - OpenSSH SSH daemon -^[[1mSYNOPSIS^[[0m - ^[[1msshd ^[[22m[^[[1mM-bMM-^RdeiqtD46^[[22m] [^[[1mM-bMM-^Rb ^[[4m^[[22mbits^[[24m] [^[[1mM-bMM-^Rf ^[[4m^[[22mconfig_file^[[24m] [^[[1mM-bMM-^Rg ^[[4m^[[22mlogin_grace_time^[[24m] - [^[[1mM-bMM-^Rh ^[[4m^[[22mhost_key_file^[[24m] [^[[1mM-bMM-^Rk ^[[4m^[[22mkey_gen_time^[[24m] [^[[1mM-bMM-^Ro ^[[4m^[[22moption^[[24m] [^[[1mM-bMM-^Rp ^[[4m^[[22mport^[[24m] [^[[1mM-bMM-^Ru ^[[4m^[[22mlen^[[24m] +SYNOPSIS + sshd [-deiqtD46] [-b bits] [-f config_file] [-g login_grace_time] + [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len] -^[[1mDESCRIPTION^[[0m - ^[[1msshd ^[[22m(SSH Daemon) is the daemon program for ssh(1). Together these proM-bM-^@M-^P +DESCRIPTION + sshd (SSH Daemon) is the daemon program for ssh(1). Together these pro- grams replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. The programs are intended to be as easy to install and use as possible. - ^[[1msshd ^[[22mis the daemon that listens for connections from clients. It is norM-bM-^@M-^P - mally started at boot from ^[[4m/etc/rc^[[24m. It forks a new daemon for each + sshd is the daemon that listens for connections from clients. It is nor- + mally started at boot from /etc/rc. It forks a new daemon for each incoming connection. The forked daemons handle key exchange, encryption, - authentication, command execution, and data exchange. This implementaM-bM-^@M-^P - tion of ^[[1msshd ^[[22msupports both SSH protocol version 1 and 2 simultaneously. - ^[[1msshd ^[[22mworks as follows: + authentication, command execution, and data exchange. This implementa- + tion of sshd supports both SSH protocol version 1 and 2 simultaneously. + sshd works as follows: - ^[[1mSSH protocol version 1^[[0m + SSH protocol version 1 - Each host has a hostM-bM-^@M-^Pspecific RSA key (normally 1024 bits) used to idenM-bM-^@M-^P + Each host has a host-specific RSA key (normally 1024 bits) used to iden- tify the host. Additionally, when the daemon starts, it generates a server RSA key (normally 768 bits). This key is normally regenerated every hour if it has been used, and is never stored on disk. @@ -35,44 +35,44 @@ server. Both sides then use this random number as a session key which is used to encrypt all further communications in the session. The rest of the session is encrypted using a conventional cipher, currently Blowfish - or 3DES, with 3DES being used by default. The client selects the encrypM-bM-^@M-^P + or 3DES, with 3DES being used by default. The client selects the encryp- tion algorithm to use from those offered by the server. Next, the server and the client enter an authentication dialog. The - client tries to authenticate itself using ^[[4m.rhosts^[[24m authentication, ^[[4m.rhosts^[[0m - authentication combined with RSA host authentication, RSA challengeM-bM-^@M-^P + client tries to authenticate itself using .rhosts authentication, .rhosts + authentication combined with RSA host authentication, RSA challenge- response authentication, or password based authentication. Rhosts authentication is normally disabled because it is fundamentally insecure, but can be enabled in the server configuration file if desired. - System security is not improved unless ^[[1mrshd^[[22m, ^[[1mrlogind^[[22m, and ^[[1mrexecd ^[[22mare disM-bM-^@M-^P + System security is not improved unless rshd, rlogind, and rexecd are dis- abled (thus completely disabling rlogin and rsh into the machine). - ^[[1mSSH protocol version 2^[[0m + SSH protocol version 2 - Version 2 works similarly: Each host has a hostM-bM-^@M-^Pspecific key (RSA or DSA) - used to identify the host. However, when the daemon starts, it does not - generate a server key. Forward security is provided through a DiffieM-bM-^@M-^P - Hellman key agreement. This key agreement results in a shared session - key. + Version 2 works similarly: Each host has a host-specific key (RSA or DSA) + used to identify the host. It is possible host key to contain key plus + x509 certificate. However, when the daemon starts, it does not generate + a server key. Forward security is provided through a Diffie-Hellman key + agreement. This key agreement results in a shared session key. The rest of the session is encrypted using a symmetric cipher, currently 128 bit AES, Blowfish, 3DES, CAST128, Arcfour, 192 bit AES, or 256 bit AES. The client selects the encryption algorithm to use from those offered by the server. Additionally, session integrity is provided - through a cryptographic message authentication code (hmacM-bM-^@M-^Psha1 or hmacM-bM-^@M-^P + through a cryptographic message authentication code (hmac-sha1 or hmac- md5). - Protocol version 2 provides a public key based user (PubkeyAuthenticaM-bM-^@M-^P + Protocol version 2 provides a public key based user (PubkeyAuthentica- tion) or client host (HostbasedAuthentication) authentication method, - conventional password authentication and challenge response based methM-bM-^@M-^P + conventional password authentication and challenge response based meth- ods. - ^[[1mCommand execution and data forwarding^[[0m + Command execution and data forwarding If the client successfully authenticates itself, a dialog for preparing the session is entered. At this time the client may request things like - allocating a pseudoM-bM-^@M-^Ptty, forwarding X11 connections, forwarding TCP/IP + allocating a pseudo-tty, forwarding X11 connections, forwarding TCP/IP connections, or forwarding the authentication agent connection over the secure channel. @@ -81,360 +81,394 @@ data at any time, and such data is forwarded to/from the shell or command on the server side, and the user terminal in the client side. - When the user program terminates and all forwarded X11 and other connecM-bM-^@M-^P + When the user program terminates and all forwarded X11 and other connec- tions have been closed, the server sends command exit status to the client, and both sides exit. - ^[[1msshd ^[[22mcan be configured using commandM-bM-^@M-^Pline options or a configuration - file. CommandM-bM-^@M-^Pline options override values specified in the configuraM-bM-^@M-^P + sshd can be configured using command-line options or a configuration + file. Command-line options override values specified in the configura- tion file. - ^[[1msshd ^[[22mrereads its configuration file when it receives a hangup signal, + sshd rereads its configuration file when it receives a hangup signal, SIGHUP, by executing itself with the name it was started as, i.e., - ^[[4m/usr/sbin/sshd^[[24m. + /usr/sbin/sshd. The options are as follows: - ^[[1mM-bMM-^Rb ^[[4m^[[22mbits^[[0m + -b bits Specifies the number of bits in the ephemeral protocol version 1 server key (default 768). - ^[[1mM-bMM-^Rd ^[[22mDebug mode. The server sends verbose debug output to the system + -d Debug mode. The server sends verbose debug output to the system log, and does not put itself in the background. The server also will not fork and will only process one connection. This option - is only intended for debugging for the server. Multiple ^[[1mM-bMM-^Rd^[[0m + is only intended for debugging for the server. Multiple -d options increase the debugging level. Maximum is 3. - ^[[1mM-bMM-^Re ^[[22mWhen this option is specified, ^[[1msshd ^[[22mwill send the output to the + -e When this option is specified, sshd will send the output to the standard error instead of the system log. - ^[[1mM-bMM-^Rf ^[[4m^[[22mconfiguration_file^[[0m + -f configuration_file Specifies the name of the configuration file. The default is - ^[[4m/etc/ssh/sshd_config^[[24m. ^[[1msshd ^[[22mrefuses to start if there is no conM-bM-^@M-^P + /etc/ssh/sshd_config. sshd refuses to start if there is no con- figuration file. - ^[[1mM-bMM-^Rg ^[[4m^[[22mlogin_grace_time^[[0m + -g login_grace_time Gives the grace time for clients to authenticate themselves (default 120 seconds). If the client fails to authenticate the user within this many seconds, the server disconnects and exits. A value of zero indicates no limit. - ^[[1mM-bMM-^Rh ^[[4m^[[22mhost_key_file^[[0m + -h host_key_file Specifies a file from which a host key is read. This option must - be given if ^[[1msshd ^[[22mis not run as root (as the normal host key files + be given if sshd is not run as root (as the normal host key files are normally not readable by anyone but root). The default is - ^[[4m/etc/ssh/ssh_host_key^[[24m for protocol version 1, and - ^[[4m/etc/ssh/ssh_host_rsa_key^[[24m and ^[[4m/etc/ssh/ssh_host_dsa_key^[[24m for proM-bM-^@M-^P + /etc/ssh/ssh_host_key for protocol version 1, and + /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro- tocol version 2. It is possible to have multiple host key files - for the different protocol versions and host key algorithms. + for the different protocol versions and host key algorithms. It + is possible host key for protocol version 2 to contain key plus + x509 certificate. - ^[[1mM-bMM-^Ri ^[[22mSpecifies that ^[[1msshd ^[[22mis being run from inetd(8). ^[[1msshd ^[[22mis normally + -i Specifies that sshd is being run from inetd(8). sshd is normally not run from inetd because it needs to generate the server key before it can respond to the client, and this may take tens of seconds. Clients would have to wait too long if the key was regenerated every time. However, with small key sizes (e.g., - 512) using ^[[1msshd ^[[22mfrom inetd may be feasible. + 512) using sshd from inetd may be feasible. - ^[[1mM-bMM-^Rk ^[[4m^[[22mkey_gen_time^[[0m + -k key_gen_time Specifies how often the ephemeral protocol version 1 server key - is regenerated (default 3600 seconds, or one hour). The motivaM-bM-^@M-^P + is regenerated (default 3600 seconds, or one hour). The motiva- tion for regenerating the key fairly often is that the key is not stored anywhere, and after about an hour, it becomes impossible to recover the key for decrypting intercepted communications even if the machine is cracked into or physically seized. A value of zero indicates that the key will never be regenerated. - ^[[1mM-bMM-^Ro ^[[4m^[[22moption^[[0m - Can be used to give options in the format used in the configuraM-bM-^@M-^P + -o option + Can be used to give options in the format used in the configura- tion file. This is useful for specifying options for which there - is no separate commandM-bM-^@M-^Pline flag. + is no separate command-line flag. - ^[[1mM-bMM-^Rp ^[[4m^[[22mport^[[0m + -p port Specifies the port on which the server listens for connections - (default 22). Multiple port options are permitted. Ports speciM-bM-^@M-^P - fied in the configuration file are ignored when a commandM-bM-^@M-^Pline + (default 22). Multiple port options are permitted. Ports speci- + fied in the configuration file are ignored when a command-line port is specified. - ^[[1mM-bMM-^Rq ^[[22mQuiet mode. Nothing is sent to the system log. Normally the + -q Quiet mode. Nothing is sent to the system log. Normally the beginning, authentication, and termination of each connection is logged. - ^[[1mM-bMM-^Rt ^[[22mTest mode. Only check the validity of the configuration file and - sanity of the keys. This is useful for updating ^[[1msshd ^[[22mreliably as + -t Test mode. Only check the validity of the configuration file and + sanity of the keys. This is useful for updating sshd reliably as configuration options may change. - ^[[1mM-bMM-^Ru ^[[4m^[[22mlen^[[24m This option is used to specify the size of the field in the utmp + -u len This option is used to specify the size of the field in the utmp structure that holds the remote host name. If the resolved host - name is longer than ^[[4mlen^[[24m, the dotted decimal value will be used - instead. This allows hosts with very long host names that overM-bM-^@M-^P - flow this field to still be uniquely identified. Specifying ^[[1mM-bMM-^Ru0^[[0m + name is longer than len, the dotted decimal value will be used + instead. This allows hosts with very long host names that over- + flow this field to still be uniquely identified. Specifying -u0 indicates that only dotted decimal addresses should be put into - the ^[[4mutmp^[[24m file. ^[[1mM-bMM-^Ru0 ^[[22mmay also be used to prevent ^[[1msshd ^[[22mfrom making + the utmp file. -u0 may also be used to prevent sshd from making DNS requests unless the authentication mechanism or configuration requires it. Authentication mechanisms that may require DNS - include ^[[1mRhostsAuthentication^[[22m, ^[[1mRhostsRSAAuthentication^[[22m, - ^[[1mHostbasedAuthentication ^[[22mand using a ^[[1mfrom="patternM-bM-^@M-^Plist" ^[[22moption in + include RhostsAuthentication, RhostsRSAAuthentication, + HostbasedAuthentication and using a from="pattern-list" option in a key file. Configuration options that require DNS include using - a USER@HOST pattern in ^[[1mAllowUsers ^[[22mor ^[[1mDenyUsers^[[22m. + a USER@HOST pattern in AllowUsers or DenyUsers. - ^[[1mM-bMM-^RD ^[[22mWhen this option is specified ^[[1msshd ^[[22mwill not detach and does not - become a daemon. This allows easy monitoring of ^[[1msshd^[[22m. + -D When this option is specified sshd will not detach and does not + become a daemon. This allows easy monitoring of sshd. - ^[[1mM-bMM-^R4 ^[[22mForces ^[[1msshd ^[[22mto use IPv4 addresses only. + -4 Forces sshd to use IPv4 addresses only. - ^[[1mM-bMM-^R6 ^[[22mForces ^[[1msshd ^[[22mto use IPv6 addresses only. + -6 Forces sshd to use IPv6 addresses only. -^[[1mCONFIGURATION FILE^[[0m - ^[[1msshd ^[[22mreads configuration data from ^[[4m/etc/ssh/sshd_config^[[24m (or the file - specified with ^[[1mM-bMM-^Rf ^[[22mon the command line). The file format and configuraM-bM-^@M-^P +CONFIGURATION FILE + sshd reads configuration data from /etc/ssh/sshd_config (or the file + specified with -f on the command line). The file format and configura- tion options are described in sshd_config(5). -^[[1mLOGIN PROCESS^[[0m - When a user successfully logs in, ^[[1msshd ^[[22mdoes the following: +LOGIN PROCESS + When a user successfully logs in, sshd does the following: 1. If the login is on a tty, and no command has been specified, - prints last login time and ^[[4m/etc/motd^[[24m (unless prevented in the - configuration file or by ^[[4m$HOME/.hushlogin^[[24m; see the ^[[4mFILES^[[24m secM-bM-^@M-^P + prints last login time and /etc/motd (unless prevented in the + configuration file or by $HOME/.hushlogin; see the FILES sec- tion). 2. If the login is on a tty, records login time. - 3. Checks ^[[4m/etc/nologin^[[24m; if it exists, prints contents and quits + 3. Checks /etc/nologin; if it exists, prints contents and quits (unless root). 4. Changes to run with normal user privileges. 5. Sets up basic environment. - 6. Reads ^[[4m$HOME/.ssh/environment^[[24m if it exists and users are + 6. Reads $HOME/.ssh/environment if it exists and users are allowed to change their environment. See the - ^[[1mPermitUserEnvironment ^[[22moption in sshd_config(5). + PermitUserEnvironment option in sshd_config(5). - 7. Changes to userM-bM-^@M-^Ys home directory. + 7. Changes to user's home directory. - 8. If ^[[4m$HOME/.ssh/rc^[[24m exists, runs it; else if ^[[4m/etc/ssh/sshrc^[[0m - exists, runs it; otherwise runs xauth. The M-bM-^@M-^\rcM-bM-^@M-^] files are + 8. If $HOME/.ssh/rc exists, runs it; else if /etc/ssh/sshrc + exists, runs it; otherwise runs xauth. The ``rc'' files are given the X11 authentication protocol and cookie in standard input. - 9. Runs userM-bM-^@M-^Ys shell or command. + 9. Runs user's shell or command. -^[[1mAUTHORIZED_KEYS FILE FORMAT^[[0m - ^[[4m$HOME/.ssh/authorized_keys^[[24m is the default file that lists the public keys +AUTHORIZED_KEYS FILE FORMAT + $HOME/.ssh/authorized_keys is the default file that lists the public keys that are permitted for RSA authentication in protocol version 1 and for public key authentication (PubkeyAuthentication) in protocol version 2. - ^[[1mAuthorizedKeysFile ^[[22mmay be used to specify an alternative file. + It is posible for protocol version 2 to contain x509 certificate or cer- + tificate ``Distinguished Name''. AuthorizedKeysFile may be used to spec- + ify an alternative file. Each line of the file contains one key (empty lines and lines starting - with a M-bM-^@M-^X#M-bM-^@M-^Y are ignored as comments). Each RSA public key consists of the + with a `#' are ignored as comments). Each RSA public key consists of the following fields, separated by spaces: options, bits, exponent, modulus, - comment. Each protocol version 2 public key consists of: options, keyM-bM-^@M-^P + comment. Each protocol version 2 public key consists of: options, key- type, base64 encoded key, comment. The options field is optional; its presence is determined by whether the line starts with a number or not - (the options field never starts with a number). The bits, exponent, modM-bM-^@M-^P - ulus and comment fields give the RSA key for protocol version 1; the comM-bM-^@M-^P + (the options field never starts with a number). The bits, exponent, mod- + ulus and comment fields give the RSA key for protocol version 1; the com- ment field is not used for anything (but may be convenient for the user - to identify the key). For protocol version 2 the keytype is M-bM-^@M-^\sshM-bM-^@M-^PdssM-bM-^@M-^] or - M-bM-^@M-^\sshM-bM-^@M-^PrsaM-bM-^@M-^]. + to identify the key). For protocol version 2 the keytype is ``ssh-dss'' + or ``ssh-rsa''. In addition for protocol version 2 user can use x509 + certificates. In that case keytype is ``x509v3-sign-rsa'' or + ``x509v3-sign-dss''. Instead of ``base64 encoded key'' line must contain + base64 encoded certicate (old style) or a keyword (new style), optional + followed by symbol equal `=' or colon , zero or more spaces and certifi- + cate ``Distinguished Name'' (Subject). Keyword is case insensitive and + can be one of `Subject' , `Distinguished Name' , `Distinguished-Name' , + `Distinguished_Name' , `DistinguishedName' or `DN'. Separator of Subject + items can be slash `/' , comma or mixed and order is not important. Note that lines in this file are usually several hundred bytes long - (because of the size of the public key encoding). You donM-bM-^@M-^Yt want to type - them in; instead, copy the ^[[4midentity.pub^[[24m, ^[[4mid_dsa.pub^[[24m or the ^[[4mid_rsa.pub^[[0m + (because of the size of the public key encoding). You don't want to type + them in; instead, copy the identity.pub, id_dsa.pub or the id_rsa.pub file and edit it. - ^[[1msshd ^[[22menforces a minimum RSA key modulus size for protocol 1 and protocol + sshd enforces a minimum RSA key modulus size for protocol 1 and protocol 2 keys of 768 bits. - The options (if present) consist of commaM-bM-^@M-^Pseparated option specificaM-bM-^@M-^P - tions. No spaces are permitted, except within double quotes. The folM-bM-^@M-^P + The options (if present) consist of comma-separated option specifica- + tions. No spaces are permitted, except within double quotes. The fol- lowing option specifications are supported (note that option keywords are - caseM-bM-^@M-^Pinsensitive): + case-insensitive): - ^[[1mfrom="patternM-bM-^@M-^Plist"^[[0m + from="pattern-list" Specifies that in addition to public key authentication, the - canonical name of the remote host must be present in the commaM-bM-^@M-^P - separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^XM-bM-^@M-^Y? serve as wildcards). + canonical name of the remote host must be present in the comma- + separated list of patterns (`*' and `'? serve as wildcards). The list may also contain patterns negated by prefixing them with - M-bM-^@M-^XM-bM-^@M-^Y!; if the canonical host name matches a negated pattern, the + `'!; if the canonical host name matches a negated pattern, the key is not accepted. The purpose of this option is to optionally increase security: public key authentication by itself does not - trust the network or name servers or anything (but the key); howM-bM-^@M-^P + trust the network or name servers or anything (but the key); how- ever, if somebody somehow steals the key, the key permits an intruder to log in from anywhere in the world. This additional option makes using a stolen key more difficult (name servers and/or routers would have to be compromised in addition to just the key). - ^[[1mcommand="command"^[[0m + command="command" Specifies that the command is executed whenever this key is used for authentication. The command supplied by the user (if any) is ignored. The command is run on a pty if the client requests a - pty; otherwise it is run without a tty. If an 8M-bM-^@M-^Pbit clean chanM-bM-^@M-^P + pty; otherwise it is run without a tty. If an 8-bit clean chan- nel is required, one must not request a pty or should specify - ^[[1mnoM-bM-^@M-^Ppty^[[22m. A quote may be included in the command by quoting it - with a backslash. This option might be useful to restrict cerM-bM-^@M-^P - tain public keys to perform just a specific operation. An examM-bM-^@M-^P + no-pty. A quote may be included in the command by quoting it + with a backslash. This option might be useful to restrict cer- + tain public keys to perform just a specific operation. An exam- ple might be a key that permits remote backups but nothing else. Note that the client may specify TCP/IP and/or X11 forwarding unless they are explicitly prohibited. Note that this option applies to shell, command or subsystem execution. - ^[[1menvironment="NAME=value"^[[0m + environment="NAME=value" Specifies that the string is to be added to the environment when logging in using this key. Environment variables set this way override other default environment values. Multiple options of this type are permitted. Environment processing is disabled by - default and is controlled via the ^[[1mPermitUserEnvironment ^[[22moption. - This option is automatically disabled if ^[[1mUseLogin ^[[22mis enabled. + default and is controlled via the PermitUserEnvironment option. + This option is automatically disabled if UseLogin is enabled. - ^[[1mnoM-bM-^@M-^PportM-bM-^@M-^Pforwarding^[[0m - Forbids TCP/IP forwarding when this key is used for authenticaM-bM-^@M-^P + no-port-forwarding + Forbids TCP/IP forwarding when this key is used for authentica- tion. Any port forward requests by the client will return an - error. This might be used, e.g., in connection with the ^[[1mcommand^[[0m + error. This might be used, e.g., in connection with the command option. - ^[[1mnoM-bM-^@M-^PX11M-bM-^@M-^Pforwarding^[[0m + no-X11-forwarding Forbids X11 forwarding when this key is used for authentication. Any X11 forward requests by the client will return an error. - ^[[1mnoM-bM-^@M-^PagentM-bM-^@M-^Pforwarding^[[0m + no-agent-forwarding Forbids authentication agent forwarding when this key is used for authentication. - ^[[1mnoM-bM-^@M-^Ppty ^[[22mPrevents tty allocation (a request to allocate a pty will fail). + no-pty Prevents tty allocation (a request to allocate a pty will fail). - ^[[1mpermitopen="host:port"^[[0m - Limit local M-bM-^@M-^XM-bM-^@M-^Xssh M-bM-^@M-^PLM-bM-^@M-^YM-bM-^@M-^Y port forwarding such that it may only conM-bM-^@M-^P - nect to the specified host and port. IPv6 addresses can be specM-bM-^@M-^P - ified with an alternative syntax: ^[[4mhost/port^[[24m. Multiple ^[[1mpermitopen^[[0m + permitopen="host:port" + Limit local ``ssh -L'' port forwarding such that it may only con- + nect to the specified host and port. IPv6 addresses can be spec- + ified with an alternative syntax: host/port. Multiple permitopen options may be applied separated by commas. No pattern matching is performed on the specified hostnames, they must be literal domains or addresses. - ^[[1mExamples^[[0m + Examples 1024 33 12121...312314325 ylo@foo.bar from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula - command="dump /home",noM-bM-^@M-^Ppty,noM-bM-^@M-^PportM-bM-^@M-^Pforwarding 1024 33 23...2323 + command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 backup.hut.fi permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323 -^[[1mSSH_KNOWN_HOSTS FILE FORMAT^[[0m - The ^[[4m/etc/ssh/ssh_known_hosts^[[24m and ^[[4m$HOME/.ssh/known_hosts^[[24m files contain - host public keys for all known hosts. The global file should be prepared - by the administrator (optional), and the perM-bM-^@M-^Puser file is maintained - automatically: whenever the user connects from an unknown host its key is - added to the perM-bM-^@M-^Puser file. + x509v3-sign-dss subject= /C=XX/ST=World/O=OpenSSH Test Team... + +SSH_KNOWN_HOSTS FILE FORMAT + The /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts files contain + host public keys, certificates (old style) or certificate ``Distinguished + Name'' for all known hosts. The global file should be prepared by the + administrator (optional), and the per-user file is maintained automati- + cally: whenever the user connects from an unknown host its key is added + to the per-user file. Each line in these files contains the following fields: hostnames, bits, exponent, modulus, comment. The fields are separated by spaces. - Hostnames is a commaM-bM-^@M-^Pseparated list of patterns (M-bM-^@M-^Y*M-bM-^@M-^Y and M-bM-^@M-^Y?M-bM-^@M-^Y act as wildM-bM-^@M-^P + Hostnames is a comma-separated list of patterns ('*' and '?' act as wild- cards); each pattern in turn is matched against the canonical host name - (when authenticating a client) or against the userM-bM-^@M-^Psupplied name (when - authenticating a server). A pattern may also be preceded by M-bM-^@M-^XM-bM-^@M-^Y! to + (when authenticating a client) or against the user-supplied name (when + authenticating a server). A pattern may also be preceded by `'! to indicate negation: if the host name matches a negated pattern, it is not accepted (by that line) even if it matched another pattern on the line. Bits, exponent, and modulus are taken directly from the RSA host key; - they can be obtained, e.g., from ^[[4m/etc/ssh/ssh_host_key.pub^[[24m. The optional + they can be obtained, e.g., from /etc/ssh/ssh_host_key.pub. The optional comment field continues to the end of the line, and is not used. - Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are ignored as comments. + Lines starting with `#' and empty lines are ignored as comments. When performing host authentication, authentication is accepted if any - matching line has the proper key. It is thus permissible (but not recomM-bM-^@M-^P + matching line has the proper key. It is thus permissible (but not recom- mended) to have several lines or different host keys for the same names. This will inevitably happen when short forms of host names from different - domains are put in the file. It is possible that the files contain conM-bM-^@M-^P + domains are put in the file. It is possible that the files contain con- flicting information; authentication is accepted if valid information can be found from either file. Note that the lines in these files are typically hundreds of characters - long, and you definitely donM-bM-^@M-^Yt want to type in the host keys by hand. - Rather, generate them by a script or by taking ^[[4m/etc/ssh/ssh_host_key.pub^[[0m + long, and you definitely don't want to type in the host keys by hand. + Rather, generate them by a script or by taking /etc/ssh/ssh_host_key.pub and adding the host names at the front. - ^[[1mExamples^[[0m + Examples closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi - cvs.openbsd.org,199.185.137.3 sshM-bM-^@M-^Prsa AAAA1234.....= + cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= + x509host x509v3-sign-rsa Subject:/C=XX..... -^[[1mFILES^[[0m +FILES /etc/ssh/sshd_config - Contains configuration data for ^[[1msshd^[[22m. The file format and conM-bM-^@M-^P + Contains configuration data for sshd. The file format and con- figuration options are described in sshd_config(5). /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key - These three files contain the private parts of the host keys. - These files should only be owned by root, readable only by root, - and not accessible to others. Note that ^[[1msshd ^[[22mdoes not start if - this file is group/worldM-bM-^@M-^Paccessible. + These three files contain the private parts of the host keys. It + is possible to contain private part plus x509 certificate for + protocol version 2 keys. These files should only be owned by + root, readable only by root, and not accessible to others. Note + that sshd does not start if this file is group/world-accessible. /etc/ssh/ssh_host_key.pub, /etc/ssh/ssh_host_dsa_key.pub, /etc/ssh/ssh_host_rsa_key.pub These three files contain the public parts of the host keys. - These files should be worldM-bM-^@M-^Preadable but writable only by root. - Their contents should match the respective private parts. These - files are not really used for anything; they are provided for the - convenience of the user so their contents can be copied to known - hosts files. These files are created using sshM-bM-^@M-^Pkeygen(1). + These files should be world-readable but writable only by root. + Their contents should match the respective private parts. Note + that when corresponding host key contain a certificate in addi- + tion these file must contains that certificate. These files are + not really used for anything; they are provided for the conve- + nience of the user so their contents can be copied to known hosts + files. These files are created using ssh-keygen(1). /etc/moduli - Contains DiffieM-bM-^@M-^PHellman groups used for the "DiffieM-bM-^@M-^PHellman Group + Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". The file format is described in moduli(5). /var/empty - chroot(2) directory used by ^[[1msshd ^[[22mduring privilege separation in - the preM-bM-^@M-^Pauthentication phase. The directory should not contain - any files and must be owned by root and not group or worldM-bM-^@M-^P + chroot(2) directory used by sshd during privilege separation in + the pre-authentication phase. The directory should not contain + any files and must be owned by root and not group or world- writable. /var/run/sshd.pid - Contains the process ID of the ^[[1msshd ^[[22mlistening for connections (if + Contains the process ID of the sshd listening for connections (if there are several daemons running concurrently for different ports, this contains the process ID of the one started last). - The content of this file is not sensitive; it can be worldM-bM-^@M-^PreadM-bM-^@M-^P + The content of this file is not sensitive; it can be world-read- able. $HOME/.ssh/authorized_keys - Lists the public keys (RSA or DSA) that can be used to log into - the userM-bM-^@M-^Ys account. This file must be readable by root (which - may on some machines imply it being worldM-bM-^@M-^Preadable if the userM-bM-^@M-^Ys - home directory resides on an NFS volume). It is recommended that - it not be accessible by others. The format of this file is - described above. Users will place the contents of their - ^[[4midentity.pub^[[24m, ^[[4mid_dsa.pub^[[24m and/or ^[[4mid_rsa.pub^[[24m files into this file, - as described in sshM-bM-^@M-^Pkeygen(1). + Lists the public keys (RSA or DSA), certificates or certificate + ``Distinguished Names'' (recommendet) that can be used to log + into the user's account. This file must be readable by root + (which may on some machines imply it being world-readable if the + user's home directory resides on an NFS volume). It is recom- + mended that it not be accessible by others. The format of this + file is described above. Users will place the contents of their + identity.pub, id_dsa.pub and/or id_rsa.pub files into this file, + as described in ssh-keygen(1). /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts - These files are consulted when using rhosts with RSA host authenM-bM-^@M-^P + These files are consulted when using rhosts with RSA host authen- tication or protocol version 2 hostbased authentication to check - the public key of the host. The key must be listed in one of - these files to be accepted. The client uses the same files to - verify that it is connecting to the correct remote host. These - files should be writable only by root/the owner. - ^[[4m/etc/ssh/ssh_known_hosts^[[24m should be worldM-bM-^@M-^Preadable, and - ^[[4m$HOME/.ssh/known_hosts^[[24m can, but need not be, worldM-bM-^@M-^Preadable. + the public key or certificate of the host. The key must be + listed in one of these files to be accepted. The client uses the + same files to verify that it is connecting to the correct remote + host. These files should be writable only by root/the owner. + /etc/ssh/ssh_known_hosts should be world-readable, and + $HOME/.ssh/known_hosts can, but need not be, world-readable. + + /etc/ssh/ca/ca-bundle.crt and /etc/ssh/ca/ca-bundle.crl + The first file contain multiple certificates and the second + ``Certificate Revocation List'' (CRLs) of certificate signers in + PEM format concatenated together. Used to verify client certifi- + cate. + + /etc/ssh/ca/crt and /etc/ssh/ca/crl + ``Hash dirs'' with certificates, the first directory or CLRs, the + second of certificate signers. Each certificate should be stored + in separate file with name [HASH].[NUMBER] or [HASH].r[NUMBER] + for the CRL, where [HASH] is certificate or CRL hash value and + [NUMBER] is an integer starting from zero. Used to verify client + certificate. /etc/nologin - If this file exists, ^[[1msshd ^[[22mrefuses to let anyone except root log + If this file exists, sshd refuses to let anyone except root log in. The contents of the file are displayed to anyone trying to - log in, and nonM-bM-^@M-^Proot connections are refused. The file should be - worldM-bM-^@M-^Preadable. + log in, and non-root connections are refused. The file should be + world-readable. /etc/hosts.allow, /etc/hosts.deny - Access controls that should be enforced by tcpM-bM-^@M-^Pwrappers are + Access controls that should be enforced by tcp-wrappers are defined here. Further details are described in hosts_access(5). $HOME/.rhosts - This file contains hostM-bM-^@M-^Pusername pairs, separated by a space, one + This file contains host-username pairs, separated by a space, one per line. The given user on the corresponding host is permitted to log in without a password. The same file is used by rlogind - and rshd. The file must be writable only by the user; it is recM-bM-^@M-^P + and rshd. The file must be writable only by the user; it is rec- ommended that it not be accessible by others. If is also possible to use netgroups in the file. Either host or @@ -442,29 +476,29 @@ all users in the group. $HOME/.shosts - For ssh, this file is exactly the same as for ^[[4m.rhosts^[[24m. However, + For ssh, this file is exactly the same as for .rhosts. However, this file is not used by rlogin and rshd, so using this permits access using SSH only. /etc/hosts.equiv - This file is used during ^[[4m.rhosts^[[24m authentication. In the simplest + This file is used during .rhosts authentication. In the simplest form, this file contains host names, one per line. Users on those hosts are permitted to log in without a password, provided they have the same user name on both machines. The host name may also be followed by a user name; such users are permitted to log - in as ^[[4many^[[24m user on this machine (except root). Additionally, the - syntax M-bM-^@M-^\+@groupM-bM-^@M-^] can be used to specify netgroups. Negated - entries start with M-bM-^@M-^XM-bM-^@M-^PM-bM-^@M-^Y. + in as any user on this machine (except root). Additionally, the + syntax ``+@group'' can be used to specify netgroups. Negated + entries start with `-'. If the client host/user is successfully matched in this file, login is automatically permitted provided the client and server user names are the same. Additionally, successful RSA host authentication is normally required. This file must be writable - only by root; it is recommended that it be worldM-bM-^@M-^Preadable. + only by root; it is recommended that it be world-readable. - ^[[1mWarning: It is almost never a good idea to use user names in^[[0m - ^[[4mhosts.equiv^[[24m. Beware that it really means that the named user(s) - can log in as ^[[4manybody^[[24m, which includes bin, daemon, adm, and other + Warning: It is almost never a good idea to use user names in + hosts.equiv. Beware that it really means that the named user(s) + can log in as anybody, which includes bin, daemon, adm, and other accounts that own critical binaries and directories. Using a user name practically grants the user root access. The only valid use for user names that I can think of is in negative @@ -473,75 +507,76 @@ Note that this warning also applies to rsh/rlogin. /etc/shosts.equiv - This is processed exactly as ^[[4m/etc/hosts.equiv^[[24m. However, this + This is processed exactly as /etc/hosts.equiv. However, this file may be useful in environments that want to run both rsh/rlogin and ssh. $HOME/.ssh/environment This file is read into the environment at login (if it exists). It can only contain empty lines, comment lines (that start with - M-bM-^@M-^X#M-bM-^@M-^Y), and assignment lines of the form name=value. The file + `#'), and assignment lines of the form name=value. The file should be writable only by the user; it need not be readable by anyone else. Environment processing is disabled by default and - is controlled via the ^[[1mPermitUserEnvironment ^[[22moption. + is controlled via the PermitUserEnvironment option. $HOME/.ssh/rc - If this file exists, it is run with ^[[4m/bin/sh^[[24m after reading the - environment files but before starting the userM-bM-^@M-^Ys shell or comM-bM-^@M-^P + If this file exists, it is run with /bin/sh after reading the + environment files but before starting the user's shell or com- mand. It must not produce any output on stdout; stderr must be used instead. If X11 forwarding is in use, it will receive the "proto cookie" pair in its standard input (and DISPLAY in its - environment). The script must call xauth(1) because ^[[1msshd ^[[22mwill + environment). The script must call xauth(1) because sshd will not run xauth automatically to add X11 cookies. The primary purpose of this file is to run any initialization - routines which may be needed before the userM-bM-^@M-^Ys home directory - becomes accessible; AFS is a particular example of such an enviM-bM-^@M-^P + routines which may be needed before the user's home directory + becomes accessible; AFS is a particular example of such an envi- ronment. This file will probably contain some initialization code followed by something similar to: - if read proto cookie && [ M-bM-^@M-^Pn "$DISPLAY" ]; then - if [ M-bM-^@M-^Xecho $DISPLAY | cut M-bM-^@M-^Pc1M-bM-^@M-^P10M-bM-^@M-^X = M-bM-^@M-^Ylocalhost:M-bM-^@M-^Y ]; then + if read proto cookie && [ -n "$DISPLAY" ]; then + if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then # X11UseLocalhost=yes - echo add unix:M-bM-^@M-^Xecho $DISPLAY | - cut M-bM-^@M-^Pc11M-bM-^@M-^PM-bM-^@M-^X $proto $cookie + echo add unix:`echo $DISPLAY | + cut -c11-` $proto $cookie else # X11UseLocalhost=no echo add $DISPLAY $proto $cookie - fi | xauth M-bM-^@M-^Pq M-bM-^@M-^P + fi | xauth -q - fi - If this file does not exist, ^[[4m/etc/ssh/sshrc^[[24m is run, and if that + If this file does not exist, /etc/ssh/sshrc is run, and if that does not exist either, xauth is used to add the cookie. This file should be writable only by the user, and need not be readable by anyone else. /etc/ssh/sshrc - Like ^[[4m$HOME/.ssh/rc^[[24m. This can be used to specify machineM-bM-^@M-^Pspecific - loginM-bM-^@M-^Ptime initializations globally. This file should be - writable only by root, and should be worldM-bM-^@M-^Preadable. + Like $HOME/.ssh/rc. This can be used to specify machine-specific + login-time initializations globally. This file should be + writable only by root, and should be world-readable. -^[[1mAUTHORS^[[0m +AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P + de Raadt and Dug Song removed many bugs, re-added newer features and cre- ated OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support - for privilege separation. + for privilege separation. Roumen Petrov contributed support for x509 + certificates. -^[[1mSEE ALSO^[[0m - scp(1), sftp(1), ssh(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pagent(1), sshM-bM-^@M-^Pkeygen(1), - login.conf(5), moduli(5), sshd_config(5), sftpM-bM-^@M-^Pserver(8) +SEE ALSO + scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), + login.conf(5), moduli(5), sshd_config(5), sftp-server(8) - T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, ^[[4mSSH^[[0m - ^[[4mProtocol^[[24m ^[[4mArchitecture^[[24m, draftM-bM-^@M-^PietfM-bM-^@M-^PsecshM-bM-^@M-^ParchitectureM-bM-^@M-^P12.txt, January + T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH + Protocol Architecture, draft-ietf-secsh-architecture-12.txt, January 2002, work in progress material. - M. Friedl, N. Provos, and W. A. Simpson, ^[[4mDiffieM-bM-^@M-^PHellman^[[24m ^[[4mGroup^[[24m ^[[4mExchange^[[0m - ^[[4mfor^[[24m ^[[4mthe^[[24m ^[[4mSSH^[[24m ^[[4mTransport^[[24m ^[[4mLayer^[[24m ^[[4mProtocol^[[24m, draftM-bM-^@M-^PietfM-bM-^@M-^PsecshM-bM-^@M-^PdhM-bM-^@M-^PgroupM-bM-^@M-^P - exchangeM-bM-^@M-^P02.txt, January 2002, work in progress material. + M. Friedl, N. Provos, and W. A. Simpson, Diffie-Hellman Group Exchange + for the SSH Transport Layer Protocol, draft-ietf-secsh-dh-group- + exchange-02.txt, January 2002, work in progress material. BSD September 25, 1999 BSD diff -ruN openssh-3.6.1p1/sshd.8 openssh-3.6.1p1+x509g/sshd.8 --- openssh-3.6.1p1/sshd.8 2003-02-24 02:52:27.000000000 +0200 +++ openssh-3.6.1p1+x509g/sshd.8 2003-04-05 09:06:00.000000000 +0300 @@ -13,6 +13,7 @@ .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. .\" Copyright (c) 1999 Aaron Campbell. All rights reserved. .\" Copyright (c) 1999 Theo de Raadt. All rights reserved. +.\" Copyright (c) 2002 Roumen Petrov. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -34,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.194 2003/01/31 21:54:40 jmc Exp $ +.\" $OpenBSD$ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -132,6 +133,7 @@ .Pp Version 2 works similarly: Each host has a host-specific key (RSA or DSA) used to identify the host. +It is possible host key to contain key plus x509 certificate. However, when the daemon starts, it does not generate a server key. Forward security is provided through a Diffie-Hellman key agreement. This key agreement results in a shared session key. @@ -226,6 +228,8 @@ for protocol version 2. It is possible to have multiple host key files for the different protocol versions and host key algorithms. +It is possible host key for protocol version 2 to contain key plus x509 +certificate. .It Fl i Specifies that .Nm @@ -382,6 +386,9 @@ permitted for RSA authentication in protocol version 1 and for public key authentication (PubkeyAuthentication) in protocol version 2. +It is posible for protocol version 2 to contain x509 certificate +or certificate +.Dq "Distinguished Name" . .Cm AuthorizedKeysFile may be used to specify an alternative file. .Pp @@ -405,6 +412,38 @@ .Dq ssh-dss or .Dq ssh-rsa . +In addition for protocol version 2 user can use x509 certificates. +In that case keytype is +.Dq x509v3-sign-rsa +or +.Dq x509v3-sign-dss . +Instead of +.Dq "base64 encoded key" +line must contain base64 encoded certicate (old style) or +a keyword (new style), optional followed by symbol equal +.Sq = +or colon +.\" .roumen:howto quote colon ? +.\" .Sq : work only in man2html +.\" .Sq \N'58' work only in GNU nroff +.\" +, zero or more spaces and certificate +.Dq "Distinguished Name" +(Subject). Keyword is case insensitive and can be one of +.Sq Subject +, +.Sq "Distinguished Name" +, +.Sq Distinguished-Name +, +.Sq Distinguished_Name +, +.Sq DistinguishedName +or +.Sq DN . +Separator of Subject items can be slash +.Sq / +, comma or mixed and order is not important. .Pp Note that lines in this file are usually several hundred bytes long (because of the size of the public key encoding). @@ -509,12 +548,16 @@ command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi .Pp permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323 +.Pp +x509v3-sign-dss subject= /C=XX/ST=World/O=OpenSSH Test Team.\|.\|.\| .Sh SSH_KNOWN_HOSTS FILE FORMAT The .Pa /etc/ssh/ssh_known_hosts and .Pa $HOME/.ssh/known_hosts -files contain host public keys for all known hosts. +files contain host public keys, certificates (old style) or certificate +.Dq "Distinguished Name" +for all known hosts. The global file should be prepared by the administrator (optional), and the per-user file is maintained automatically: whenever the user connects from an unknown host @@ -564,6 +607,7 @@ .Bd -literal closenet,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= +x509host x509v3-sign-rsa Subject:/C=XX..... .Ed .Sh FILES .Bl -tag -width Ds @@ -574,6 +618,8 @@ .Xr sshd_config 5 . .It Pa /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key These three files contain the private parts of the host keys. +It is possible to contain private part plus x509 certificate for +protocol version 2 keys. These files should only be owned by root, readable only by root, and not accessible to others. Note that @@ -584,6 +630,8 @@ These files should be world-readable but writable only by root. Their contents should match the respective private parts. +Note that when corresponding host key contain a certificate +in addition these file must contains that certificate. These files are not really used for anything; they are provided for the convenience of the user so their contents can be copied to known hosts files. @@ -608,7 +656,10 @@ started last). The content of this file is not sensitive; it can be world-readable. .It Pa $HOME/.ssh/authorized_keys -Lists the public keys (RSA or DSA) that can be used to log into the user's account. +Lists the public keys (RSA or DSA), certificates or certificate +.Dq "Distinguished Names" +(recommendet) +that can be used to log into the user's account. This file must be readable by root (which may on some machines imply it being world-readable if the user's home directory resides on an NFS volume). @@ -624,7 +675,7 @@ .It Pa "/etc/ssh/ssh_known_hosts" and "$HOME/.ssh/known_hosts" These files are consulted when using rhosts with RSA host authentication or protocol version 2 hostbased authentication -to check the public key of the host. +to check the public key or certificate of the host. The key must be listed in one of these files to be accepted. The client uses the same files to verify that it is connecting to the correct remote host. @@ -633,6 +684,20 @@ should be world-readable, and .Pa $HOME/.ssh/known_hosts can, but need not be, world-readable. +.It Pa "/etc/ssh/ca/ca-bundle.crt" and "/etc/ssh/ca/ca-bundle.crl" +The first file contain multiple certificates and the second +.Dq "Certificate Revocation List" +(CRLs) of certificate signers in PEM format concatenated together. +Used to verify client certificate. +.It Pa "/etc/ssh/ca/crt" and Pa "/etc/ssh/ca/crl" +.Dq "Hash dirs" +with certificates, the first directory or CLRs, the second of +certificate signers. +Each certificate should be stored in separate file with name +[HASH].[NUMBER] or [HASH].r[NUMBER] for the CRL, where [HASH] is +certificate or CRL hash value and [NUMBER] is an integer starting +from zero. +Used to verify client certificate. .It Pa /etc/nologin If this file exists, .Nm @@ -778,6 +843,7 @@ protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. +Roumen Petrov contributed support for x509 certificates. .Sh SEE ALSO .Xr scp 1 , .Xr sftp 1 , diff -ruN openssh-3.6.1p1/sshd.c openssh-3.6.1p1+x509g/sshd.c --- openssh-3.6.1p1/sshd.c 2003-03-10 02:38:10.000000000 +0200 +++ openssh-3.6.1p1+x509g/sshd.c 2003-04-05 09:06:01.000000000 +0300 @@ -20,6 +20,9 @@ * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. * + * X509 certificates support: + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -42,7 +45,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.263 2003/02/16 17:09:57 markus Exp $"); +RCSID("$OpenBSD$"); #include #include @@ -695,6 +698,8 @@ switch (key->type) { case KEY_RSA: case KEY_DSA: + case KEY_X509_RSA: + case KEY_X509_DSA: if (buffer_len(&b) > 0) buffer_append(&b, ",", 1); p = key_ssh_name(key); @@ -1003,6 +1008,8 @@ break; case KEY_RSA: case KEY_DSA: + case KEY_X509_RSA: + case KEY_X509_DSA: sensitive_data.have_ssh2_key = 1; break; } @@ -1224,6 +1231,8 @@ if (f) { fprintf(f, "%ld\n", (long) getpid()); fclose(f); + } else { + error("Could not create pid file: %.400s", options.pid_file); } } diff -ruN openssh-3.6.1p1/sshd_config openssh-3.6.1p1+x509g/sshd_config --- openssh-3.6.1p1/sshd_config 2002-09-27 06:21:58.000000000 +0300 +++ openssh-3.6.1p1+x509g/sshd_config 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $ +# $OpenBSD$ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -21,6 +21,32 @@ #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key +# The intended use for the X509 client certificate. Without this option +# no chain verification will be done. Currently accepted uses are case +# insensitive: +# - "sslclient", "SSL client", "SSL_client" or "client" +# - "any", "Any Purpose", "Any_Purpose" or "AnyPurpose" +# - "skip" or ""(empty): don`t check purpose. +#AllowedCertPurpose sslclient + +# A file with multiple certificates of certificate signers +# in PEM format concatenated together. +#CACertificateFile /etc/ssh/ca/ca-bundle.crt + +# A directory with certificates of certificate signers. +# The certificates should have name of the form: [HASH].[NUMBER] +# or have symbolic links to them of this form. +#CACertificatePath /etc/ssh/ca/crt + +# A file with multiple CRL of certificate signers +# in PEM format concatenated together. +#CARevocationFile /etc/ssh/ca/ca-bundle.crl + +# A directory with CRL of certificate signers. +# The CRL should have name of the form: [HASH].r[NUMBER] +# or have symbolic links to them of this form. +#CARevocationPath /etc/ssh/ca/crl + # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 3600 #ServerKeyBits 768 diff -ruN openssh-3.6.1p1/sshd_config.0 openssh-3.6.1p1+x509g/sshd_config.0 --- openssh-3.6.1p1/sshd_config.0 2003-04-01 14:57:32.000000000 +0300 +++ openssh-3.6.1p1+x509g/sshd_config.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,444 +1,479 @@ -SSHD_CONFIG(5) BSD File Formats Manual SSHD_CONFIG(5) +SSHD_CONFIG(5) System File Formats Manual SSHD_CONFIG(5) -^[[1mNAME^[[0m - ^[[1msshd_config ^[[22mM-bMM-^R OpenSSH SSH daemon configuration file +NAME + sshd_config - OpenSSH SSH daemon configuration file -^[[1mSYNOPSIS^[[0m - ^[[4m/etc/ssh/sshd_config^[[0m +SYNOPSIS + /etc/ssh/sshd_config -^[[1mDESCRIPTION^[[0m - ^[[1msshd ^[[22mreads configuration data from ^[[4m/etc/ssh/sshd_config^[[24m (or the file - specified with ^[[1mM-bMM-^Rf ^[[22mon the command line). The file contains keywordM-bM-^@M-^ParguM-bM-^@M-^P - ment pairs, one per line. Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are +DESCRIPTION + sshd reads configuration data from /etc/ssh/sshd_config (or the file + specified with -f on the command line). The file contains keyword-argu- + ment pairs, one per line. Lines starting with `#' and empty lines are interpreted as comments. - The possible keywords and their meanings are as follows (note that keyM-bM-^@M-^P - words are caseM-bM-^@M-^Pinsensitive and arguments are caseM-bM-^@M-^Psensitive): + The possible keywords and their meanings are as follows (note that key- + words are case-insensitive and arguments are case-sensitive): - ^[[1mAFSTokenPassing^[[0m + AFSTokenPassing Specifies whether an AFS token may be forwarded to the server. - Default is M-bM-^@M-^\noM-bM-^@M-^]. + Default is ``no''. + + AllowedCertPurpose + The intended use for the X509 client certificate. Without this + option no chain verification will be done. Currently accepted + uses are case insensitive: + - `sslclient' , `SSL client' , `SSL_client' or `client' + - `any' , `Any Purpose' , `Any_Purpose' or `AnyPurpose' + - `skip' or `' (empty): do not check purpose. + + The default is ``sslclient''. - ^[[1mAllowGroups^[[0m + AllowGroups This keyword can be followed by a list of group name patterns, separated by spaces. If specified, login is allowed only for users whose primary group or supplementary group list matches one - of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^XM-bM-^@M-^Y? can be used as wildcards in the + of the patterns. `*' and `'? can be used as wildcards in the patterns. Only group names are valid; a numerical group ID is not recognized. By default, login is allowed for all groups. - ^[[1mAllowTcpForwarding^[[0m + AllowTcpForwarding Specifies whether TCP forwarding is permitted. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. Note that disabling TCP forwarding does not improve secuM-bM-^@M-^P - rity unless users are also denied shell access, as they can + ``yes''. Note that disabling TCP forwarding does not improve + security unless users are also denied shell access, as they can always install their own forwarders. - ^[[1mAllowUsers^[[0m + AllowUsers This keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is allowed only for - user names that match one of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^XM-bM-^@M-^Y? can be + user names that match one of the patterns. `*' and `'? can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts. - ^[[1mAuthorizedKeysFile^[[0m + AuthorizedKeysFile Specifies the file that contains the public keys that can be used - for user authentication. ^[[1mAuthorizedKeysFile ^[[22mmay contain tokens - of the form %T which are substituted during connection setM-bM-^@M-^Pup. + for user authentication. AuthorizedKeysFile may contain tokens + of the form %T which are substituted during connection set-up. The following tokens are defined: %% is replaced by a literal - M-bM-^@M-^Y%M-bM-^@M-^Y, %h is replaced by the home directory of the user being + '%', %h is replaced by the home directory of the user being authenticated and %u is replaced by the username of that user. - After expansion, ^[[1mAuthorizedKeysFile ^[[22mis taken to be an absolute - path or one relative to the userM-bM-^@M-^Ys home directory. The default - is M-bM-^@M-^\.ssh/authorized_keysM-bM-^@M-^]. + After expansion, AuthorizedKeysFile is taken to be an absolute + path or one relative to the user's home directory. The default + is ``.ssh/authorized_keys''. - ^[[1mBanner ^[[22mIn some jurisdictions, sending a warning message before authentiM-bM-^@M-^P - cation may be relevant for getting legal protection. The conM-bM-^@M-^P + Banner In some jurisdictions, sending a warning message before authenti- + cation may be relevant for getting legal protection. The con- tents of the specified file are sent to the remote user before authentication is allowed. This option is only available for protocol version 2. By default, no banner is displayed. - ^[[1mChallengeResponseAuthentication^[[0m + CACertificateFile + This file contain multiple certificates of certificate signers in + PEM format concatenated together. The default is + /etc/ssh/ca/ca-bundle.crt + + CACertificatePath + ``Hash dir'' with certificates of certificate signers. Each cer- + tificate should be stored in separate file with name [HASH].[NUM- + BER], where [HASH] is certificate hash value and [NUMBER] is an + integer starting from zero. The default is /etc/ssh/ca/crt + + CARevocationFile + This file contain multiple ``Certificate Revocation List'' (CRL) + of certificate signers in PEM format concatenated together. The + default is /etc/ssh/ca/ca-bundle.crl + + CARevocationPath + ``Hash dir'' with ``Certificate Revocation List'' (CRL) of cer- + tificate signers. Each CRL should be stored in separate file with + name [HASH].r[NUMBER], where [HASH] is CRL hash value and [NUM- + BER] is an integer starting from zero. The default is + /etc/ssh/ca/crl + + ChallengeResponseAuthentication Specifies whether challenge response authentication is allowed. All authentication styles from login.conf(5) are supported. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. + default is ``yes''. - ^[[1mCiphers^[[0m + Ciphers Specifies the ciphers allowed for protocol version 2. Multiple - ciphers must be commaM-bM-^@M-^Pseparated. The default is + ciphers must be comma-separated. The default is - M-bM-^@M-^XM-bM-^@M-^Xaes128M-bM-^@M-^Pcbc,3desM-bM-^@M-^Pcbc,blowfishM-bM-^@M-^Pcbc,cast128M-bM-^@M-^Pcbc,arcfour, - aes192M-bM-^@M-^Pcbc,aes256M-bM-^@M-^PcbcM-bM-^@M-^YM-bM-^@M-^Y + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, + aes192-cbc,aes256-cbc'' - ^[[1mClientAliveInterval^[[0m + ClientAliveInterval Sets a timeout interval in seconds after which if no data has - been received from the client, ^[[1msshd ^[[22mwill send a message through + been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The default is 0, indicating that these messages will not be sent to the client. This option applies to protocol version 2 only. - ^[[1mClientAliveCountMax^[[0m + ClientAliveCountMax Sets the number of client alive messages (see above) which may be - sent without ^[[1msshd ^[[22mreceiving any messages back from the client. If + sent without sshd receiving any messages back from the client. If this threshold is reached while client alive messages are being - sent, ^[[1msshd ^[[22mwill disconnect the client, terminating the session. + sent, sshd will disconnect the client, terminating the session. It is important to note that the use of client alive messages is - very different from ^[[1mKeepAlive ^[[22m(below). The client alive messages + very different from KeepAlive (below). The client alive messages are sent through the encrypted channel and therefore will not be - spoofable. The TCP keepalive option enabled by ^[[1mKeepAlive ^[[22mis + spoofable. The TCP keepalive option enabled by KeepAlive is spoofable. The client alive mechanism is valuable when the client - or server depend on knowing when a connection has become inacM-bM-^@M-^P + or server depend on knowing when a connection has become inac- tive. - The default value is 3. If ^[[1mClientAliveInterval ^[[22m(above) is set to - 15, and ^[[1mClientAliveCountMax ^[[22mis left at the default, unresponsive + The default value is 3. If ClientAliveInterval (above) is set to + 15, and ClientAliveCountMax is left at the default, unresponsive ssh clients will be disconnected after approximately 45 seconds. - ^[[1mCompression^[[0m + Compression Specifies whether compression is allowed. The argument must be - M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. + ``yes'' or ``no''. The default is ``yes''. - ^[[1mDenyGroups^[[0m + DenyGroups This keyword can be followed by a list of group name patterns, separated by spaces. Login is disallowed for users whose primary group or supplementary group list matches one of the patterns. - M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^XM-bM-^@M-^Y? can be used as wildcards in the patterns. Only + `*' and `'? can be used as wildcards in the patterns. Only group names are valid; a numerical group ID is not recognized. By default, login is allowed for all groups. - ^[[1mDenyUsers^[[0m + DenyUsers This keyword can be followed by a list of user name patterns, separated by spaces. Login is disallowed for user names that - match one of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^XM-bM-^@M-^Y? can be used as wildcards + match one of the patterns. `*' and `'? can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts. - ^[[1mGatewayPorts^[[0m + GatewayPorts Specifies whether remote hosts are allowed to connect to ports - forwarded for the client. By default, ^[[1msshd ^[[22mbinds remote port + forwarded for the client. By default, sshd binds remote port forwardings to the loopback address. This prevents other remote - hosts from connecting to forwarded ports. ^[[1mGatewayPorts ^[[22mcan be - used to specify that ^[[1msshd ^[[22mshould bind remote port forwardings to + hosts from connecting to forwarded ports. GatewayPorts can be + used to specify that sshd should bind remote port forwardings to the wildcard address, thus allowing remote hosts to connect to - forwarded ports. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. + forwarded ports. The argument must be ``yes'' or ``no''. The + default is ``no''. - ^[[1mHostbasedAuthentication^[[0m + HostbasedAuthentication Specifies whether rhosts or /etc/hosts.equiv authentication together with successful public key client host authentication is allowed (hostbased authentication). This option is similar to - ^[[1mRhostsRSAAuthentication ^[[22mand applies to protocol version 2 only. - The default is M-bM-^@M-^\noM-bM-^@M-^]. + RhostsRSAAuthentication and applies to protocol version 2 only. + The default is ``no''. - ^[[1mHostKey^[[0m + HostKey Specifies a file containing a private host key used by SSH. The - default is ^[[4m/etc/ssh/ssh_host_key^[[24m for protocol version 1, and - ^[[4m/etc/ssh/ssh_host_rsa_key^[[24m and ^[[4m/etc/ssh/ssh_host_dsa_key^[[24m for proM-bM-^@M-^P - tocol version 2. Note that ^[[1msshd ^[[22mwill refuse to use a file if it - is group/worldM-bM-^@M-^Paccessible. It is possible to have multiple host - key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] - are used for version 2 of the SSH protocol. - - ^[[1mIgnoreRhosts^[[0m - Specifies that ^[[4m.rhosts^[[24m and ^[[4m.shosts^[[24m files will not be used in - ^[[1mRhostsAuthentication^[[22m, ^[[1mRhostsRSAAuthentication ^[[22mor - ^[[1mHostbasedAuthentication^[[22m. - - ^[[4m/etc/hosts.equiv^[[24m and ^[[4m/etc/shosts.equiv^[[24m are still used. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. - - ^[[1mIgnoreUserKnownHosts^[[0m - Specifies whether ^[[1msshd ^[[22mshould ignore the userM-bM-^@M-^Ys - ^[[4m$HOME/.ssh/known_hosts^[[24m during ^[[1mRhostsRSAAuthentication ^[[22mor - ^[[1mHostbasedAuthentication^[[22m. The default is M-bM-^@M-^\noM-bM-^@M-^]. + default is /etc/ssh/ssh_host_key for protocol version 1, and + /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro- + tocol version 2. Note that sshd will refuse to use a file if it + is group/world-accessible. It is possible to have multiple host + key files. ``rsa1'' keys are used for version 1 and ``dsa'' or + ``rsa'' are used for version 2 of the SSH protocol. It is possi- + ble host key to contain key plus x509 certificate for version 2. + + IgnoreRhosts + Specifies that .rhosts and .shosts files will not be used in + RhostsAuthentication, RhostsRSAAuthentication or + HostbasedAuthentication. + + /etc/hosts.equiv and /etc/shosts.equiv are still used. The + default is ``yes''. + + IgnoreUserKnownHosts + Specifies whether sshd should ignore the user's + $HOME/.ssh/known_hosts during RhostsRSAAuthentication or + HostbasedAuthentication. The default is ``no''. - ^[[1mKeepAlive^[[0m + KeepAlive Specifies whether the system should send TCP keepalive messages to the other side. If they are sent, death of the connection or crash of one of the machines will be properly noticed. However, - this means that connections will die if the route is down temM-bM-^@M-^P + this means that connections will die if the route is down tem- porarily, and some people find it annoying. On the other hand, if keepalives are not sent, sessions may hang indefinitely on the - server, leaving M-bM-^@M-^\ghostM-bM-^@M-^] users and consuming server resources. + server, leaving ``ghost'' users and consuming server resources. - The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send keepalives), and the server will + The default is ``yes'' (to send keepalives), and the server will notice if the network goes down or the client host crashes. This avoids infinitely hanging sessions. - To disable keepalives, the value should be set to M-bM-^@M-^\noM-bM-^@M-^]. + To disable keepalives, the value should be set to ``no''. - ^[[1mKerberosAuthentication^[[0m + KerberosAuthentication Specifies whether Kerberos authentication is allowed. This can - be in the form of a Kerberos ticket, or if ^[[1mPasswordAuthentication^[[0m + be in the form of a Kerberos ticket, or if PasswordAuthentication is yes, the password provided by the user will be validated through the Kerberos KDC. To use this option, the server needs a - Kerberos servtab which allows the verification of the KDCM-bM-^@M-^Ys idenM-bM-^@M-^P - tity. Default is M-bM-^@M-^\noM-bM-^@M-^]. + Kerberos servtab which allows the verification of the KDC's iden- + tity. Default is ``no''. - ^[[1mKerberosOrLocalPasswd^[[0m + KerberosOrLocalPasswd If set then if password authentication through Kerberos fails then the password will be validated via any additional local - mechanism such as ^[[4m/etc/passwd^[[24m. Default is M-bM-^@M-^\yesM-bM-^@M-^]. + mechanism such as /etc/passwd. Default is ``yes''. - ^[[1mKerberosTgtPassing^[[0m + KerberosTgtPassing Specifies whether a Kerberos TGT may be forwarded to the server. - Default is M-bM-^@M-^\noM-bM-^@M-^], as this only works when the Kerberos KDC is + Default is ``no'', as this only works when the Kerberos KDC is actually an AFS kaserver. - ^[[1mKerberosTicketCleanup^[[0m - Specifies whether to automatically destroy the userM-bM-^@M-^Ys ticket - cache file on logout. Default is M-bM-^@M-^\yesM-bM-^@M-^]. + KerberosTicketCleanup + Specifies whether to automatically destroy the user's ticket + cache file on logout. Default is ``yes''. - ^[[1mKeyRegenerationInterval^[[0m + KeyRegenerationInterval In protocol version 1, the ephemeral server key is automatically regenerated after this many seconds (if it has been used). The - purpose of regeneration is to prevent decrypting captured sesM-bM-^@M-^P + purpose of regeneration is to prevent decrypting captured ses- sions by later breaking into the machine and stealing the keys. The key is never stored anywhere. If the value is 0, the key is never regenerated. The default is 3600 (seconds). - ^[[1mListenAddress^[[0m - Specifies the local addresses ^[[1msshd ^[[22mshould listen on. The followM-bM-^@M-^P + ListenAddress + Specifies the local addresses sshd should listen on. The follow- ing forms may be used: - ^[[1mListenAddress ^[[4m^[[22mhost^[[24m|^[[4mIPv4_addr^[[24m|^[[4mIPv6_addr^[[0m - ^[[1mListenAddress ^[[4m^[[22mhost^[[24m|^[[4mIPv4_addr^[[24m:^[[4mport^[[0m - ^[[1mListenAddress ^[[22m[^[[4mhost^[[24m|^[[4mIPv6_addr^[[24m]:^[[4mport^[[0m - - If ^[[4mport^[[24m is not specified, ^[[1msshd ^[[22mwill listen on the address and all - prior ^[[1mPort ^[[22moptions specified. The default is to listen on all - local addresses. Multiple ^[[1mListenAddress ^[[22moptions are permitted. - Additionally, any ^[[1mPort ^[[22moptions must precede this option for non + ListenAddress host|IPv4_addr|IPv6_addr + ListenAddress host|IPv4_addr:port + ListenAddress [host|IPv6_addr]:port + + If port is not specified, sshd will listen on the address and all + prior Port options specified. The default is to listen on all + local addresses. Multiple ListenAddress options are permitted. + Additionally, any Port options must precede this option for non port qualified addresses. - ^[[1mLoginGraceTime^[[0m - The server disconnects after this time if the user has not sucM-bM-^@M-^P + LoginGraceTime + The server disconnects after this time if the user has not suc- cessfully logged in. If the value is 0, there is no time limit. The default is 120 seconds. - ^[[1mLogLevel^[[0m + LogLevel Gives the verbosity level that is used when logging messages from - ^[[1msshd^[[22m. The possible values are: QUIET, FATAL, ERROR, INFO, VERM-bM-^@M-^P + sshd. The possible values are: QUIET, FATAL, ERROR, INFO, VER- BOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. Logging with a DEBUG level violates the privacy of users and is not recommended. - ^[[1mMACs ^[[22mSpecifies the available MAC (message authentication code) algoM-bM-^@M-^P + MACs Specifies the available MAC (message authentication code) algo- rithms. The MAC algorithm is used in protocol version 2 for data - integrity protection. Multiple algorithms must be commaM-bM-^@M-^PsepaM-bM-^@M-^P + integrity protection. Multiple algorithms must be comma-sepa- rated. The default is - M-bM-^@M-^\hmacM-bM-^@M-^Pmd5,hmacM-bM-^@M-^Psha1,hmacM-bM-^@M-^Pripemd160,hmacM-bM-^@M-^Psha1M-bM-^@M-^P96,hmacM-bM-^@M-^Pmd5M-bM-^@M-^P96M-bM-^@M-^]. + ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96''. - ^[[1mMaxStartups^[[0m - Specifies the maximum number of concurrent unauthenticated conM-bM-^@M-^P - nections to the ^[[1msshd ^[[22mdaemon. Additional connections will be - dropped until authentication succeeds or the ^[[1mLoginGraceTime^[[0m + MaxStartups + Specifies the maximum number of concurrent unauthenticated con- + nections to the sshd daemon. Additional connections will be + dropped until authentication succeeds or the LoginGraceTime expires for a connection. The default is 10. Alternatively, random early drop can be enabled by specifying the - three colon separated values M-bM-^@M-^\start:rate:fullM-bM-^@M-^] (e.g., - "10:30:60"). ^[[1msshd ^[[22mwill refuse connection attempts with a probaM-bM-^@M-^P - bility of M-bM-^@M-^\rate/100M-bM-^@M-^] (30%) if there are currently M-bM-^@M-^\startM-bM-^@M-^] (10) - unauthenticated connections. The probability increases linearly - and all connection attempts are refused if the number of unauM-bM-^@M-^P - thenticated connections reaches M-bM-^@M-^\fullM-bM-^@M-^] (60). + three colon separated values ``start:rate:full'' (e.g., + "10:30:60"). sshd will refuse connection attempts with a proba- + bility of ``rate/100'' (30%) if there are currently ``start'' + (10) unauthenticated connections. The probability increases lin- + early and all connection attempts are refused if the number of + unauthenticated connections reaches ``full'' (60). - ^[[1mPAMAuthenticationViaKbdInt^[[0m + PAMAuthenticationViaKbdInt Specifies whether PAM challenge response authentication is allowed. This allows the use of most PAM challenge response authentication modules, but it will allow password authentication - regardless of whether ^[[1mPasswordAuthentication ^[[22mis enabled. + regardless of whether PasswordAuthentication is enabled. - ^[[1mPasswordAuthentication^[[0m + PasswordAuthentication Specifies whether password authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. + default is ``yes''. - ^[[1mPermitEmptyPasswords^[[0m + PermitEmptyPasswords When password authentication is allowed, it specifies whether the server allows login to accounts with empty password strings. The - default is M-bM-^@M-^\noM-bM-^@M-^]. + default is ``no''. - ^[[1mPermitRootLogin^[[0m + PermitRootLogin Specifies whether root can login using ssh(1). The argument must - be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\withoutM-bM-^@M-^PpasswordM-bM-^@M-^], M-bM-^@M-^\forcedM-bM-^@M-^PcommandsM-bM-^@M-^PonlyM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. - The default is M-bM-^@M-^\yesM-bM-^@M-^]. + be ``yes'', ``without-password'', ``forced-commands-only'' or + ``no''. The default is ``yes''. - If this option is set to M-bM-^@M-^\withoutM-bM-^@M-^PpasswordM-bM-^@M-^] password authenticaM-bM-^@M-^P - tion is disabled for root. + If this option is set to ``without-password'' password authenti- + cation is disabled for root. - If this option is set to M-bM-^@M-^\forcedM-bM-^@M-^PcommandsM-bM-^@M-^PonlyM-bM-^@M-^] root login with + If this option is set to ``forced-commands-only'' root login with public key authentication will be allowed, but only if the - ^[[4mcommand^[[24m option has been specified (which may be useful for taking + command option has been specified (which may be useful for taking remote backups even if root login is normally not allowed). All other authentication methods are disabled for root. - If this option is set to M-bM-^@M-^\noM-bM-^@M-^] root is not allowed to login. + If this option is set to ``no'' root is not allowed to login. - ^[[1mPermitUserEnvironment^[[0m - Specifies whether ^[[4m~/.ssh/environment^[[24m and ^[[1menvironment= ^[[22moptions in - ^[[4m~/.ssh/authorized_keys^[[24m are processed by ^[[1msshd^[[22m. The default is - M-bM-^@M-^\noM-bM-^@M-^]. Enabling environment processing may enable users to bypass - access restrictions in some configurations using mechanisms such - as LD_PRELOAD. - - ^[[1mPidFile^[[0m - Specifies the file that contains the process ID of the ^[[1msshd ^[[22mdaeM-bM-^@M-^P - mon. The default is ^[[4m/var/run/sshd.pid^[[24m. + PermitUserEnvironment + Specifies whether ~/.ssh/environment and environment= options in + ~/.ssh/authorized_keys are processed by sshd. The default is + ``no''. Enabling environment processing may enable users to + bypass access restrictions in some configurations using mecha- + nisms such as LD_PRELOAD. + + PidFile + Specifies the file that contains the process ID of the sshd dae- + mon. The default is /var/run/sshd.pid. - ^[[1mPort ^[[22mSpecifies the port number that ^[[1msshd ^[[22mlistens on. The default is + Port Specifies the port number that sshd listens on. The default is 22. Multiple options of this type are permitted. See also - ^[[1mListenAddress^[[22m. + ListenAddress. - ^[[1mPrintLastLog^[[0m - Specifies whether ^[[1msshd ^[[22mshould print the date and time when the - user last logged in. The default is M-bM-^@M-^\yesM-bM-^@M-^]. + PrintLastLog + Specifies whether sshd should print the date and time when the + user last logged in. The default is ``yes''. - ^[[1mPrintMotd^[[0m - Specifies whether ^[[1msshd ^[[22mshould print ^[[4m/etc/motd^[[24m when a user logs in + PrintMotd + Specifies whether sshd should print /etc/motd when a user logs in interactively. (On some systems it is also printed by the shell, - ^[[4m/etc/profile^[[24m, or equivalent.) The default is M-bM-^@M-^\yesM-bM-^@M-^]. + /etc/profile, or equivalent.) The default is ``yes''. - ^[[1mProtocol^[[0m - Specifies the protocol versions ^[[1msshd ^[[22msupports. The possible valM-bM-^@M-^P - ues are M-bM-^@M-^\1M-bM-^@M-^] and M-bM-^@M-^\2M-bM-^@M-^]. Multiple versions must be commaM-bM-^@M-^Pseparated. - The default is M-bM-^@M-^\2,1M-bM-^@M-^]. Note that the order of the protocol list - does not indicate preference, because the client selects among - multiple protocol versions offered by the server. Specifying - M-bM-^@M-^\2,1M-bM-^@M-^] is identical to M-bM-^@M-^\1,2M-bM-^@M-^]. + Protocol + Specifies the protocol versions sshd supports. The possible val- + ues are ``1'' and ``2''. Multiple versions must be comma-sepa- + rated. The default is ``2,1''. Note that the order of the pro- + tocol list does not indicate preference, because the client + selects among multiple protocol versions offered by the server. + Specifying ``2,1'' is identical to ``1,2''. - ^[[1mPubkeyAuthentication^[[0m + PubkeyAuthentication Specifies whether public key authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option applies to protocol verM-bM-^@M-^P - sion 2 only. + default is ``yes''. Note that this option applies to protocol + version 2 only. - ^[[1mRhostsAuthentication^[[0m + RhostsAuthentication Specifies whether authentication using rhosts or /etc/hosts.equiv - files is sufficient. Normally, this method should not be permitM-bM-^@M-^P - ted because it is insecure. ^[[1mRhostsRSAAuthentication ^[[22mshould be - used instead, because it performs RSAM-bM-^@M-^Pbased host authentication + files is sufficient. Normally, this method should not be permit- + ted because it is insecure. RhostsRSAAuthentication should be + used instead, because it performs RSA-based host authentication in addition to normal rhosts or /etc/hosts.equiv authentication. - The default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 + The default is ``no''. This option applies to protocol version 1 only. - ^[[1mRhostsRSAAuthentication^[[0m + RhostsRSAAuthentication Specifies whether rhosts or /etc/hosts.equiv authentication together with successful RSA host authentication is allowed. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only. + default is ``no''. This option applies to protocol version 1 + only. - ^[[1mRSAAuthentication^[[0m + RSAAuthentication Specifies whether pure RSA authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. This option applies to protocol version 1 + default is ``yes''. This option applies to protocol version 1 only. - ^[[1mServerKeyBits^[[0m + ServerKeyBits Defines the number of bits in the ephemeral protocol version 1 server key. The minimum value is 512, and the default is 768. - ^[[1mStrictModes^[[0m - Specifies whether ^[[1msshd ^[[22mshould check file modes and ownership of - the userM-bM-^@M-^Ys files and home directory before accepting login. This + StrictModes + Specifies whether sshd should check file modes and ownership of + the user's files and home directory before accepting login. This is normally desirable because novices sometimes accidentally - leave their directory or files worldM-bM-^@M-^Pwritable. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. + leave their directory or files world-writable. The default is + ``yes''. - ^[[1mSubsystem^[[0m + Subsystem Configures an external subsystem (e.g., file transfer daemon). Arguments should be a subsystem name and a command to execute - upon subsystem request. The command sftpM-bM-^@M-^Pserver(8) implements - the M-bM-^@M-^\sftpM-bM-^@M-^] file transfer subsystem. By default no subsystems are - defined. Note that this option applies to protocol version 2 + upon subsystem request. The command sftp-server(8) implements + the ``sftp'' file transfer subsystem. By default no subsystems + are defined. Note that this option applies to protocol version 2 only. - ^[[1mSyslogFacility^[[0m + SyslogFacility Gives the facility code that is used when logging messages from - ^[[1msshd^[[22m. The possible values are: DAEMON, USER, AUTH, LOCAL0, + sshd. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH. - ^[[1mUseLogin^[[0m - Specifies whether login(1) is used for interactive login sesM-bM-^@M-^P - sions. The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that login(1) is never used + UseLogin + Specifies whether login(1) is used for interactive login ses- + sions. The default is ``no''. Note that login(1) is never used for remote command execution. Note also, that if this is - enabled, ^[[1mX11Forwarding ^[[22mwill be disabled because login(1) does not - know how to handle xauth(1) cookies. If ^[[1mUsePrivilegeSeparation^[[0m + enabled, X11Forwarding will be disabled because login(1) does not + know how to handle xauth(1) cookies. If UsePrivilegeSeparation is specified, it will be disabled after authentication. - ^[[1mUsePrivilegeSeparation^[[0m - Specifies whether ^[[1msshd ^[[22mseparates privileges by creating an + UsePrivilegeSeparation + Specifies whether sshd separates privileges by creating an unprivileged child process to deal with incoming network traffic. After successful authentication, another process will be created that has the privilege of the authenticated user. The goal of - privilege separation is to prevent privilege escalation by conM-bM-^@M-^P + privilege separation is to prevent privilege escalation by con- taining any corruption within the unprivileged processes. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. + default is ``yes''. - ^[[1mVerifyReverseMapping^[[0m - Specifies whether ^[[1msshd ^[[22mshould try to verify the remote host name + VerifyReverseMapping + Specifies whether sshd should try to verify the remote host name and check that the resolved host name for the remote IP address - maps back to the very same IP address. The default is M-bM-^@M-^\noM-bM-^@M-^]. + maps back to the very same IP address. The default is ``no''. - ^[[1mX11DisplayOffset^[[0m - Specifies the first display number available for ^[[1msshd^[[22mM-bM-^@M-^Ys X11 forM-bM-^@M-^P - warding. This prevents ^[[1msshd ^[[22mfrom interfering with real X11 + X11DisplayOffset + Specifies the first display number available for sshd's X11 for- + warding. This prevents sshd from interfering with real X11 servers. The default is 10. - ^[[1mX11Forwarding^[[0m + X11Forwarding Specifies whether X11 forwarding is permitted. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + be ``yes'' or ``no''. The default is ``no''. When X11 forwarding is enabled, there may be additional exposure - to the server and to client displays if the ^[[1msshd ^[[22mproxy display is - configured to listen on the wildcard address (see ^[[1mX11UseLocalhost^[[0m + to the server and to client displays if the sshd proxy display is + configured to listen on the wildcard address (see X11UseLocalhost below), however this is not the default. Additionally, the authentication spoofing and authentication data verification and substitution occur on the client side. The security risk of - using X11 forwarding is that the clientM-bM-^@M-^Ys X11 display server may + using X11 forwarding is that the client's X11 display server may be exposed to attack when the ssh client requests forwarding (see - the warnings for ^[[1mForwardX11 ^[[22min ssh_config(5) ). A system adminisM-bM-^@M-^P + the warnings for ForwardX11 in ssh_config(5) ). A system adminis- trator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting - X11 forwarding, which can warrant a M-bM-^@M-^\noM-bM-^@M-^] setting. + X11 forwarding, which can warrant a ``no'' setting. Note that disabling X11 forwarding does not prevent users from forwarding X11 traffic, as users can always install their own - forwarders. X11 forwarding is automatically disabled if ^[[1mUseLogin^[[0m + forwarders. X11 forwarding is automatically disabled if UseLogin is enabled. - ^[[1mX11UseLocalhost^[[0m - Specifies whether ^[[1msshd ^[[22mshould bind the X11 forwarding server to + X11UseLocalhost + Specifies whether sshd should bind the X11 forwarding server to the loopback address or to the wildcard address. By default, - ^[[1msshd ^[[22mbinds the forwarding server to the loopback address and sets + sshd binds the forwarding server to the loopback address and sets the hostname part of the DISPLAY environment variable to - M-bM-^@M-^\localhostM-bM-^@M-^]. This prevents remote hosts from connecting to the + ``localhost''. This prevents remote hosts from connecting to the proxy display. However, some older X11 clients may not function - with this configuration. ^[[1mX11UseLocalhost ^[[22mmay be set to M-bM-^@M-^\noM-bM-^@M-^] to - specify that the forwarding server should be bound to the wildM-bM-^@M-^P - card address. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default - is M-bM-^@M-^\yesM-bM-^@M-^]. + with this configuration. X11UseLocalhost may be set to ``no'' to + specify that the forwarding server should be bound to the wild- + card address. The argument must be ``yes'' or ``no''. The + default is ``yes''. - ^[[1mXAuthLocation^[[0m + XAuthLocation Specifies the full pathname of the xauth(1) program. The default - is ^[[4m/usr/X11R6/bin/xauth^[[24m. + is /usr/X11R6/bin/xauth. - ^[[1mTime Formats^[[0m + Time Formats - ^[[1msshd ^[[22mcommandM-bM-^@M-^Pline arguments and configuration file options that specify - time may be expressed using a sequence of the form: ^[[4mtime^[[24m[^[[4mqualifier^[[24m], - where ^[[4mtime^[[24m is a positive integer value and ^[[4mqualifier^[[24m is one of the folM-bM-^@M-^P + sshd command-line arguments and configuration file options that specify + time may be expressed using a sequence of the form: time[qualifier], + where time is a positive integer value and qualifier is one of the fol- lowing: - ^[[1m ^[[22mseconds - ^[[1ms ^[[22m| ^[[1mS ^[[22mseconds - ^[[1mm ^[[22m| ^[[1mM ^[[22mminutes - ^[[1mh ^[[22m| ^[[1mH ^[[22mhours - ^[[1md ^[[22m| ^[[1mD ^[[22mdays - ^[[1mw ^[[22m| ^[[1mW ^[[22mweeks + seconds + s | S seconds + m | M minutes + h | H hours + d | D days + w | W weeks Each member of the sequence is added together to calculate the total time value. @@ -449,21 +484,22 @@ 10m 10 minutes 1h30m 1 hour 30 minutes (90 minutes) -^[[1mFILES^[[0m +FILES /etc/ssh/sshd_config - Contains configuration data for ^[[1msshd^[[22m. This file should be - writable by root only, but it is recommended (though not necesM-bM-^@M-^P - sary) that it be worldM-bM-^@M-^Preadable. + Contains configuration data for sshd. This file should be + writable by root only, but it is recommended (though not neces- + sary) that it be world-readable. -^[[1mAUTHORS^[[0m +AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P + de Raadt and Dug Song removed many bugs, re-added newer features and cre- ated OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support - for privilege separation. + for privilege separation. Roumen Petrov contributed support for x509 + certificates. -^[[1mSEE ALSO^[[0m +SEE ALSO sshd(8) BSD September 25, 1999 BSD diff -ruN openssh-3.6.1p1/sshd_config.5 openssh-3.6.1p1+x509g/sshd_config.5 --- openssh-3.6.1p1/sshd_config.5 2003-04-01 14:42:14.000000000 +0300 +++ openssh-3.6.1p1+x509g/sshd_config.5 2003-04-05 09:06:00.000000000 +0300 @@ -13,6 +13,7 @@ .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. .\" Copyright (c) 1999 Aaron Campbell. All rights reserved. .\" Copyright (c) 1999 Theo de Raadt. All rights reserved. +.\" Copyright (c) 2002 Roumen Petrov. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -34,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.15 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD$ .Dd September 25, 1999 .Dt SSHD_CONFIG 5 .Os @@ -65,6 +66,36 @@ Specifies whether an AFS token may be forwarded to the server. Default is .Dq no . +.It Cm AllowedCertPurpose +The intended use for the X509 client certificate. Without this option +no chain verification will be done. Currently accepted uses are case +insensitive: + - +.Sq sslclient +, +.Sq SSL client +, +.Sq SSL_client +or +.Sq client + - +.Sq any +, +.Sq Any Purpose +, +.Sq Any_Purpose +or +.Sq AnyPurpose + - +.Sq skip +or +.Sq +.. +(empty): do not check purpose. +.Pp +The default is +.Dq sslclient . +.Pp .It Cm AllowGroups This keyword can be followed by a list of group name patterns, separated by spaces. @@ -124,6 +155,35 @@ This option is only available for protocol version 2. By default, no banner is displayed. .Pp +.It Cm CACertificateFile +This file contain multiple certificates of certificate signers in +PEM format concatenated together. The default is +.Pa /etc/ssh/ca/ca-bundle.crt +.Pp +.It Cm CACertificatePath +.Dq "Hash dir" +with certificates of certificate signers. Each certificate should be +stored in separate file with name [HASH].[NUMBER], where [HASH] is +certificate hash value and [NUMBER] is an integer starting from zero. +The default is +.Pa /etc/ssh/ca/crt +.Pp +.It Cm CARevocationFile +This file contain multiple +.Dq "Certificate Revocation List" +(CRL) of certificate signers in PEM format concatenated together. +The default is +.Pa /etc/ssh/ca/ca-bundle.crl +.Pp +.It Cm CARevocationPath +.Dq "Hash dir" +with +.Dq "Certificate Revocation List" +(CRL) of certificate signers. Each CRL should be stored in separate +file with name [HASH].r[NUMBER], where [HASH] is CRL hash value and +[NUMBER] is an integer starting from zero. The default is +.Pa /etc/ssh/ca/crl +.Pp .It Cm ChallengeResponseAuthentication Specifies whether challenge response authentication is allowed. All authentication styles from @@ -253,6 +313,8 @@ or .Dq rsa are used for version 2 of the SSH protocol. +It is possible host key to contain key plus x509 certificate +for version 2. .It Cm IgnoreRhosts Specifies that .Pa .rhosts @@ -759,5 +821,6 @@ protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. +Roumen Petrov contributed support for x509 certificates. .Sh SEE ALSO .Xr sshd 8 diff -ruN openssh-3.6.1p1/ssh-keygen.0 openssh-3.6.1p1+x509g/ssh-keygen.0 --- openssh-3.6.1p1/ssh-keygen.0 2003-04-01 14:57:30.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-keygen.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,45 +1,45 @@ -SSHM-bM-^@M-^PKEYGEN(1) BSD General Commands Manual SSHM-bM-^@M-^PKEYGEN(1) +SSH-KEYGEN(1) System General Commands Manual SSH-KEYGEN(1) -^[[1mNAME^[[0m - ^[[1msshM-bM-^@M-^Pkeygen ^[[22mM-bMM-^R authentication key generation, management and conversion +NAME + ssh-keygen - authentication key generation, management and conversion -^[[1mSYNOPSIS^[[0m - ^[[1msshM-bM-^@M-^Pkeygen ^[[22m[^[[1mM-bMM-^Rq^[[22m] [^[[1mM-bMM-^Rb ^[[4m^[[22mbits^[[24m] ^[[1mM-bMM-^Rt ^[[4m^[[22mtype^[[24m [^[[1mM-bMM-^RN ^[[4m^[[22mnew_passphrase^[[24m] [^[[1mM-bMM-^RC ^[[4m^[[22mcomment^[[24m] - [^[[1mM-bMM-^Rf ^[[4m^[[22moutput_keyfile^[[24m] - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^Rp ^[[22m[^[[1mM-bMM-^RP ^[[4m^[[22mold_passphrase^[[24m] [^[[1mM-bMM-^RN ^[[4m^[[22mnew_passphrase^[[24m] [^[[1mM-bMM-^Rf ^[[4m^[[22mkeyfile^[[24m] - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^Ri ^[[22m[^[[1mM-bMM-^Rf ^[[4m^[[22minput_keyfile^[[24m] - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^Re ^[[22m[^[[1mM-bMM-^Rf ^[[4m^[[22minput_keyfile^[[24m] - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^Ry ^[[22m[^[[1mM-bMM-^Rf ^[[4m^[[22minput_keyfile^[[24m] - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^Rc ^[[22m[^[[1mM-bMM-^RP ^[[4m^[[22mpassphrase^[[24m] [^[[1mM-bMM-^RC ^[[4m^[[22mcomment^[[24m] [^[[1mM-bMM-^Rf ^[[4m^[[22mkeyfile^[[24m] - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^Rl ^[[22m[^[[1mM-bMM-^Rf ^[[4m^[[22minput_keyfile^[[24m] - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^RB ^[[22m[^[[1mM-bMM-^Rf ^[[4m^[[22minput_keyfile^[[24m] - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^RD ^[[4m^[[22mreader^[[0m - ^[[1msshM-bM-^@M-^Pkeygen M-bMM-^RU ^[[4m^[[22mreader^[[24m [^[[1mM-bMM-^Rf ^[[4m^[[22minput_keyfile^[[24m] - -^[[1mDESCRIPTION^[[0m - ^[[1msshM-bM-^@M-^Pkeygen ^[[22mgenerates, manages and converts authentication keys for - ssh(1). ^[[1msshM-bM-^@M-^Pkeygen ^[[22mcan create RSA keys for use by SSH protocol version 1 +SYNOPSIS + ssh-keygen [-q] [-b bits] -t type [-N new_passphrase] [-C comment] + [-f output_keyfile] + ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] + ssh-keygen -i [-f input_keyfile] + ssh-keygen -e [-f input_keyfile] + ssh-keygen -y [-f input_keyfile] + ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile] + ssh-keygen -l [-f input_keyfile] + ssh-keygen -B [-f input_keyfile] + ssh-keygen -D reader + ssh-keygen -U reader [-f input_keyfile] + +DESCRIPTION + ssh-keygen generates, manages and converts authentication keys for + ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1 and RSA or DSA keys for use by SSH protocol version 2. The type of key to - be generated is specified with the ^[[1mM-bMM-^Rt ^[[22moption. + be generated is specified with the -t option. Normally each user wishing to use SSH with RSA or DSA authentication runs - this once to create the authentication key in ^[[4m$HOME/.ssh/identity^[[24m, - ^[[4m$HOME/.ssh/id_dsa^[[24m or ^[[4m$HOME/.ssh/id_rsa^[[24m. Additionally, the system adminM-bM-^@M-^P - istrator may use this to generate host keys, as seen in ^[[4m/etc/rc^[[24m. + this once to create the authentication key in $HOME/.ssh/identity, + $HOME/.ssh/id_dsa or $HOME/.ssh/id_rsa. Additionally, the system admin- + istrator may use this to generate host keys, as seen in /etc/rc. Normally this program generates the key and asks for a file in which to store the private key. The public key is stored in a file with the same - name but M-bM-^@M-^\.pubM-bM-^@M-^] appended. The program also asks for a passphrase. The + name but ``.pub'' appended. The program also asks for a passphrase. The passphrase may be empty to indicate no passphrase (host keys must have an empty passphrase), or it may be a string of arbitrary length. A passphrase is similar to a password, except it can be a phrase with a - series of words, punctuation, numbers, whitespace, or any string of charM-bM-^@M-^P - acters you want. Good passphrases are 10M-bM-^@M-^P30 characters long, are not + series of words, punctuation, numbers, whitespace, or any string of char- + acters you want. Good passphrases are 10-30 characters long, are not simple sentences or otherwise easily guessable (English prose has only - 1M-bM-^@M-^P2 bits of entropy per character, and provides very bad passphrases), - and contain a mix of upper and lowercase letters, numbers, and nonM-bM-^@M-^P + 1-2 bits of entropy per character, and provides very bad passphrases), + and contain a mix of upper and lowercase letters, numbers, and non- alphanumeric characters. The passphrase can be changed later by using - the ^[[1mM-bMM-^Rp ^[[22moption. + the -p option. There is no way to recover a lost passphrase. If the passphrase is lost or forgotten, a new key must be generated and copied to the corresponding @@ -47,136 +47,151 @@ For RSA1 keys, there is also a comment field in the key file that is only for convenience to the user to help identify the key. The comment can - tell what the key is for, or whatever is useful. The comment is initialM-bM-^@M-^P - ized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be changed using the - ^[[1mM-bMM-^Rc ^[[22moption. + tell what the key is for, or whatever is useful. The comment is initial- + ized to ``user@host'' when the key is created, but can be changed using + the -c option. After a key is generated, instructions below detail where the keys should be placed to be activated. The options are as follows: - ^[[1mM-bMM-^Rb ^[[4m^[[22mbits^[[0m + -b bits Specifies the number of bits in the key to create. Minimum is 512 bits. Generally, 1024 bits is considered sufficient. The default is 1024 bits. - ^[[1mM-bMM-^Rc ^[[22mRequests changing the comment in the private and public key - files. This operation is only supported for RSA1 keys. The proM-bM-^@M-^P + -c Requests changing the comment in the private and public key + files. This operation is only supported for RSA1 keys. The pro- gram will prompt for the file containing the private keys, for the passphrase if the key has one, and for the new comment. - ^[[1mM-bMM-^Re ^[[22mThis option will read a private or public OpenSSH key file and - print the key in a M-bM-^@M-^XSECSH Public Key File FormatM-bM-^@M-^Y to stdout. + -e This option will read a private or public OpenSSH key file and + print the key in a `SECSH Public Key File Format' to stdout. This option allows exporting keys for use by several commercial SSH implementations. - ^[[1mM-bMM-^Rf ^[[4m^[[22mfilename^[[0m + -f filename Specifies the filename of the key file. - ^[[1mM-bMM-^Ri ^[[22mThis option will read an unencrypted private (or public) key file - in SSH2M-bM-^@M-^Pcompatible format and print an OpenSSH compatible private - (or public) key to stdout. ^[[1msshM-bM-^@M-^Pkeygen ^[[22malso reads the M-bM-^@M-^XSECSH - Public Key File FormatM-bM-^@M-^Y. This option allows importing keys from + -i This option will read an unencrypted private (or public) key file + in SSH2-compatible format and print an OpenSSH compatible private + (or public) key to stdout. ssh-keygen also reads the `SECSH + Public Key File Format'. This option allows importing keys from several commercial SSH implementations. - ^[[1mM-bMM-^Rl ^[[22mShow fingerprint of specified public key file. Private RSA1 keys - are also supported. For RSA and DSA keys ^[[1msshM-bM-^@M-^Pkeygen ^[[22mtries to + -l Show fingerprint of specified public key file. Private RSA1 keys + are also supported. For RSA and DSA keys ssh-keygen tries to find the matching public key file and prints its fingerprint. - ^[[1mM-bMM-^Rp ^[[22mRequests changing the passphrase of a private key file instead of + -p Requests changing the passphrase of a private key file instead of creating a new private key. The program will prompt for the file containing the private key, for the old passphrase, and twice for the new passphrase. - ^[[1mM-bMM-^Rq ^[[22mSilence ^[[1msshM-bM-^@M-^Pkeygen^[[22m. Used by ^[[4m/etc/rc^[[24m when creating a new key. + -q Silence ssh-keygen. Used by /etc/rc when creating a new key. - ^[[1mM-bMM-^Ry ^[[22mThis option will read a private OpenSSH format file and print an + -y This option will read a private OpenSSH format file and print an OpenSSH public key to stdout. - ^[[1mM-bMM-^Rt ^[[4m^[[22mtype^[[0m + -t type Specifies the type of the key to create. The possible values are - M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\rsaM-bM-^@M-^] or M-bM-^@M-^\dsaM-bM-^@M-^] for protocol - version 2. + ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for proto- + col version 2. - ^[[1mM-bMM-^RB ^[[22mShow the bubblebabble digest of specified private or public key + -B Show the bubblebabble digest of specified private or public key file. - ^[[1mM-bMM-^RC ^[[4m^[[22mcomment^[[0m + -C comment Provides the new comment. - ^[[1mM-bMM-^RD ^[[4m^[[22mreader^[[0m - Download the RSA public key stored in the smartcard in ^[[4mreader^[[24m. + -D reader + Download the RSA public key stored in the smartcard in reader. - ^[[1mM-bMM-^RN ^[[4m^[[22mnew_passphrase^[[0m + -N new_passphrase Provides the new passphrase. - ^[[1mM-bMM-^RP ^[[4m^[[22mpassphrase^[[0m + -P passphrase Provides the (old) passphrase. - ^[[1mM-bMM-^RU ^[[4m^[[22mreader^[[0m - Upload an existing RSA private key into the smartcard in ^[[4mreader^[[24m. + -U reader + Upload an existing RSA private key into the smartcard in reader. -^[[1mFILES^[[0m +FILES $HOME/.ssh/identity Contains the protocol version 1 RSA authentication identity of the user. This file should not be readable by anyone but the user. It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file using 3DES. This file is not automatically accessed by - ^[[1msshM-bM-^@M-^Pkeygen ^[[22mbut it is offered as the default file for the private + ssh-keygen but it is offered as the default file for the private key. ssh(1) will read this file when a login attempt is made. $HOME/.ssh/identity.pub - Contains the protocol version 1 RSA public key for authenticaM-bM-^@M-^P + Contains the protocol version 1 RSA public key for authentica- tion. The contents of this file should be added to - ^[[4m$HOME/.ssh/authorized_keys^[[24m on all machines where the user wishes + $HOME/.ssh/authorized_keys on all machines where the user wishes to log in using RSA authentication. There is no need to keep the contents of this file secret. $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of - the user. This file should not be readable by anyone but the - user. It is possible to specify a passphrase when generating the - key; that passphrase will be used to encrypt the private part of - this file using 3DES. This file is not automatically accessed by - ^[[1msshM-bM-^@M-^Pkeygen ^[[22mbut it is offered as the default file for the private + the user. It is possible to contain identity plus x509 certifi- + cate. This file should not be readable by anyone but the user. + It is possible to specify a passphrase when generating the key; + that passphrase will be used to encrypt the private part of this + file using 3DES. This file is not automatically accessed by + ssh-keygen but it is offered as the default file for the private key. ssh(1) will read this file when a login attempt is made. $HOME/.ssh/id_dsa.pub - Contains the protocol version 2 DSA public key for authenticaM-bM-^@M-^P + Contains the protocol version 2 DSA public key for authentica- tion. The contents of this file should be added to - ^[[4m$HOME/.ssh/authorized_keys^[[24m on all machines where the user wishes + $HOME/.ssh/authorized_keys on all machines where the user wishes to log in using public key authentication. There is no need to - keep the contents of this file secret. + keep the contents of this file secret. When file + $HOME/.ssh/id_dsa contain DSA identity plus X509 certificate this + file must contain user certificate! Use ssh-keygen(1) with option + -y to regenerate its content. Note in case with X509 certificate + you can append content to $HOME/.ssh/authorized_keys or to add + certificate ``Distinguished Name'' / ``Subject'' in corresponding + format to ``authorized keys'' file. See sshd(8). $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of - the user. This file should not be readable by anyone but the - user. It is possible to specify a passphrase when generating the - key; that passphrase will be used to encrypt the private part of - this file using 3DES. This file is not automatically accessed by - ^[[1msshM-bM-^@M-^Pkeygen ^[[22mbut it is offered as the default file for the private + the user. It is possible to contain identity plus x509 certifi- + cate. This file should not be readable by anyone but the user. + It is possible to specify a passphrase when generating the key; + that passphrase will be used to encrypt the private part of this + file using 3DES. This file is not automatically accessed by + ssh-keygen but it is offered as the default file for the private key. ssh(1) will read this file when a login attempt is made. $HOME/.ssh/id_rsa.pub - Contains the protocol version 2 RSA public key for authenticaM-bM-^@M-^P + Contains the protocol version 2 RSA public key for authentica- tion. The contents of this file should be added to - ^[[4m$HOME/.ssh/authorized_keys^[[24m on all machines where the user wishes + $HOME/.ssh/authorized_keys on all machines where the user wishes to log in using public key authentication. There is no need to - keep the contents of this file secret. + keep the contents of this file secret. When file + $HOME/.ssh/id_rsa contain RSA identity plus X509 certificate this + file must contain user certificate! Use ssh-keygen(1) with option + -y to regenerate its content. Note in case with X509 certificate + you can append content to $HOME/.ssh/authorized_keys or to add + certificate ``Distinguished Name'' / ``Subject'' in corresponding + format to ``authorized keys'' file. See sshd(8). -^[[1mAUTHORS^[[0m +AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P + de Raadt and Dug Song removed many bugs, re-added newer features and cre- ated OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. + versions 1.5 and 2.0. Roumen Petrov contributed support for x509 cer- + tificates. -^[[1mSEE ALSO^[[0m - ssh(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pagent(1), sshd(8) +SEE ALSO + ssh(1), ssh-add(1), ssh-agent(1), sshd(8) - J. Galbraith and R. Thayer, ^[[4mSECSH^[[24m ^[[4mPublic^[[24m ^[[4mKey^[[24m ^[[4mFile^[[24m ^[[4mFormat^[[24m, draftM-bM-^@M-^PietfM-bM-^@M-^P - secshM-bM-^@M-^PpublickeyfileM-bM-^@M-^P01.txt, March 2001, work in progress material. + J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf- + secsh-publickeyfile-01.txt, March 2001, work in progress material. BSD September 25, 1999 BSD diff -ruN openssh-3.6.1p1/ssh-keygen.1 openssh-3.6.1p1+x509g/ssh-keygen.1 --- openssh-3.6.1p1/ssh-keygen.1 2003-04-01 14:42:14.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-keygen.1 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.56 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD$ .\" .\" -*- nroff -*- .\" @@ -16,6 +16,7 @@ .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. .\" Copyright (c) 1999 Aaron Campbell. All rights reserved. .\" Copyright (c) 1999 Theo de Raadt. All rights reserved. +.\" Copyright (c) 2002 Roumen Petrov. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -241,6 +242,7 @@ There is no need to keep the contents of this file secret. .It Pa $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of the user. +It is possible to contain identity plus x509 certificate. This file should not be readable by anyone but the user. It is possible to specify a passphrase when generating the key; that passphrase will be @@ -257,8 +259,25 @@ on all machines where the user wishes to log in using public key authentication. There is no need to keep the contents of this file secret. +When file +.Pa $HOME/.ssh/id_dsa +contain DSA identity plus X509 certificate this file must contain +user certificate! Use +.Xr ssh-keygen 1 +with option -y to regenerate its content. +Note in case with X509 certificate you can append content to +.Pa $HOME/.ssh/authorized_keys +or to add certificate +.Dq Distinguished Name +/ +.Dq Subject +in corresponding format to +.Dq authorized keys +file. See +.Xr sshd 8 . .It Pa $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. +It is possible to contain identity plus x509 certificate. This file should not be readable by anyone but the user. It is possible to specify a passphrase when generating the key; that passphrase will be @@ -275,6 +294,22 @@ on all machines where the user wishes to log in using public key authentication. There is no need to keep the contents of this file secret. +When file +.Pa $HOME/.ssh/id_rsa +contain RSA identity plus X509 certificate this file must contain +user certificate! Use +.Xr ssh-keygen 1 +with option -y to regenerate its content. +Note in case with X509 certificate you can append content to +.Pa $HOME/.ssh/authorized_keys +or to add certificate +.Dq Distinguished Name +/ +.Dq Subject +in corresponding format to +.Dq authorized keys +file. See +.Xr sshd 8 . .El .Sh AUTHORS OpenSSH is a derivative of the original and free @@ -285,6 +320,7 @@ created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. +Roumen Petrov contributed support for x509 certificates. .Sh SEE ALSO .Xr ssh 1 , .Xr ssh-add 1 , diff -ruN openssh-3.6.1p1/ssh-keyscan.0 openssh-3.6.1p1+x509g/ssh-keyscan.0 --- openssh-3.6.1p1/ssh-keyscan.0 2003-04-01 14:57:31.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-keyscan.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,102 +1,110 @@ -SSHM-bM-^@M-^PKEYSCAN(1) BSD General Commands Manual SSHM-bM-^@M-^PKEYSCAN(1) +SSH-KEYSCAN(1) System General Commands Manual SSH-KEYSCAN(1) -^[[1mNAME^[[0m - ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mM-bMM-^R gather ssh public keys +NAME + ssh-keyscan - gather ssh public keys -^[[1mSYNOPSIS^[[0m - ^[[1msshM-bM-^@M-^Pkeyscan ^[[22m[^[[1mM-bMM-^Rv46^[[22m] [^[[1mM-bMM-^Rp ^[[4m^[[22mport^[[24m] [^[[1mM-bMM-^RT ^[[4m^[[22mtimeout^[[24m] [^[[1mM-bMM-^Rt ^[[4m^[[22mtype^[[24m] [^[[1mM-bMM-^Rf ^[[4m^[[22mfile^[[24m] - [^[[4mhost^[[24m | ^[[4maddrlist^[[24m ^[[4mnamelist^[[24m] [^[[4m...^[[24m] +SYNOPSIS + ssh-keyscan [-v46] [-p port] [-T timeout] [-t type] [-f file] + [host | addrlist namelist] [...] -^[[1mDESCRIPTION^[[0m - ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mis a utility for gathering the public ssh host keys of a numM-bM-^@M-^P +DESCRIPTION + ssh-keyscan is a utility for gathering the public ssh host keys of a num- ber of hosts. It was designed to aid in building and verifying - ^[[4mssh_known_hosts^[[24m files. ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mprovides a minimal interface suitable + ssh_known_hosts files. ssh-keyscan provides a minimal interface suitable for use by shell and perl scripts. - ^[[1msshM-bM-^@M-^Pkeyscan ^[[22muses nonM-bM-^@M-^Pblocking socket I/O to contact as many hosts as posM-bM-^@M-^P + ssh-keyscan uses non-blocking socket I/O to contact as many hosts as pos- sible in parallel, so it is very efficient. The keys from a domain of 1,000 hosts can be collected in tens of seconds, even when some of those hosts are down or do not run ssh. For scanning, one does not need login - access to the machines that are being scanned, nor does the scanning proM-bM-^@M-^P + access to the machines that are being scanned, nor does the scanning pro- cess involve any encryption. The options are as follows: - ^[[1mM-bMM-^Rp ^[[4m^[[22mport^[[0m + -p port Port to connect to on the remote host. - ^[[1mM-bMM-^RT ^[[4m^[[22mtimeout^[[0m - Set the timeout for connection attempts. If ^[[4mtimeout^[[24m seconds have + -T timeout + Set the timeout for connection attempts. If timeout seconds have elapsed since a connection was initiated to a host or since the last time anything was read from that host, then the connection is closed and the host in question considered unavailable. Default is 5 seconds. - ^[[1mM-bMM-^Rt ^[[4m^[[22mtype^[[0m + -t type Specifies the type of the key to fetch from the scanned hosts. - The possible values are M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\rsaM-bM-^@M-^] - or M-bM-^@M-^\dsaM-bM-^@M-^] for protocol version 2. Multiple values may be speciM-bM-^@M-^P - fied by separating them with commas. The default is M-bM-^@M-^\rsa1M-bM-^@M-^]. - - ^[[1mM-bMM-^Rf ^[[4m^[[22mfilename^[[0m - Read hosts or ^[[4maddrlist^[[24m ^[[4mnamelist^[[24m pairs from this file, one per - line. If ^[[4mM-bM-^@M-^P^[[24m is supplied instead of a filename, ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mwill - read hosts or ^[[4maddrlist^[[24m ^[[4mnamelist^[[24m pairs from the standard input. + The possible values are ``rsa1'' for protocol version 1 and + ``rsa'' or ``ssh-rsa'' , ``dsa'' or ``ssh-rsa'' , + ``x509v3-sign-rsa'' or ``x509v3-sign-dss'' for protocol version + 2. Multiple values may be specified by separating them with com- + mas. The default is ``rsa1''. + + -f filename + Read hosts or addrlist namelist pairs from this file, one per + line. If - is supplied instead of a filename, ssh-keyscan will + read hosts or addrlist namelist pairs from the standard input. - ^[[1mM-bMM-^Rv ^[[22mVerbose mode. Causes ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mto print debugging messages + -v Verbose mode. Causes ssh-keyscan to print debugging messages about its progress. - ^[[1mM-bMM-^R4 ^[[22mForces ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mto use IPv4 addresses only. + -4 Forces ssh-keyscan to use IPv4 addresses only. - ^[[1mM-bMM-^R6 ^[[22mForces ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mto use IPv6 addresses only. + -6 Forces ssh-keyscan to use IPv6 addresses only. -^[[1mSECURITY^[[0m - If a ssh_known_hosts file is constructed using ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mwithout veriM-bM-^@M-^P +SECURITY + If a ssh_known_hosts file is constructed using ssh-keyscan without veri- fying the keys, users will be vulnerable to attacks. On the other hand, - if the security model allows such a risk, ^[[1msshM-bM-^@M-^Pkeyscan ^[[22mcan help in the + if the security model allows such a risk, ssh-keyscan can help in the detection of tampered keyfiles or man in the middle attacks which have begun after the ssh_known_hosts file was created. -^[[1mEXAMPLES^[[0m - Print the ^[[4mrsa1^[[24m host key for machine ^[[4mhostname^[[24m: +EXAMPLES + Print the rsa1 host key for machine hostname: - $ sshM-bM-^@M-^Pkeyscan hostname + $ ssh-keyscan hostname - Find all hosts from the file ^[[4mssh_hosts^[[24m which have new or different keys - from those in the sorted file ^[[4mssh_known_hosts^[[24m: + Find all hosts from the file ssh_hosts which have new or different keys + from those in the sorted file ssh_known_hosts: - $ sshM-bM-^@M-^Pkeyscan M-bM-^@M-^Pt rsa,dsa M-bM-^@M-^Pf ssh_hosts | \ - sort M-bM-^@M-^Pu M-bM-^@M-^P ssh_known_hosts | diff ssh_known_hosts M-bM-^@M-^P + $ ssh-keyscan -t x509v3-sign-rsa,x509v3-sign-dss,rsa,dsa -f ssh_hosts | \ + sort -u - ssh_known_hosts | diff ssh_known_hosts - -^[[1mFILES^[[0m - ^[[4mInput^[[24m ^[[4mformat:^[[0m +FILES + Input format: 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 - ^[[4mOutput^[[24m ^[[4mformat^[[24m ^[[4mfor^[[24m ^[[4mrsa1^[[24m ^[[4mkeys:^[[0m + Output format for rsa1 keys: - hostM-bM-^@M-^PorM-bM-^@M-^Pnamelist bits exponent modulus + host-or-namelist bits exponent modulus - ^[[4mOutput^[[24m ^[[4mformat^[[24m ^[[4mfor^[[24m ^[[4mrsa^[[24m ^[[4mand^[[24m ^[[4mdsa^[[24m ^[[4mkeys:^[[0m + Output format for rsa and dsa keys: - hostM-bM-^@M-^PorM-bM-^@M-^Pnamelist keytype base64M-bM-^@M-^PencodedM-bM-^@M-^Pkey + host-or-namelist keytype base64-encoded-key - Where ^[[4mkeytype^[[24m is either M-bM-^@M-^\sshM-bM-^@M-^PrsaM-bM-^@M-^] or M-bM-^@M-^\sshM-bM-^@M-^PdsaM-bM-^@M-^]. + Where keytype is either ``ssh-rsa'' or ``ssh-dsa''. - ^[[4m/etc/ssh/ssh_known_hosts^[[0m + Output format for rsa and dsa keys with x509 certificates: -^[[1mBUGS^[[0m + host-or-namelist keytype distinguished-name + + Where keytype is either ``x509v3-sign-rsa'' or ``x509v3-sign-dss''. + + /etc/ssh/ssh_known_hosts + +BUGS It generates "Connection closed by remote host" messages on the consoles of all the machines it scans if the server is older than version 2.9. This is because it opens a connection to the ssh port, reads the public key, and drops the connection as soon as it gets the key. -^[[1mSEE ALSO^[[0m +SEE ALSO ssh(1), sshd(8) -^[[1mAUTHORS^[[0m +AUTHORS David Mazieres wrote the initial version, and Wayne Davison added support for protocol version - 2. + 2. Roumen Petrov contributed support for x509 certificates. BSD January 1, 1996 BSD diff -ruN openssh-3.6.1p1/ssh-keyscan.1 openssh-3.6.1p1+x509g/ssh-keyscan.1 --- openssh-3.6.1p1/ssh-keyscan.1 2003-04-01 14:42:14.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-keyscan.1 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.15 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD$ .\" .\" Copyright 1995, 1996 by David Mazieres . .\" @@ -6,6 +6,29 @@ .\" permitted provided that due credit is given to the author and the .\" OpenBSD project by leaving this copyright notice intact. .\" +.\" X509 certificates support, +.\" Copyright (c) 2002 Roumen Petrov. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" .Dd January 1, 1996 .Dt SSH-KEYSCAN 1 .Os @@ -63,7 +86,15 @@ for protocol version 1 and .Dq rsa or +.Dq ssh-rsa +, .Dq dsa +or +.Dq ssh-rsa +, +.Dq x509v3-sign-rsa +or +.Dq x509v3-sign-dss for protocol version 2. Multiple values may be specified by separating them with commas. The default is @@ -118,7 +149,7 @@ which have new or different keys from those in the sorted file .Pa ssh_known_hosts : .Bd -literal -$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e\ +$ ssh-keyscan -t x509v3-sign-rsa,x509v3-sign-dss,rsa,dsa -f ssh_hosts | \e\ sort -u - ssh_known_hosts | diff ssh_known_hosts - .Ed .Sh FILES @@ -144,6 +175,18 @@ or .Dq ssh-dsa . .Pp +.Pa Output format for rsa and dsa keys with x509 certificates: +.Bd -literal +host-or-namelist keytype distinguished-name +.Ed +.Pp +Where +.Pa keytype +is either +.Dq x509v3-sign-rsa +or +.Dq x509v3-sign-dss . +.Pp .Pa /etc/ssh/ssh_known_hosts .Sh BUGS It generates "Connection closed by remote host" messages on the consoles @@ -158,3 +201,4 @@ wrote the initial version, and Wayne Davison added support for protocol version 2. +Roumen Petrov contributed support for x509 certificates. diff -ruN openssh-3.6.1p1/ssh-keyscan.c openssh-3.6.1p1+x509g/ssh-keyscan.c --- openssh-3.6.1p1/ssh-keyscan.c 2003-02-24 03:03:03.000000000 +0200 +++ openssh-3.6.1p1+x509g/ssh-keyscan.c 2003-04-05 09:06:01.000000000 +0300 @@ -4,10 +4,33 @@ * Modification and redistribution in source and binary forms is * permitted provided that due credit is given to the author and the * OpenBSD project by leaving this copyright notice intact. + * + * X509 certificates support, + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.41 2003/02/16 17:09:57 markus Exp $"); +RCSID("$OpenBSD$"); #include "openbsd-compat/sys-queue.h" @@ -42,6 +65,8 @@ #define KT_RSA1 1 #define KT_DSA 2 #define KT_RSA 4 +#define KT_X509DSA 8 +#define KT_X509RSA 16 int get_keytypes = KT_RSA1; /* Get only RSA1 keys by default */ @@ -79,7 +104,8 @@ int c_plen; /* Packet length field for ssh packet */ int c_len; /* Total bytes which must be read. */ int c_off; /* Length of data read so far. */ - int c_keytype; /* Only one of KT_RSA1, KT_DSA, or KT_RSA */ + int c_keytype; /* Only one of KT_RSA1, KT_DSA, KT_RSA, + KT_X509DSA or KT_X509RSA */ char *c_namebase; /* Address to free for c_name and c_namelist */ char *c_name; /* Hostname of connection for errors */ char *c_namelist; /* Pointer to other possible addresses */ @@ -351,8 +377,23 @@ packet_set_connection(c->c_fd, c->c_fd); enable_compat20(); +/* myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? "ssh-dss": "ssh-rsa"; +*/ + { + Key k; + switch (c->c_keytype) { + case KT_DSA: k.type = KEY_DSA; break; + case KT_RSA: k.type = KEY_RSA; break; + case KT_X509DSA: k.type = KEY_X509_RSA; break; + case KT_X509RSA: k.type = KEY_X509_DSA; break; + default: + fprintf(stderr, "keygrab_ssh2:Invalid keytype!\n"); + exit(1); + } + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = key_ssh_name(&k); + } c->c_kex = kex_setup(myproposal); c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; @@ -379,7 +420,12 @@ return; fprintf(stdout, "%s ", c->c_output_name ? c->c_output_name : c->c_name); - key_write(key, stdout); + if ((key->type == KEY_X509_RSA) || (key->type == KEY_X509_DSA)) { + /* key_write will print x509 certificate in blob format :-( */ + x509key_write_subject(key, stdout); + } else { + key_write(key, stdout); + } fputs("\n", stdout); } @@ -659,7 +705,7 @@ if (name == NULL) return; - for (j = KT_RSA1; j <= KT_RSA; j *= 2) { + for (j = KT_RSA1; j <= KT_X509RSA; j *= 2) { if (get_keytypes & j) { while (ncon >= MAXCON) conloop(); @@ -755,6 +801,12 @@ case KEY_RSA: get_keytypes |= KT_RSA; break; + case KEY_X509_DSA: + get_keytypes |= KT_X509DSA; + break; + case KEY_X509_RSA: + get_keytypes |= KT_X509RSA; + break; case KEY_UNSPEC: fatal("unknown key type %s", tname); } diff -ruN openssh-3.6.1p1/ssh-keysign.0 openssh-3.6.1p1+x509g/ssh-keysign.0 --- openssh-3.6.1p1/ssh-keysign.0 2003-04-01 14:57:32.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-keysign.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,42 +1,43 @@ -SSHM-bM-^@M-^PKEYSIGN(8) BSD System ManagerM-bM-^@M-^Ys Manual SSHM-bM-^@M-^PKEYSIGN(8) +SSH-KEYSIGN(8) System Manager's Manual SSH-KEYSIGN(8) -^[[1mNAME^[[0m - ^[[1msshM-bM-^@M-^Pkeysign ^[[22mM-bMM-^R ssh helper program for hostbased authentication +NAME + ssh-keysign - ssh helper program for hostbased authentication -^[[1mSYNOPSIS^[[0m - ^[[1msshM-bM-^@M-^Pkeysign^[[0m +SYNOPSIS + ssh-keysign -^[[1mDESCRIPTION^[[0m - ^[[1msshM-bM-^@M-^Pkeysign ^[[22mis used by ssh(1) to access the local host keys and generate +DESCRIPTION + ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during hostbased authentication with SSH protocol version 2. - ^[[1msshM-bM-^@M-^Pkeysign ^[[22mis disabled by default and can only be enabled in the global - client configuration file ^[[4m/etc/ssh/ssh_config^[[24m by setting ^[[1mEnableSSHKeysign^[[0m - to M-bM-^@M-^\yesM-bM-^@M-^]. + ssh-keysign is disabled by default and can only be enabled in the global + client configuration file /etc/ssh/ssh_config by setting EnableSSHKeysign + to ``yes''. - ^[[1msshM-bM-^@M-^Pkeysign ^[[22mis not intended to be invoked by the user, but from ssh(1). - See ssh(1) and sshd(8) for more information about hostbased authenticaM-bM-^@M-^P + ssh-keysign is not intended to be invoked by the user, but from ssh(1). + See ssh(1) and sshd(8) for more information about hostbased authentica- tion. -^[[1mFILES^[[0m +FILES /etc/ssh/ssh_config - Controls whether ^[[1msshM-bM-^@M-^Pkeysign ^[[22mis enabled. + Controls whether ssh-keysign is enabled. /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable only by root, and not accessible to others. Since they - are readable only by root, ^[[1msshM-bM-^@M-^Pkeysign ^[[22mmust be setM-bM-^@M-^Puid root if - hostbased authentication is used. + are readable only by root, ssh-keysign must be set-uid root if + hostbased authentication is used. It is possible host key to + contain private parts plus x509 certificate. -^[[1mSEE ALSO^[[0m - ssh(1), sshM-bM-^@M-^Pkeygen(1), ssh_config(5), sshd(8) +SEE ALSO + ssh(1), ssh-keygen(1), ssh_config(5), sshd(8) -^[[1mAUTHORS^[[0m +AUTHORS Markus Friedl -^[[1mHISTORY^[[0m - ^[[1msshM-bM-^@M-^Pkeysign ^[[22mfirst appeared in OpenBSD 3.2. +HISTORY + ssh-keysign first appeared in OpenBSD 3.2. BSD May 24, 2002 BSD diff -ruN openssh-3.6.1p1/ssh-keysign.8 openssh-3.6.1p1+x509g/ssh-keysign.8 --- openssh-3.6.1p1/ssh-keysign.8 2003-04-01 14:42:14.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-keysign.8 2003-04-05 09:06:00.000000000 +0300 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keysign.8,v 1.6 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD$ .\" .\" Copyright (c) 2002 Markus Friedl. All rights reserved. .\" @@ -68,6 +68,7 @@ Since they are readable only by root, .Nm must be set-uid root if hostbased authentication is used. +It is possible host key to contain private parts plus x509 certificate. .El .Sh SEE ALSO .Xr ssh 1 , diff -ruN openssh-3.6.1p1/ssh-rand-helper.0 openssh-3.6.1p1+x509g/ssh-rand-helper.0 --- openssh-3.6.1p1/ssh-rand-helper.0 2003-04-01 14:57:31.000000000 +0300 +++ openssh-3.6.1p1+x509g/ssh-rand-helper.0 2003-04-05 09:06:00.000000000 +0300 @@ -1,49 +1,49 @@ -SSHM-bM-^@M-^PRANDM-bM-^@M-^PHELPER(8) BSD System ManagerM-bM-^@M-^Ys Manual SSHM-bM-^@M-^PRANDM-bM-^@M-^PHELPER(8) +SSH-RAND-HELPER(8) System Manager's Manual SSH-RAND-HELPER(8) -^[[1mNAME^[[0m - ^[[1msshM-bM-^@M-^PrandM-bM-^@M-^Phelper ^[[22mM-bMM-^R Random number gatherer for OpenSSH +NAME + ssh-rand-helper - Random number gatherer for OpenSSH -^[[1mSYNOPSIS^[[0m - ^[[1msshM-bM-^@M-^PrandM-bM-^@M-^Phlper ^[[22m[^[[1mM-bMM-^RvxXh^[[22m] [^[[1mM-bMM-^Rb ^[[4m^[[22mbytes^[[24m] +SYNOPSIS + ssh-rand-hlper [-vxXh] [-b bytes] -^[[1mDESCRIPTION^[[0m - ^[[1msshM-bM-^@M-^PrandM-bM-^@M-^Phelper ^[[22mis a small helper program used by ssh(1), sshM-bM-^@M-^Padd(1), - sshM-bM-^@M-^Pagent(1), sshM-bM-^@M-^Pkeygen(1), sshM-bM-^@M-^Pkeyscan(1) and sshd(8) to gather random +DESCRIPTION + ssh-rand-helper is a small helper program used by ssh(1), ssh-add(1), + ssh-agent(1), ssh-keygen(1), ssh-keyscan(1) and sshd(8) to gather random numbers of cryptographic quality if the openssl(4) library has not been configured to provide them itself. - Normally ^[[1msshM-bM-^@M-^PrandM-bM-^@M-^Phelper ^[[22mwill generate a strong random seed and provide + Normally ssh-rand-helper will generate a strong random seed and provide it to the calling program via standard output. If standard output is a - tty, ^[[1msshM-bM-^@M-^PrandM-bM-^@M-^Phelper ^[[22mwill instead print the seed in hexidecimal format + tty, ssh-rand-helper will instead print the seed in hexidecimal format unless told otherwise. - ^[[1msshM-bM-^@M-^PrandM-bM-^@M-^Phelper ^[[22mwill by default gather random numbers from the system - commands listed in ^[[4m/etc/ssh/ssh_prng_cmds^[[24m. The output of each of the + ssh-rand-helper will by default gather random numbers from the system + commands listed in /etc/ssh/ssh_prng_cmds. The output of each of the commands listed will be hashed and used to generate a random seed for the - calling program. ^[[1msshM-bM-^@M-^PrandM-bM-^@M-^Phelper ^[[22mwill also store seed files in - ^[[4m~/.ssh/prng_seed^[[24m between executions. + calling program. ssh-rand-helper will also store seed files in + ~/.ssh/prng_seed between executions. - Alternately, ^[[1msshM-bM-^@M-^PrandM-bM-^@M-^Phelper ^[[22mmay be configured at build time to collect + Alternately, ssh-rand-helper may be configured at build time to collect random numbers from a EGD/PRNGd server via a unix domain or localhost tcp socket. - This program is not intended to be run by the endM-bM-^@M-^Puser, so the few comM-bM-^@M-^P + This program is not intended to be run by the end-user, so the few com- mandline options are for debugging purposes only. - ^[[1mM-bMM-^Rb ^[[4m^[[22mbytes^[[0m + -b bytes Specify the number of random bytes to include in the output. - ^[[1mM-bMM-^Rx ^[[22mOutput a hexidecimal instead of a binary seed. + -x Output a hexidecimal instead of a binary seed. - ^[[1mM-bMM-^RX ^[[22mForce output of a binary seed, even if standard output is a tty + -X Force output of a binary seed, even if standard output is a tty - ^[[1mM-bMM-^Rv ^[[22mTurn on debugging message. Multiple ^[[1mM-bMM-^Rv ^[[22moptions will increase the - debugging level. ^[[1mM-bMM-^Rh ^[[22mDisplay a summary of options. + -v Turn on debugging message. Multiple -v options will increase the + debugging level. -h Display a summary of options. -^[[1mAUTHORS^[[0m +AUTHORS Damien Miller -^[[1mSEE ALSO^[[0m - ssh(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pkeygen(1), sshd(8) +SEE ALSO + ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) BSD April 14, 2002 BSD diff -ruN openssh-3.6.1p1/ssh-x509.c openssh-3.6.1p1+x509g/ssh-x509.c --- openssh-3.6.1p1/ssh-x509.c 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/ssh-x509.c 2003-02-01 09:06:01.000000000 +0200 @@ -0,0 +1,1061 @@ +/* + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#include "ssh-x509.h" +#include "includes.h" +#include "log.h" +#include +#include "xmalloc.h" +#include "uuencode.h" +#include +#include "bufaux.h" +#include "x509store.h" + + +static char* +x509key_find_subject(int _keytype, char* _cp) { + static char *keywords[] = { + "subject", + "distinguished name", + "distinguished-name", + "distinguished_name", + "distinguishedname", + "dn", + NULL + }; + char **q, *p; + size_t len; + + if (_keytype != KEY_X509_RSA && + _keytype != KEY_X509_DSA) { + debug3("x509key_find_subject: %d is not x509 key ", _keytype); + return 0; + } + for (q=keywords; *q; q++) { + len = strlen(*q); + if (strncasecmp(_cp, *q, len) == 0) { + for (p = _cp + len; *p && isspace(*p); p++) + {} + if (!*p) { + error("x509key_find_subject: no data"); + return NULL; + } + if (*p == ':' || *p == '=') + p++; + for (; *p && isspace(*p); p++) + {} + if (!*p) { + error("x509key_find_subject: no data"); + return NULL; + } + if (*p == '/') + p++; + return p; + } + } + return NULL; +} + + +static int +x509key_str2X509NAME(char* _str, X509_NAME *_name) { + int ret = 1; + char *p, *q, *token; + char ch; + + p = _str; + while (*p) { + int nid; + for (; *p && isspace(*p); p++) + {} + if (!*p) break; + + /* get shortest token */ + { + char *tokenA = strchr(p, ','); + char *tokenB = strchr(p, '/'); + + if (tokenA == NULL) { + token = tokenB; + } else if (tokenB == NULL) { + token = tokenA; + } else { + token = (tokenA < tokenB) ? tokenA : tokenB; + } + } + if (token) { + ch = *token; + *token = 0; + } else { + ch = 0; + token = p + strlen(p); + } + q = strchr(p, '='); + if (!q) { + error("x509key_str2X509NAME: cannot parse '%.200s' ...", p); + ret = 0; + break; + } + *q = 0; + nid = OBJ_txt2nid(p); + *q = '='; + if (nid == NID_undef) { + error("x509key_str2X509NAME: cannot get nid from string '%.200s'", p); + ret = 0; + } else { + p = q + 1; + if(!*p) { + error("x509key_str2X509NAME: no data"); + ret = 0; + } else { /* add */ + char save; + for(q = token - 1; (q >= p) && isspace(*q); q--) + {/*skip unexpected \n,etc. from end*/} + + save = *++q; + *q = 0; + ret = X509_NAME_add_entry_by_NID(_name, nid, MBSTRING_ASC, p, q - p, -1, 0); + if(ret <= 0) { + int ecode = ERR_get_error(); + error("x509key_str2X509NAME: X509_NAME_add_entry_by_NID" + " fail with errormsg='%.200s'" + " for nid=%d/%.32s" + " and data='%.128s'" + , ERR_error_string(ecode, NULL) + , nid, OBJ_nid2ln(nid) + , p); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + } + *q = save; + } + } + *token = ch; + if(ret <= 0) { + break; + } + p = token; + if(*p) p++; + } + debug3("x509key_str2X509NAME: return %d", ret); + return ret; +} + + +Key* +x509key_from_subject(int _keytype, char* _cp) { + int ret = 1; + Key* key = NULL; + X509_NAME *subj; + char *subject; + + debug3("x509key_from_subject(%d, [%.200s]) called ", _keytype, _cp); + subject = x509key_find_subject(_keytype, _cp); + if(subject == NULL) + return NULL; + + debug3("x509key_from_subject: subject=[%.200s]", subject); + key = key_new(_keytype); + if (key == NULL) { + error("x509key_from_subject: out of memory"); + return NULL; + } + + if (ret > 0) { + subj = X509_get_subject_name(key->x509); + if (subj == NULL) { + error("x509key_from_subject: new x509 key without subject"); + ret = 0; + } + } + + if (ret > 0) { + ret = x509key_str2X509NAME(subject, subj); + } + + if (ret <= 0) { + if (key) { + key_free(key); + key = NULL; + } + } + debug3("x509key_from_subject: return %p", key); + return key; +} + + +static Key* +x509_to_key(X509 *x509) { + Key *key = NULL; + EVP_PKEY *env_pkey; + + env_pkey = X509_get_pubkey(x509); + + if (env_pkey == NULL) { + int ecode = ERR_get_error(); + error("x509_to_key: X509_get_pubkey fail %.200s", ERR_error_string(ecode, NULL)); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + return key; + } + else { + debug3("x509_to_key: X509_get_pubkey done!"); + } + + switch(env_pkey->type) { + case EVP_PKEY_RSA: + key = key_new(KEY_UNSPEC); + key->x509 = x509; + key->rsa = EVP_PKEY_get1_RSA(env_pkey); + key->type = KEY_X509_RSA; +#ifdef DEBUG_PK + RSA_print_fp(stderr, key->rsa, 8); +#endif + break; + + case EVP_PKEY_DSA: + key = key_new(KEY_UNSPEC); + key->x509 = x509; + key->dsa = EVP_PKEY_get1_DSA(env_pkey); + key->type = KEY_X509_DSA; +#ifdef DEBUG_PK + DSA_print_fp(stderr, key->dsa, 8); +#endif + break; + + default: + debug3("x509_to_key: unspec key" ); + } + + return key; +} + + +Key* +x509key_from_blob( + u_char *blob, + int blen +) { + Key* key = NULL; + BIO *mbio; + + /* convert blob data to BIO certificate data */ + mbio=BIO_new(BIO_s_mem()); + if (mbio == NULL) return NULL; + BIO_write(mbio,blob,blen); + BIO_flush(mbio); + + debug3("x509key_from_blob:We have %d bytes available in BIO",BIO_pending(mbio)); + + { /* read X509 certificate from BIO data */ + X509* x509 = NULL; + x509 = d2i_X509_bio(mbio,NULL); + if (x509 == NULL) { + int ecode = ERR_get_error(); + /* We will print only debug info !!! + * This method is used in place where we can only check incomming data. + * If data contain x506 certificate blob we will return a key otherwise NULL. + */ + debug3("x509key_from_blob: read X509 from BIO fail %.200s", ERR_error_string(ecode, NULL)); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + } + else { + key = x509_to_key(x509); + if (key == NULL) + X509_free(x509); + } + } + + /* This call will walk the chain freeing all the BIOs */ + BIO_free_all(mbio); + return key; +} + + +static int +x509key_check(char* method, Key *key) { + if (key == NULL) + { error("%.50s: no key", method); return 0; } + + if (key->type != KEY_X509_RSA && + key->type != KEY_X509_DSA ) + { error("%.50s: cannot handle key type %d", method, key->type); return 0; } + + if (key->x509 == NULL) + { error("%.50s: no X509 key", method); return 0; } + + return 1; +} + + +int +x509key_to_blob( + Key *key, + Buffer *b +) { + int len; + void* str; + unsigned char *p; + + if (!x509key_check("x509key_to_blob", key)) + return 0; + + len = i2d_X509(key->x509, NULL); + str = xmalloc(len); + if (str == NULL) + { error("x509key_to_blob: out of memory"); return 0; } + + p = str; + i2d_X509(key->x509, &p); + buffer_append(b, str, len); + xfree(str); + return 1; +} + + +char* +x509key_subject(Key *key) { + char *buf = NULL; + if (!x509key_check("x509key_subject", key)) + return buf; + buf = xmalloc(X509KEY_SUBJECT_MAXLEN); /* xmalloc exit if cannot allocate memory */ + X509_NAME_oneline(X509_get_subject_name(key->x509), buf, X509KEY_SUBJECT_MAXLEN); + return buf; +} + + +int +x509key_write( + Key *key, + FILE *f +) { + int ret = 0; + Buffer b; + int n; + + if (!x509key_check("x509key_write_blob", key)) + return ret; + + buffer_init(&b); + ret = x509key_to_blob(key,&b); + if (ret) { + /* write ssh key name */ + char * ktype = key_ssh_name(key); + n = strlen(ktype); + ret = ( fwrite(ktype, 1, n, f) == n ) && + ( fwrite(" " , 1, 1, f) == 1 ); + } + if (ret) { + u_char uu[1<<12]; /* 4096 bytes */ + + n = uuencode(buffer_ptr(&b), buffer_len(&b), uu, sizeof(uu)); + ret = n > 0; + if (ret) { + ret = (fwrite(uu, 1, n, f) == n); + } + } + buffer_free(&b); + return ret; +} + + +int +x509key_write_subject( + Key *key, + FILE *f +) { + BIO *out=NULL; + char buf[X509KEY_SUBJECT_MAXLEN]; + + if (!x509key_check("x509key_write_subject", key)) + return 0; + + out=BIO_new_fp(f, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + + BIO_puts(out, key_ssh_name(key)); + BIO_puts(out, " Subject:"); + X509_NAME_oneline(X509_get_subject_name(key->x509), buf, sizeof(buf)); + BIO_puts(out, buf); + + BIO_free_all(out); + return 1; +} + + +Key* +x509key_load_cert( + Key *key, + FILE *fp +) { + if (!key) return NULL; + + if ( (key->type == KEY_RSA) || + (key->type == KEY_DSA) ) { + key->x509 = PEM_read_X509(fp, NULL, NULL, NULL); + if (key->x509 == NULL) { + int ecode = ERR_get_error(); + debug3("x509key_load_cert: PEM_read_X509 fail %.200s", ERR_error_string(ecode, NULL)); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + } + else { + key->type = (key->type == KEY_RSA) ? KEY_X509_RSA : KEY_X509_DSA; + debug("read X509 certificate done: type %.40s", + key ? key_type(key) : ""); + } + } + return key; +} + + +static int +x509key_save_cert( + FILE *fp, + X509 *x509 +) { + int ret = 0; + BIO *out=NULL; + char buf[X509KEY_SUBJECT_MAXLEN]; + + out=BIO_new_fp(fp, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + + BIO_puts(out, "issuer= "); + X509_NAME_oneline(X509_get_issuer_name(x509), buf, sizeof(buf)); + BIO_puts(out, buf); + BIO_puts(out, "\n"); + + BIO_puts(out, "subject= "); + X509_NAME_oneline(X509_get_subject_name(x509), buf, sizeof(buf)); + BIO_puts(out, buf); + BIO_puts(out, "\n"); + { + unsigned char *alstr; + alstr = X509_alias_get0(x509, NULL); + if (!alstr) alstr = ""; + BIO_puts(out,alstr); + BIO_puts(out, "\n"); + } + ret = PEM_write_bio_X509(out, x509); + if (!ret) { + int ecode = ERR_get_error(); + error("x509key_save_cert: PEM_write_bio_X509 fail %.200s", ERR_error_string(ecode, NULL)); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + } + + BIO_free_all(out); + return ret; +} + + +int +x509key_save_pem( + FILE *fp, + Key *key, + const EVP_CIPHER *cipher, + u_char *passphrase, + int len +) { + if (!x509key_check("x509key_save_pem", key)) + return 0; + + switch (key->type) { + case KEY_X509_DSA: + if(PEM_write_DSAPrivateKey(fp, key->dsa, cipher, passphrase, len, NULL, NULL)) + return x509key_save_cert(fp, key->x509); + break; + case KEY_X509_RSA: + if(PEM_write_RSAPrivateKey(fp, key->rsa, cipher, passphrase, len, NULL, NULL)) + return x509key_save_cert(fp, key->x509); + break; + } + return 0; +} + + +static int +ssh_ASN1_OBJECT_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) { + int lmin = MIN(a->length, b->length); + + int ret = memcmp(a->data, b->data, lmin); + + return (ret == 0) + ? (b->length - a->length) + : ret; +} + + +static int +ssh_ASN1_STRING_casecmp(const ASN1_STRING *a, const ASN1_STRING *b) +{ + int lmin = MIN(M_ASN1_STRING_length(a), M_ASN1_STRING_length(b)); + + int ret = strncasecmp(M_ASN1_STRING_data(a), M_ASN1_STRING_data(b), lmin); + + return (ret != 0) + ? (M_ASN1_STRING_length(b) - M_ASN1_STRING_length(a)) + : ret; +} + + +/* from RFC2459 + (d) attribute values in PrintableString are compared after + removing leading and trailing white space and converting internal + substrings of one or more consecutive white space characters to a + single space. +*/ + +static int +ssh_ASN1_PRINTABLESTRING_casecmp(const ASN1_STRING *a, const ASN1_STRING *b) +{ + int la = M_ASN1_STRING_length(a); + u_char *pa = M_ASN1_STRING_data(a); + int lb = M_ASN1_STRING_length(b); + u_char *pb = M_ASN1_STRING_data(b); + + /* skip leading spaces */ + for (; la > 0 && isspace(*pa); la--, pa++); + for (; lb > 0 && isspace(*pb); lb--, pb++); + + /* skip trailing spaces */ + { + u_char *p; + for (p = pa + la - 1; la > 0 && isspace(*p); la--, p--); + for (p = pb + lb - 1; lb > 0 && isspace(*p); lb--, p--); + } + + while (la > 0 && lb > 0) + { + int chA = tolower(*pa); + int chB = tolower(*pb); + + if (chA != chB) + return (chB - chA); + + pa++; pb++; + la--; lb--; + if (isspace(chA)) { + for (; la > 0 && isspace(*pa); la--, pa++); + for (; lb > 0 && isspace(*pb); lb--, pb++); + } + } + return (lb - la); +} + + +/* +1.) + Since version 0.9.7.beta4 and 0.9.6h OpenSSL function X509_NAME_cmp + is more restrictive but more correct (!). + Problem is that some x509 implementation set X509_NAME entry + incorrectly to "Printable String" :-[ . + O.K. when one entry is "Printable String" we will compare + to corresponding entry as "Printable String". +2.) + OpenSSL functions X509_NAME_cmp check nids order in X509_NAME. + i.e. X509_NAME{"/C=XX/O=YY"} is not equal to X509_NAME{"/O=YY/C=XX"} +*/ +static int +ssh_X509_NAME_cmp(X509_NAME *_a, X509_NAME *_b) { + int k, n; + X509_NAME *b; + + + k = sk_X509_NAME_ENTRY_num(_a->entries); + n = sk_X509_NAME_ENTRY_num(_b->entries); + + if (k != n) + return (n - k); + + b = X509_NAME_dup(_b); + n = 0; + for (--k; k >= 0; k--) { + X509_NAME_ENTRY *neA; + ASN1_STRING *nvA; + int nid; + X509_NAME_ENTRY *neB; + ASN1_STRING *nvB; + int loc; + + neA = sk_X509_NAME_ENTRY_value(_a->entries, k); + nvA = neA->value; + nid = OBJ_obj2nid(neA->object); + loc = X509_NAME_get_index_by_NID(b, nid, -1); + if (loc < 0) { + char buf1[X509KEY_SUBJECT_MAXLEN]; + char buf2[X509KEY_SUBJECT_MAXLEN]; + + X509_NAME_oneline(_a, buf1, sizeof(buf1)); + X509_NAME_oneline(_b, buf2, sizeof(buf2)); + debug3("ssh_X509_NAME_cmp: insufficient entries with nid=%d(%.40s) in second name." + " na=%.*s, nb=%.*s", + nid, OBJ_nid2ln(nid), + (int) sizeof(buf1), buf1, + (int) sizeof(buf1), buf2); + n = -1; + break; + } +trynextentry: + neB = sk_X509_NAME_ENTRY_value(b->entries, loc); + nvB = neB->value; +#ifdef SSHX509TEST +{ + int la = M_ASN1_STRING_length(nvA); + u_char *pa = M_ASN1_STRING_data (nvA); + int lb = M_ASN1_STRING_length(nvB); + u_char *pb = M_ASN1_STRING_data (nvB); + + log("nvA='%*s', nvB='%*s'", la, pa, lb, pb); +} +#endif + + if (nid == NID_pkcs9_emailAddress) { + int tag; + + tag = M_ASN1_STRING_type(nvA); + if (tag != V_ASN1_IA5STRING) { + /* to be strict and return nonzero or ... ? XXX + n = -1; + break; + */ + error("ssh_X509_NAME_cmp: incorrect type for emailAddress(a) %d(%.30s)", tag, ASN1_tag2str(tag)); + } + + tag = M_ASN1_STRING_type(nvB); + if (tag != V_ASN1_IA5STRING) { + /* to be strict and return nonzero or ... ? XXX + n = 1; + break; + */ + error("ssh_X509_NAME_cmp: incorrect type for emailAddress(b) %d(%.30s)", tag, ASN1_tag2str(tag)); + } + + n = ssh_ASN1_STRING_casecmp(nvA, nvB); + if (n == 0) goto entryisok; + + goto getnextentry; + } + if ((M_ASN1_STRING_type(nvA) == V_ASN1_PRINTABLESTRING) || + (M_ASN1_STRING_type(nvB) == V_ASN1_PRINTABLESTRING) ) { + int tag; + + tag = M_ASN1_STRING_type(nvA); + if (tag != V_ASN1_PRINTABLESTRING) + debug("ssh_X509_NAME_cmp: X509_NAME_ENTRY(a)->type=%d(%.30s) is not PrintableString", tag, ASN1_tag2str(tag)); + + tag = M_ASN1_STRING_type(nvB); + if (tag != V_ASN1_PRINTABLESTRING) + debug("ssh_X509_NAME_cmp: X509_NAME_ENTRY(b)->type=%d(%.30s) is not PrintableString", tag, ASN1_tag2str(tag)); + + n = ssh_ASN1_PRINTABLESTRING_casecmp(nvA, nvB); + if (n == 0) goto entryisok; + + goto getnextentry; + } + + n = M_ASN1_STRING_length(nvA) - M_ASN1_STRING_length(nvB); + if (n != 0) goto getnextentry; + + n = M_ASN1_STRING_length(nvA); + n = memcmp(nvA->data, nvB->data, n); + if (n != 0) goto getnextentry; + + /* openssl check object too */ + n = ssh_ASN1_OBJECT_cmp(neA->object, neB->object); + if (n != 0) goto getnextentry; + +entryisok: + { + X509_NAME_ENTRY *ne = X509_NAME_delete_entry(b, loc); + X509_NAME_ENTRY_free(ne); + } + continue; +getnextentry: + loc = X509_NAME_get_index_by_NID(b, nid, loc); + if (loc < 0) { + break; + } + goto trynextentry; + } + + X509_NAME_free(b); + return n; +} + +/* we can check only by Subject (Distinguished Name): + - sshd receive from client only x509 certificate !!! + - sshadd -d ... send only x509 certificate !!! + - otherwise Key might contain private key +*/ +int +ssh_x509_equal(Key *a, Key *b) { + if (!x509key_check("ssh_x509_equal", a)) + return 1; + if (!x509key_check("ssh_x509_equal", b)) + return -1; + +#if 1 +/* We must use own method to compare two X509_NAMEs + instead of OpenSSL function[s] ! See notes before + body of "ssh_X509_NAME_cmp()" . +*/ + { + X509_NAME *nameA = X509_get_subject_name(a->x509); + X509_NAME *nameB = X509_get_subject_name(b->x509); + return ssh_X509_NAME_cmp(nameA, nameB); + } +#else + return X509_subject_name_cmp(a->x509, b->x509); +#endif +} + + +int +ssh_x509_sign( + Key * key, + u_char **psignature, u_int *psignaturelen, + u_char *data, u_int datalen +) { + int ret = -1; + u_char sigret[256]; + u_int siglen; + + if (!x509key_check("ssh_x509_sign", key)) + return ret; + if((key->rsa == NULL) && (key->dsa == NULL)) { + error("ssh_x509_sign: missing private key"); + return ret; + } + + debug3("ssh_x509_sign: key_type=%.20s, key_ssh_name=%.40s", key_type(key), key_ssh_name(key)); + ret = 1; + { + EVP_PKEY* privkey = NULL; + + privkey = EVP_PKEY_new(); + if (!privkey) { + error("ssh_x509_sign: out of memory"); + ret = -1; + } + else { + ret = (key->rsa) + ? EVP_PKEY_set1_RSA(privkey, key->rsa) + : EVP_PKEY_set1_DSA(privkey, key->dsa); + + if (ret <= 0) { + int ecode = ERR_get_error(); + error("ssh_x509_sign: EVP_PKEY_set1_XXX: failed %.200s", ERR_error_string(ecode, NULL)); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + } + } + + if (ret > 0) { + EVP_MD_CTX ctx; + const EVP_MD *evp_md = (key->rsa) ? EVP_md5() : EVP_dss1(); + debug3("ssh_x509_sign: evp_md { %d, %d, %d, ... }", evp_md->type, evp_md->pkey_type, evp_md->md_size); + + EVP_SignInit(&ctx,evp_md); + EVP_SignUpdate(&ctx,data,datalen); + + if (ret > 0) { + ret = EVP_SignFinal(&ctx,sigret,&siglen,privkey); + if (ret <= 0) { + int ecode = ERR_get_error(); + error("ssh_x509_sign: digest failed: %.200s", ERR_error_string(ecode, NULL)); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + } + } + } + EVP_PKEY_free(privkey); + } + if (ret > 0) { + Buffer b; + + buffer_init(&b); + buffer_put_cstring(&b, key_ssh_name(key)); + buffer_put_string(&b, sigret, siglen); + + { + u_int len = buffer_len(&b); + if (psignaturelen != NULL) + *psignaturelen = len; + + if (psignature != NULL) { + *psignature = xmalloc(len); + memcpy(*psignature, buffer_ptr(&b), len); + } + } + buffer_free(&b); + } + ret = ret > 0 ? 0 : -1; + debug3("ssh_x509_sign: return %d", ret); + return ret; +} + + +int ssh_x509_verify( + Key *key, + u_char *signature, u_int signaturelen, + u_char *data, u_int datalen) +{ + int ret = -1; + u_char *sigblob = NULL; + uint len = 0; + + if (!x509key_check("ssh_x509_verify", key)) + return ret; + + { /* get signature data only */ + Buffer b; + buffer_init(&b); + buffer_append(&b, signature, signaturelen); + + { /* check signature key type */ + char *ktype = buffer_get_string(&b, NULL); + debug3("ssh_x509_verify: signature key type = %.40s", ktype ); + ret = strcmp("x509v3-sign-rsa", ktype) == 0 || + strcmp("x509v3-sign-dss", ktype) == 0; + if (!ret) { + error("ssh_x509_verify: cannot handle signature key type %.40s", ktype); + } + xfree(ktype); + } + + if (ret > 0) { + sigblob = buffer_get_string(&b, &len); + } + + if (ret > 0) { + int rlen = buffer_len(&b); + if (rlen != 0) { + error("ssh_x509_verify: remaining bytes in signature %d", rlen); + ret = -1; + } + } + buffer_free(&b); + } + + if (ret > 0 ) { + EVP_PKEY* pubkey; + + pubkey = X509_get_pubkey(key->x509); + if (!pubkey) { + error("ssh_x509_verify: no 'X509 Public Key'"); + ret = -1; + } + + if (ret > 0) { + EVP_MD_CTX ctx; + const EVP_MD *evp_md = (key->rsa) ? EVP_md5() : EVP_dss1(); + debug3("ssh_x509_verify: evp_md { %d, %d, %d, ... }", evp_md->type, evp_md->pkey_type, evp_md->md_size); + + EVP_VerifyInit(&ctx,evp_md); + EVP_VerifyUpdate(&ctx,data,datalen); + ret = EVP_VerifyFinal(&ctx,sigblob,len,pubkey); + if (ret <= 0) { + int ecode = ERR_get_error(); + error("ssh_x509_verify: verify failed: %.200s", ERR_error_string(ecode, NULL)); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + ret = 0; + } + } + } + if (ret > 0) { + ret = ssh_x509store_check(key->x509); + } + if (sigblob) { + memset(sigblob, 's', len); + xfree(sigblob); + } + ret = ret > 0 ? 1 : (ret < 0 ? -1 : 0); + debug3("ssh_x509_verify return %d", ret); + return ret; +} + + +u_int +ssh_x509_key_size(Key *key) { + EVP_PKEY *pkey=NULL; + int k = 0; + + if (!x509key_check("key_size", key)) + return 0; + + pkey=X509_get_pubkey(key->x509); + if (pkey != NULL) { + if (pkey->type == EVP_PKEY_RSA) + { + /* BN_num_bits return int (!): XXX */ + k = BN_num_bits(pkey->pkey.rsa->n); + } + if (pkey->type == EVP_PKEY_DSA) + { + /*OpenSSH like this*/ + k = BN_num_bits(pkey->pkey.dsa->p); + } + } + EVP_PKEY_free(pkey); + return (u_int) k; +} + + +#ifdef SSHX509TEST + +#ifdef HAVE___PROGNAME +extern char *__progname; +#else +char *__progname; +#endif + + +#define DATA "test_certificate" +#define DATA2 "Test_Certificate" + +int +main (int argc, char *argv[]) { + X509_NAME* name; + + __progname = get_progname(argv[0]); + log_init(__progname, SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 1); + + name = X509_NAME_new(); + X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, DATA, -1, -1, 0); + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "CN", V_ASN1_PRINTABLESTRING, DATA, -1, -1, 0); + fprintf(stderr, "A1.1:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "CN", V_ASN1_PRINTABLESTRING, " " DATA " ", -1, -1, 0); + fprintf(stderr, "A1.2:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "CN", V_ASN1_PRINTABLESTRING, " " DATA2 " ", -1, -1, 0); + fprintf(stderr, "A1.3:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "OU", V_ASN1_PRINTABLESTRING, " " DATA2 " ", -1, -1, 0); + fprintf(stderr, "A1.4:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "CN", MBSTRING_ASC, " " DATA2 " ", -1, -1, 0); + fprintf(stderr, "A1.5:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + X509_NAME_free(name); + + + name = X509_NAME_new(); + X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_ASC, DATA, -1, -1, 0); + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "emailAddress", V_ASN1_TELETEXSTRING, DATA2, -1, -1, 0); + fprintf(stderr, "A2.1:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "emailAddress", V_ASN1_IA5STRING, DATA2, -1, -1, 0); + fprintf(stderr, "A2.2:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + X509_NAME_free(name); + + name = X509_NAME_new(); + X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_ASC, DATA "-e", -1, -1, 0); + X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, DATA "-cn", -1, -1, 0); + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "CN", V_ASN1_PRINTABLESTRING, " " DATA2 "-cn ", -1, -1, 0); + X509_NAME_add_entry_by_txt(x, "emailAddress", V_ASN1_IA5STRING, DATA2 "-e", -1, -1, 0); + fprintf(stderr, "A3 :ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + X509_NAME_free(name); + + name = X509_NAME_new(); + X509_NAME_add_entry_by_txt(name, "OU", MBSTRING_ASC, DATA "1", -1, -1, 0); + X509_NAME_add_entry_by_txt(name, "OU", MBSTRING_ASC, DATA "2", -1, -1, 0); + X509_NAME_add_entry_by_txt(name, "OU", MBSTRING_ASC, DATA "3", -1, -1, 0); + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "OU", MBSTRING_ASC, DATA "1", -1, -1, 0); + X509_NAME_add_entry_by_txt(x, "OU", MBSTRING_ASC, DATA "3", -1, -1, 0); + X509_NAME_add_entry_by_txt(x, "OU", MBSTRING_ASC, DATA "2", -1, -1, 0); + fprintf(stderr, "A4.1:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "OU", MBSTRING_ASC, DATA "2", -1, -1, 0); + X509_NAME_add_entry_by_txt(x, "OU", MBSTRING_ASC, DATA "1", -1, -1, 0); + X509_NAME_add_entry_by_txt(x, "OU", MBSTRING_ASC, DATA "2", -1, -1, 0); + fprintf(stderr, "A4.2:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + { + X509_NAME* x = X509_NAME_new(); + X509_NAME_add_entry_by_txt(x, "OU", MBSTRING_ASC, DATA "2", -1, -1, 0); + X509_NAME_add_entry_by_txt(x, "O" , MBSTRING_ASC, DATA "2", -1, -1, 0); + X509_NAME_add_entry_by_txt(x, "OU", MBSTRING_ASC, DATA "3", -1, -1, 0); + fprintf(stderr, "A4.3:ssh_X509_NAME_cmp return %d\n", ssh_X509_NAME_cmp(name, x)); + X509_NAME_free(x); + } + X509_NAME_free(name); + + exit(0); + return 0; +} +#endif diff -ruN openssh-3.6.1p1/ssh-x509.h openssh-3.6.1p1+x509g/ssh-x509.h --- openssh-3.6.1p1/ssh-x509.h 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/ssh-x509.h 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,59 @@ +#ifndef SSH_X509_H +#define SSH_X509_H +/* + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + + +#include "key.h" +#include "buffer.h" + + /* + * This method return a key(x509) only with "Subject"("Distinguished Name") ! + */ +Key* x509key_from_subject(int _keytype, char* _cp); + + +Key* x509key_from_blob(u_char *blob, int blen); +int x509key_to_blob(Key *key, Buffer *b); + +#define X509KEY_SUBJECT_MAXLEN 512 +char* x509key_subject(Key *key); + + /* write x509 certificate as blob */ +int x509key_write(Key *key, FILE *f); + /* write x509 certificate subject */ +int x509key_write_subject(Key *key, FILE *f); + +Key* x509key_load_cert(Key *key, FILE *fp); + +int x509key_save_pem(FILE *fp, Key *key, const EVP_CIPHER *cipher, u_char *passphrase, int len); + + +int ssh_x509_equal(Key *a, Key *b); +int ssh_x509_sign(Key *, u_char **, u_int *, u_char *, u_int); +int ssh_x509_verify(Key *key, u_char *signature, u_int signaturelen, u_char *data, u_int datalen); +u_int ssh_x509_key_size(Key *key); + + +#endif /* SSH_X509_H */ diff -ruN openssh-3.6.1p1/tests/CA/1-cre_cadb.sh openssh-3.6.1p1+x509g/tests/CA/1-cre_cadb.sh --- openssh-3.6.1p1/tests/CA/1-cre_cadb.sh 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/1-cre_cadb.sh 2003-02-01 09:06:00.000000000 +0200 @@ -0,0 +1,227 @@ +#!/bin/sh +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Create a new certificate authority config and database. +# + +CWD=`pwd` +SCRIPTDIR=`echo $0 | sed 's/1-cre_cadb.sh$//'` +. "${SCRIPTDIR}functions" +. "${SCRIPTDIR}config" + + +# === +echo_CA_common_options () { + local type="$1" + +cat < "$1" +[ ca ] +default_ca = CA_OpenSSH_rsa_md5 + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ req ] +default_bits = 1024 +distinguished_name = req_distinguished_name +attributes = req_attributes +#prompt = no + +# The extensions to add to a certificate request: +#???req_extensions = usr_cert + + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = $SSH_DN_C +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = $SSH_DN_ST + +localityName = Locality Name (eg, city) + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = $SSH_DN_O + +0.organizationalUnitName = Organizational Unit1 Name (eg, section1) +0.organizationalUnitName_default = ${SSH_DN_OU}-1 + +1.organizationalUnitName = Organizational Unit2 Name (eg, section2) +1.organizationalUnitName_default = ${SSH_DN_OU}-2 + +2.organizationalUnitName = Organizational Unit3 Name (eg, section3) +2.organizationalUnitName_default = ${SSH_DN_OU}-3 + +commonName = Common Name (eg, YOUR name) +commonName_min = 2 +commonName_max = 64 + +emailAddress = Email Address (optional) +emailAddress_max = 40 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +[ usr_cert ] +# These extensions are added when 'ca' signs a request. +basicConstraints=CA:FALSE +nsCertType = client, email + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Client Test Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer:always + +[ srv_cert ] +# These extensions are added when 'ca' signs a request. +basicConstraints = CA:FALSE + +# To test OpenSSH hostbased authentication we need +# following certificate purposes: +nsCertType = server,client +# Normal for server certificate is: +#nsCertType = server +# but in last case me must disable check of certificate purposes +# in sshd_config otherwise hostbased fail. + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Server Test Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer:always + +EOF + + +for DIGEST in ${RSA_DIGEST_LIST}; do +( cat << EOF + + +[ CA_OpenSSH_rsa_${DIGEST} ] +EOF + echo_CA_common_options "rsa_${DIGEST}" + cat << EOF +# which md to use: +default_md = ${DIGEST} + +# The private key (!) +private_key = "${SSH_CAKEYDIR}/${RSA_BASENAME}.key" + +#The CA certificate (!) +certificate = "${SSH_CACERTDIR}/${RSA_BASENAME}_${DIGEST}.crt.pem" +EOF +) >> "$1" +done + +( cat << EOF + + +[ CA_OpenSSH_dsa ] +EOF + echo_CA_common_options "dsa" + cat << EOF +# which md to use: +default_md = sha1 + +# The private key (!) +private_key = "${SSH_CAKEYDIR}/${DSA_BASENAME}.key" + +#The CA certificate (!) +certificate = "${SSH_CACERTDIR}/${DSA_BASENAME}.crt.pem" +EOF +) >> "$1" +} + + +# === +cre_db () { + local var="${SSH_CAROOT}" + if test ! -d "$var"; then + mkdir -p "$var" || return $? + else + count=`getNextDirName "${var}"` || return $? + if test -d "${var}"; then + printf '%s' "saving old directoty as ${attn}${var}.${warn}${count}${norm} ... " + mv "${var}" "${var}.${count}"; show_status $? || return $? + fi + fi + mkdir -p "$var" && + mkdir "$var/crt" && + mkdir "$var/crl" && + for DIGEST in ${RSA_DIGEST_LIST}; do + cp /dev/null "$var/index-rsa_${DIGEST}.txt" + done && + cp /dev/null "$var/index-dsa.txt" && + mkdir "$var/newcerts" && + echo '01' > "$var/serial" +} + + +# === +cre_config "${TMPDIR}/${CACONFIG}" && +cre_db && +update_file "${TMPDIR}/${CACONFIG}" "${SSH_CACFGFILE}"; status=$? + + +show_status $status "${extd}Creating a new ${warn}TEST${norm} ${attn}Certificate Authority Database${norm} ..." +exit $status + diff -ruN openssh-3.6.1p1/tests/CA/2-cre_cakeys.sh openssh-3.6.1p1+x509g/tests/CA/2-cre_cakeys.sh --- openssh-3.6.1p1/tests/CA/2-cre_cakeys.sh 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/2-cre_cakeys.sh 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,236 @@ +#!/bin/sh +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Create "Test Certificate Authority" private keys and certificates. +# + +CWD=`pwd` +SCRIPTDIR=`echo $0 | sed 's/2-cre_cakeys.sh$//'` +. "${SCRIPTDIR}functions" +. "${SCRIPTDIR}config" + + +# === +SSH_DN_OU="OpenSSH Test CA Root" +SSH_DN_CN_BASE="OpenSSH Test CA key" + + +echo_SSH_CA_DN () { +cat </dev/null + +$OPENSSL genrsa ${RSA_OPT} \ + -passout pass:${KEY_PASS} \ + -out "${TMPDIR}/${RSA_BASENAME}.key" 1024 \ + 2>/dev/null \ +; show_status $? "${extd}generating a new ${attn}rsa ${norm} private key for the ${warn}TEST${norm}${extd} ${attn}CA${norm} ..." \ +|| exit $? + + +for DIGEST in ${RSA_DIGEST_LIST}; do + +rm -f "${TMPDIR}/${RSA_BASENAME}_${DIGEST}.crt" 2>/dev/null + +echo_SSH_CA_DN "rsa_${DIGEST}" | +$OPENSSL req -new -x509 \ + -days $SSH_CACERTDAYS \ + -passin pass:${KEY_PASS} \ + -key "${TMPDIR}/${RSA_BASENAME}.key" \ + -${DIGEST} \ + -out "${TMPDIR}/${RSA_BASENAME}_${DIGEST}.crt" \ + 2> /dev/null \ +; show_status $? "${extd}generating the new ${warn}TEST${norm}${extd} ${attn}CA${norm}/(${DIGEST} with rsa) ..." \ +|| exit $? + +done +} + + +# === +gen_dsa () { +DSA_OPT="" +if [ -f /etc/random-seed ]; then + DSA_OPT="${DSA_OPT} -rand /etc/random-seed" +fi + +rm -f "${TMPDIR}/${DSA_BASENAME}.prm" 2>/dev/null +$OPENSSL dsaparam ${DSA_OPT} \ + -out "${TMPDIR}/${DSA_BASENAME}.prm" 1024\ + 2> /dev/null;\ +show_status $? "${extd}generating a new ${attn}DSA parameter file${norm} ..." \ +|| exit $? + +rm -f "${TMPDIR}/${DSA_BASENAME}.key" 2>/dev/null +DSA_OPT="${DSA_OPT} -des3" +$OPENSSL gendsa ${DSA_OPT} \ + -passout pass:${KEY_PASS} \ + -out "${TMPDIR}/${DSA_BASENAME}.key" \ + "${TMPDIR}/${DSA_BASENAME}.prm" \ + 2>/dev/null \ +; show_status $? "${extd}generating a new ${attn}dsa${norm} private key for the ${warn}TEST${norm}${extd} ${attn}CA${norm} ..." \ +|| exit $? + + +#request & ceritificate +rm -f "${TMPDIR}/${DSA_BASENAME}.crt" 2>/dev/null + +echo_SSH_CA_DN "dsa" | +$OPENSSL req -new -x509 \ + -days $SSH_CACERTDAYS \ + -passin pass:${KEY_PASS} \ + -key "${TMPDIR}/${DSA_BASENAME}.key" \ + -out "${TMPDIR}/${DSA_BASENAME}.crt" \ + 2> /dev/null \ +; show_status $? "${extd}generating the new ${warn}TEST${norm}${extd} ${attn}CA${norm}/(sha1 with dsa) ..." \ +|| exit $? + +} + + +# === +crt2bundle () { + val="$1" + test -z "${val}" && { echo ${warn}missing DN${norm} 1>&2; return 1; } + echo + echo ${val} + echo ${val} | sed -e 's/./=/g' + $OPENSSL x509 -inform PEM -in "${2}" -fingerprint -noout + echo PEM data: + $OPENSSL x509 -inform PEM -in "${2}" -trustout + echo Certificate Ingredients: + $OPENSSL x509 -inform PEM -in "${2}" -text -noout +} + + +# === +install () { + + for D in \ + "${SSH_CAROOT}" \ + "${SSH_CAKEYDIR}" \ + "${SSH_CACERTDIR}" \ + ;do + test ! -d "$D" && mkdir -p "${D}" + done + + update_file "${TMPDIR}/${DSA_BASENAME}.prm" "${SSH_CAROOT}/${DSA_BASENAME}.prm" \ +&& + chmod 700 "${SSH_CAKEYDIR}" \ +&& + update_file "${TMPDIR}/${RSA_BASENAME}.key" "${SSH_CAKEYDIR}/${RSA_BASENAME}.key" && + chmod 400 "${SSH_CAKEYDIR}/${RSA_BASENAME}.key" \ +&& + update_file "${TMPDIR}/${DSA_BASENAME}.key" "${SSH_CAKEYDIR}/${DSA_BASENAME}.key" && + chmod 400 "${SSH_CAKEYDIR}/${DSA_BASENAME}.key" \ +|| return 1 + + +for DIGEST in ${RSA_DIGEST_LIST}; do + update_file "${TMPDIR}/${RSA_BASENAME}_${DIGEST}.crt" "${SSH_CACERTDIR}/${RSA_BASENAME}_${DIGEST}.crt.pem" || return 1 +done + update_file "${TMPDIR}/${DSA_BASENAME}.crt" "${SSH_CACERTDIR}/${DSA_BASENAME}.crt.pem" || return 1 + + +printf '%s' "" > "${TMPDIR}/${CACERTFILE}" +for DIGEST in ${RSA_DIGEST_LIST}; do + crt2bundle "$SSH_DN_OU" "${SSH_CACERTDIR}/${RSA_BASENAME}_${DIGEST}.crt.pem" \ + >> "${TMPDIR}/${CACERTFILE}" \ + || return 1 +done + + crt2bundle "$SSH_DN_OU" "${SSH_CACERTDIR}/${DSA_BASENAME}.crt.pem" \ + >> "${TMPDIR}/${CACERTFILE}" \ + || return 1 + +update_file "${TMPDIR}/${CACERTFILE}" "${SSH_CAROOT}/${CACERTFILE}" +} + + +# === +cre_hash_link () { + local HASH + local NAME + +#option -noout problem: +#exit code from .../openssl ... -noout ... is sometime nonzero !!! +#might only by .../openssl x509 ... -noout ... exit code is zero +#sample: +#a) exit code is one - INCORRECT +# .../openssl crl -in a_crl_file -hash -noout +#b) exit code is zero - correct +# .../openssl crl -in a_crl_file -hash -out /dev/null +# +#work around might is to use -out /dev/null :-/ + HASH=`$OPENSSL x509 -in "$1" -noout -hash` + NAME=`getNextFreeName ${HASH}.` || return $? + echo "creating link ${attn}${NAME}${norm} to ${attn}$1${norm}" + ln -sf "$1" ${NAME} +} + + +cre_hashs () { +#(!) openssl script "c_rehash" is missing in some installations :-( +# c_rehash "${SSH_CACERTDIR}" +( cd "${SSH_CACERTDIR}" + for F in [0-9a-f]*.[0-9]; do + # we must use test -L, but on ?-OSes ... :-( + if test -h $F; then + rm "$F" + fi + done + + for DIGEST in ${RSA_DIGEST_LIST}; do + cre_hash_link "${RSA_BASENAME}_${DIGEST}.crt.pem" + done + cre_hash_link "${DSA_BASENAME}.crt.pem" +) + return 0; +} + + +# === + +gen_rsa && +gen_dsa && +install && +cre_hashs; status=$? + +show_status $status "${extd}Creating a new ${warn}TEST${norm} ${attn}Certificate Authority${norm} ..." +echo "${warn}password for all private keys is ${attn}${KEY_PASS}${norm}" +exit $status diff -ruN openssh-3.6.1p1/tests/CA/3-cre_certs.sh openssh-3.6.1p1+x509g/tests/CA/3-cre_certs.sh --- openssh-3.6.1p1/tests/CA/3-cre_certs.sh 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/3-cre_certs.sh 2003-02-01 09:06:00.000000000 +0200 @@ -0,0 +1,275 @@ +#!/bin/sh +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Create certificate(s). +# + +CWD=`pwd` +SCRIPTDIR=`echo $0 | sed 's/3-cre_certs.sh$//'` +. "${SCRIPTDIR}functions" +. "${SCRIPTDIR}config" + +usage () { + cat < + -f[ile] [ssh]key_file_name + -t[ype] certificate type: client or server + -n[ame] "base" common name +EOF + exit 1 +} + +test "x$TEST_SSH_SSHKEYGEN" == "x" && { echo "Please define TEST_SSH_SSHKEYGEN"; exit 1; } +test -z "$1" && usage + +while ! test -z "$1"; do + case $1 in + -f|\ + -file) + shift + if test -z "$1"; then + usage + fi + if ! test -z "${SSH_BASE_KEY}"; then + usage + fi + SSH_BASE_KEY="$1" + shift + ;; + + -t|\ + -type) + shift + if test -z "$1"; then + usage + fi + if ! test -z "$SSH_CERT_TYPE"; then + usage + fi + SSH_CERT_TYPE="$1" + shift + case $SSH_CERT_TYPE in + client) + SSH_X509V3_EXTENSIONS="usr_cert" + ;; + server) + SSH_X509V3_EXTENSIONS="srv_cert" + ;; + *) + echo "${warn}wrong type${norm}" + usage + ;; + esac + ;; + + -n|\ + -name) + shift + if test -z "$1"; then + usage + fi + if ! test -z "${SSH_BASE_DN_CN}"; then + usage + fi + SSH_BASE_DN_CN="$1" + shift + ;; + + *) + usage + ;; + esac +done + +test -z "${SSH_BASE_KEY}" && usage +test ! -r "${SSH_BASE_KEY}" && { error_file_not_readable; exit 1; } +test -z "${SSH_BASE_DN_CN}" && usage +test -z "${SSH_CERT_TYPE}" && usage + + +OPENSSH_LOG="$CWD/openssh_ca.log" +cat /dev/null > .delmy +update_file .delmy "$OPENSSH_LOG" > /dev/null || exit $? + + +# === +cre_csr () { + local type="$1" + local subtype="$2" + + echo "=== create a new CSR ===" >> "$OPENSSH_LOG" + ( cat <> "$OPENSSH_LOG" \ + ; show_status $? "creating new ${extd}CSR${norm} for ${attn}${SSH_BASE_DN_CN}(${type}${subtype})${norm} ..." || return $? + + sync + return 0 +} + + +# === +cre_crt () { + local type="$1" + local subtype="$2" + + echo "=== create a new CRT ===" >> "$OPENSSH_LOG" + $OPENSSL ca -config "${SSH_CACFGFILE}" \ + -batch \ + -in "${TMPDIR}/${SSH_X509V3_EXTENSIONS}-${type}${subtype}.csr" \ + -name "CA_OpenSSH_${type}" \ + -passin pass:$KEY_PASS \ + -out "${TMPDIR}/${SSH_X509V3_EXTENSIONS}-${type}${subtype}.crt" \ + -extensions ${SSH_X509V3_EXTENSIONS} \ + 2>> "$OPENSSH_LOG" \ + ; show_status $? "creating new ${extd}CRT${norm} for ${attn}${SSH_BASE_DN_CN}(${type}${subtype})${norm} ..." || + { status=$? + printf '%s' "${warn}" + grep 'ERROR:' "$OPENSSH_LOG" + printf '%s' "${norm}" + return $status + } + + sync + $OPENSSL verify \ + -CAfile "${SSH_CACERTDIR}/${CAKEY_PREFIX}-${type}.crt.pem" \ + "${TMPDIR}/${SSH_X509V3_EXTENSIONS}-${type}${subtype}.crt" && + rm -f "${TMPDIR}/${SSH_X509V3_EXTENSIONS}-${type}${subtype}.csr" && + update_file \ + "${TMPDIR}/${SSH_X509V3_EXTENSIONS}-${type}${subtype}.crt" \ + "${SSH_BASE_KEY}-${type}${subtype}.crt" +} + + +# === + +cre_OpenSSH_Crt () { + local type="$1" + local subtype="$2" + + printf '%s' "creating ${extd}OpenSSH certificate${norm} with signature ${attn}${type}${norm}${subtype} ..." + ( cat "${SSH_BASE_KEY}" + $OPENSSL x509 -in "${SSH_BASE_KEY}-${type}${subtype}.crt" -subject -issuer -alias + ) > "${SSH_BASE_KEY}-${type}${subtype}" && + chmod 600 "${SSH_BASE_KEY}-${type}${subtype}" \ + ; show_status $? || return $status +} + +cre_OpenSSH_PubKey () { + local type="$1" + local subtype="$2" + + printf '%s' "creating ${extd}OpenSSH public key for certificate${norm} with signature ${attn}${type}${norm}${subtype} ..." + "$TEST_SSH_SSHKEYGEN" -y -f "${SSH_BASE_KEY}-${type}${subtype}" \ + > "${SSH_BASE_KEY}-${type}${subtype}.pub" \ + ; show_status $? || return $status +} + +cre_P12_Crt () { + local type="$1" + local subtype="$2" + + printf '%s' "creating ${extd}p12 certificate${norm} with signature ${attn}${type}${norm}${subtype} ..." + $OPENSSL pkcs12 \ + -passin pass:"" \ + -passout pass:"" \ + -in "${SSH_BASE_KEY}-${type}${subtype}" \ + -out "${SSH_BASE_KEY}-${type}${subtype}".p12 \ + -export \ + ; show_status $? || return $status +} + + +revoke_crt () { + local type="$1" + local subtype="$2" + + echo "=== revoke a CRT ===" >> "$OPENSSH_LOG" + printf '%s' "revoke ${extd}certificate${norm} with signature ${attn}${type}${norm}${subtype} ..." + $OPENSSL ca -config "${SSH_CACFGFILE}" \ + -name "CA_OpenSSH_${type}" \ + -passin pass:$KEY_PASS \ + -revoke "${SSH_BASE_KEY}-${type}${subtype}" \ + 2>> "$OPENSSH_LOG" \ + ; show_status $? || return $status +} + + +# === +cre_all2 () { + local type="$1" + cre_csr "${type}" && + cre_crt "${type}" && + cre_OpenSSH_Crt "${type}" && + cre_OpenSSH_PubKey "${type}" && + cre_P12_Crt "${type}" +} + + +# === +cre_all3 () { + local type="$1" + + cre_csr "${type}" "-revoked" && + cre_crt "${type}" "-revoked" && + cre_OpenSSH_Crt "${type}" "-revoked" && + cre_OpenSSH_PubKey "${type}" "-revoked" && + cre_P12_Crt "${type}" "-revoked" && + revoke_crt "${type}" "-revoked" +} + + +# === +cre_all () { + for DIGEST in ${RSA_DIGEST_LIST}; do + cre_all2 "rsa_${DIGEST}" || return $? + done + cre_all2 dsa || return $? + +if test "$SSH_X509V3_EXTENSIONS" == "usr_cert"; then + for DIGEST in ${RSA_DIGEST_LIST}; do + cre_all3 "rsa_${DIGEST}" || return $? + done + cre_all3 dsa || return $? +fi + + return 0 +} + +# === +cre_all + +show_status $? "${extd}Creating ${warn}TEST certificates${norm} ${extd}wich common name:${norm}${attn}${SSH_BASE_DN_CN}${norm} ..." diff -ruN openssh-3.6.1p1/tests/CA/4-cre_crls.sh openssh-3.6.1p1+x509g/tests/CA/4-cre_crls.sh --- openssh-3.6.1p1/tests/CA/4-cre_crls.sh 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/4-cre_crls.sh 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,115 @@ +#!/bin/sh +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Create "Test Certificate Authority" CRLs. +# + +CWD=`pwd` +SCRIPTDIR=`echo $0 | sed 's/4-cre_crls.sh$//'` +. "${SCRIPTDIR}functions" +. "${SCRIPTDIR}config" + + +OPENSSH_LOG="$CWD/openssh_ca.log" +cat /dev/null > .delmy +update_file .delmy "$OPENSSH_LOG" > /dev/null || exit $? + + +# === +cre_crlfile() { + local type="$1" + local status=0 + +( cd "${SSH_CACRLDIR}" || exit $? + + FILE="${CAKEY_PREFIX}-${type}.crl.pem" + + printf '%s' "creating ${extd}CA CRL file${norm} for ${attn}${type}${norm} certificates..." + ${OPENSSL} ca -config "${SSH_CACFGFILE}" \ + -name "CA_OpenSSH_${type}" \ + -passin pass:$KEY_PASS \ + -gencrl \ + -out "${FILE}" \ + 2>> "$OPENSSH_LOG" \ + ; show_status $? || exit $? + + HASH=`${OPENSSL} crl -out /dev/null -in "${FILE}" -hash 2>> "$OPENSSH_LOG"` || exit $? + + NAME=`getNextFreeName "${HASH}.r"` || exit $? + + ln -s "${FILE}" "${NAME}" +) +} + + +# === +cre_crlindir () { + echo "=== create a new CRL ===" >> "$OPENSSH_LOG" + rm -f "${SSH_CACRLDIR}"/* 2>/dev/null + + for DIGEST in ${RSA_DIGEST_LIST}; do + cre_crlfile "rsa_${DIGEST}" || return $? + done + cre_crlfile "dsa" || return $? + + return 0 +} + + +# === +cre_CAcrlfile () { + local crlfile="${SSH_CAROOT}/${CACRLFILE}" + + cp /dev/null "${crlfile}" && + for DIGEST in ${RSA_DIGEST_LIST}; do + ( ${OPENSSL} crl \ + -in "${SSH_CACRLDIR}/${CAKEY_PREFIX}-rsa_${DIGEST}.crl.pem" \ + -text \ + 2>> "$OPENSSH_LOG" + echo; echo + ) >> "${crlfile}" || return $? + done + ( ${OPENSSL} crl \ + -in "${SSH_CACRLDIR}/${CAKEY_PREFIX}-dsa.crl.pem" \ + -text \ + 2>> "$OPENSSH_LOG" + echo; echo + ) >> "${crlfile}" || return $? + + return 0 +} + + +# === +cre_all () { + cre_crlindir || return $? + + printf '%s' "creating ${extd}CA CRL file${norm}..." + cre_CAcrlfile; show_status $? + +} + + +# === +cre_all; status=$? + +show_status $status "${extd}Creating ${warn}TEST${norm} ${attn}Certificate Authority${norm} CRL files ..." +exit $status diff -ruN openssh-3.6.1p1/tests/CA/config openssh-3.6.1p1+x509g/tests/CA/config --- openssh-3.6.1p1/tests/CA/config 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/config 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,145 @@ +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: OpenSSH CA configuration. +# + + +# === main variables: +# on some system (with pam?, AIX?, when port is below 1024, etc.) we +# might use sudo command to start sshd when current user isn`t root or +# to run tests as root. +# Prefered user for tests is NOT root :-) ! +SUDO= +#SUDO=sudo + + +#Old BSD shells, including the Ultrix `sh', don't accept the colon +#for any shell substitution, and complain and die. +##TMPDIR="${TMPDIR:-/tmp}" + +if test -n "$TMPDIR"; then + if test ! -d "$TMPDIR"; then + echo "error: $TMPDIR is not directory" + exit 1 + fi + if test ! -w "$TMPDIR"; then + echo "error: $TMPDIR is not writable" + exit 1 + fi +else + for D in /tmp /var/tmp /usr/tmp; do + test -d $D || continue + test -w $D || continue + TMPDIR=$D + break + done + if test -z "$TMPDIR"; then + echo "error: cannot set TMPDIR" + exit 1 + fi +fi + + +if test -z "${SSH_X509TESTS}"; then +SSH_X509TESTS="\ + blob_auth + dn_auth_file + dn_auth_path + agent + crl +" +fi + + +# === openssl: + +if test -z "${OPENSSL}"; then + OPENSSL=`which openssl 2>/dev/null` + if test -z "${OPENSSL}"; then + echo "error:cannot find openssl is your path !" 1>&2 + exit 1 + fi +fi + +printf 'OpenSSL executable version: ' +"${OPENSSL}" version || exit $? + +# These are the known patent issues with OpenSSL: +# name # expires +# mdc2: 4,908,861 13/03/2007 + +if test -z "${RSA_DIGEST_LIST}"; then + for DIGEST in md5 sha1 md2 md4 rmd160; do + if "${OPENSSL}" dgst -${DIGEST} "${OPENSSL}" >/dev/null 2>&1; then + RSA_DIGEST_LIST="${RSA_DIGEST_LIST} ${DIGEST}" + fi + done +fi +if test -z "${RSA_DIGEST_LIST}"; then + echo "RSA_DIGEST_LIST is empty" 1>&2 + exit 1 +fi +echo "RSA digest list: ${RSA_DIGEST_LIST}" + + +# === server section: + +if test -z "${SSHD_PORT}"; then + SSHD_PORT=20022 +fi + +SSHD_LISTENADDRESS=127.0.0.1 +#SSHD_LISTENADDRESS=::1 + +#"yes" or "no" +SSHSERVER_USEPRIVILEGESEPARATION="yes" + +SSHSERVER_SYSLOGFACILITY=AUTH +SSHSERVER_LOGLEVEL=INFO +#SSHSERVER_SYSLOGFACILITY=LOCAL3 +#SSHSERVER_LOGLEVEL=DEBUG3 + + +# === certificates: + +KEY_PASS="change_it" +CAKEY_PREFIX="catest" +RSA_BASENAME="${CAKEY_PREFIX}-rsa" +DSA_BASENAME="${CAKEY_PREFIX}-dsa" + +SSH_CAROOT="`pwd`/ca-test" +SSH_CAKEYDIR="${SSH_CAROOT}/keys" + +CACERTFILE="catest-bundle.crt" +CACRLFILE="catest-bundle.crl" + +SSH_CACERTDIR="${SSH_CAROOT}/crt" +SSH_CACRLDIR="${SSH_CAROOT}/crl" + +CACONFIG="catest.config" +SSH_CACFGFILE="${SSH_CAROOT}/${CACONFIG}" + +SSH_CACERTDAYS=60 + +SSH_DN_C="XX" +SSH_DN_ST="World" +SSH_DN_O="OpenSSH Test Team" +SSH_DN_OU="OpenSSH Testers" diff -ruN openssh-3.6.1p1/tests/CA/functions openssh-3.6.1p1+x509g/tests/CA/functions --- openssh-3.6.1p1/tests/CA/functions 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/functions 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,262 @@ +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Usefull functions. +# + + +# === +# +# define colors and more for echo commands +# +# \033 ascii ESCape +# \033[G move to column (linux console, xterm, not vt100) +# \033[C move columns forward but only upto last column +# \033[D move columns backward but only upto first column +# \033[A move rows up +# \033[B move rows down +# \033[1m switch bold on +# \033[31m switch red on +# \033[32m switch green on +# \033[33m switch yellow on +# \033[m switch color/bold off +# \017 exit alternate mode (xterm, vt100, linux console) +# \033[10m exit alternate mode (linux console) +# \015 carriage return (without newline) +# + +if test -z "${LINES}" -o -z "${COLUMNS}" ; then + eval `stty size 2>/dev/null | (read L C; \ + if test x${L} == x; then L=24; fi; \ + if test x${C} == x; then C=80; fi; \ + echo LINES=${L} COLUMNS=${C} )` +fi +test ${LINES} -eq 0 && LINES=24 +test ${COLUMNS} -eq 0 && COLUMNS=80 +export LINES COLUMNS + +if test "${TERM}" != "dumb" ; then + esc=`printf '\033' ""` + extd="${esc}[1m" + warn="${esc}[1;31m" + done="${esc}[1;32m" + attn="${esc}[1;34m" + norm=`printf '%s\017' "${esc}[m"` + stat=`printf '\015%s' "${esc}[${COLUMNS}C${esc}[10D"` + + msg_done="${stat}${done}done${norm}" + msg_failed="${stat}${warn}failed${norm}" + +else + esc="" + extd="" + warn="" + done="" + attn="" + norm="" + stat="" + + msg_done="..done" + msg_failed="..failed" + +fi + + +# === +error_file_not_found () { + echo "${warn}file ${attn}${1}${warn} not found${norm}" + return 1 +} + + +# === +error_file_not_readable () { + echo "${warn}file ${attn}${1}${warn} not found or not readable${norm}" + return 1 +} + + +# === +error_dir_not_found () { + echo "${warn}directory ${attn}${1}${warn} not found${norm}" + return 1 +} + + +# === +printSeparator() { + echo "=======================================================================" +} + + +# === +show_status () { + if ! test -z "$2"; then + printf '%s' "$2" + fi + if test $1 -eq 0; then + echo "$msg_done" + else + echo "$msg_failed" + fi + return $1 +} + + +# === +getNextFreeName() { + local var="$1" + local limit="$2" + + if test -z "${limit}"; then + limit=10 + fi + + local count=0 + while true; do + test ! -f "${var}${count}" && break + let count=${count}+1 + if test ${count} -ge ${limit}; then + echo "getNextFreeName: ${warn}limit reached${norm} for file ${attn}${var}${norm}" 1>&2 + + echo "" + return 33 + fi + done + + echo "${var}${count}" + return 0 +} + + +# === +getNextDirName() { + local var="$1" + local count=0 + while true; do + test ! -d "${var}.${count}" && break + let count=${count}+1 + done + if test ${count} -ge 10; then + echo "${warn}please remove ${attn}${var}${warn} backup directories !${norm}" 1>&2 + return 33 + fi + echo $count + return 0 +} + + +# === +update_file () { + local var_new="$1" + local var_old="$2" + local backup + local not_writable + + if test ! -f "${var_old}"; then + printf '%s' "creating file ${attn}${var_old}${norm} ... " + mv "${var_new}" "${var_old}"; show_status $? + return $? + fi + test -r "${var_new}" || { error_file_not_readable "${var_new}"; return 1; } + + if diff "${var_old}" "${var_new}" >/dev/null 2>&1; then + echo "no changes in ${attn}${var_old}${norm}" + rm -f "${var_new}" + return 0 + fi + + backup=`getNextFreeName "${var_old}."` || return $? + printf '%s' "saving old file as ${attn}${backup}${norm} ... " + cp -p "${var_old}" "${backup}"; show_status $? || return $? + + printf '%s' "updating file ${attn}${var_old}${norm} ... " + if test ! -w "${var_old}"; then + chmod u+w "${var_old}" + not_writable="yes" + fi + cat "${var_new}" > "${var_old}"; show_status $? || return $? + if test "$not_writable" == "yes"; then + chmod u-w "${var_old}" + fi + rm -f "${var_new}" + return 0 +} + + +# === +getSSHkeyType () { + local identity_file="$1" + if test ! -r "$identity_file"; then + error_file_not_readable "${identity_file}" 1>&2; return $? + fi + + local sshkeytype="unspec" + local status=0 + + sshkeytype=`"${TEST_SSH_SSHKEYGEN}" -f "${identity_file}" -y 2>/dev/null`; status=$? + if test $status -ne 0 ; then + echo "${warn}command${norm} ${TEST_SSH_SSHKEYGEN} ${warn}fail${norm}" 1>&2 + return $status + fi + echo "${sshkeytype}" | cut -d ' ' -f 1 + return 0 +} + + +# === +getSubject () { + local identity_file="$1" +#rest of arguments passed to openssl + + if test ! -r "$identity_file"; then + error_file_not_readable "${identity_file}" 1>&2 + return 1 + fi + shift + + local status=0 + +#bug or ?: when all is on only one line status is always zero :-/ !!! +# local subject=`"${OPENSSL}" x509 -noout -subject -in "${identity_file}" $*`; status=$? + local subject + subject=`"${OPENSSL}" x509 -noout -subject -in "${identity_file}" $* 2>/dev/null`; status=$? + if test $status -ne 0 ; then + echo "${warn}cannot get certificate subject${norm}" 1>&2 + return $status + fi + echo "$subject" | cut -d ' ' -f 2- +} + + +#=== +creX509AuthorizedKeysFile () { + local identity_file="$1" + local sshkeytype + local subject + + sshkeytype=`getSSHkeyType "${identity_file}"` || return $? + subject=`getSubject "${identity_file}"` || return $? + echo "${sshkeytype} subject ${subject}" > "${AUTHORIZEDKEYSFILE}" +} + + +# === +FUNCTIONS_INCLUDED="yes" diff -ruN openssh-3.6.1p1/tests/CA/Makefile.in openssh-3.6.1p1+x509g/tests/CA/Makefile.in --- openssh-3.6.1p1/tests/CA/Makefile.in 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/Makefile.in 2003-01-30 09:06:01.000000000 +0200 @@ -0,0 +1,70 @@ +srcdir=@srcdir@ + +all: + + +clean: + rm -f testhostkey_* testid_* + rm -fr ca-test/ + rm -f openssh_ca.log* + rm -f sshd_x509.log + +distclean: clean + rm -f Makefile + +# === + +check-certs: ca_files host_keys rsa_keys dsa_keys crl_files + @sh $(srcdir)/openssh_tests.sh + +# === +ca_files: ca-test/catest.config ca-test/catest-bundle.crt + +ca-test/catest.config: + sh $(srcdir)/1-cre_cadb.sh + +ca-test/catest-bundle.crt: + sh $(srcdir)/2-cre_cakeys.sh + + +# === +host_keys: testhostkey_rsa testhostkey_rsa-rsa_md5 testhostkey_dsa testhostkey_dsa-rsa_md5 + +testhostkey_rsa: + $(TEST_SSH_SSHKEYGEN) -t rsa -b 1024 -f $@ -N "" + +testhostkey_rsa-rsa_md5: testhostkey_rsa + sh $(srcdir)/3-cre_certs.sh -f testhostkey_rsa -t server -n "localhost RSA" + +testhostkey_dsa: + $(TEST_SSH_SSHKEYGEN) -t dsa -b 1024 -f $@ -N "" + +testhostkey_dsa-rsa_md5: testhostkey_dsa + sh $(srcdir)/3-cre_certs.sh -f testhostkey_dsa -t server -n "localhost DSA" + + +# === +rsa_keys: testid_rsa testid_rsa-rsa_md5 + +testid_rsa: + $(TEST_SSH_SSHKEYGEN) -t rsa -b 1024 -f $@ -N "" + +testid_rsa-rsa_md5: testid_rsa + sh $(srcdir)/3-cre_certs.sh -f testid_rsa -t client -n "OpenSSH RSA test certificate" + + +# === +dsa_keys: testid_dsa testid_dsa-rsa_md5 + +testid_dsa: + $(TEST_SSH_SSHKEYGEN) -t dsa -b 1024 -f $@ -N "" + +testid_dsa-rsa_md5: testid_dsa + sh $(srcdir)/3-cre_certs.sh -f testid_dsa -t client -n "OpenSSH DSA test certificate" + + +# === +crl_files: ca-test/catest-bundle.crl + +ca-test/catest-bundle.crl: + sh $(srcdir)/4-cre_crls.sh diff -ruN openssh-3.6.1p1/tests/CA/openssh_tests.sh openssh-3.6.1p1+x509g/tests/CA/openssh_tests.sh --- openssh-3.6.1p1/tests/CA/openssh_tests.sh 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/openssh_tests.sh 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,298 @@ +#!/bin/sh +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Test OpenSSH client and server with x509 certificates. +# + + +CWD=`pwd` +SCRIPTDIR=`echo $0 | sed 's/openssh_tests.sh//'` +. "${SCRIPTDIR}functions" +. "${SCRIPTDIR}config" + +test "x$TEST_SSH_SSH" == "x" && { echo "${warn}Please define ${attn}TEST_SSH_SSH${norm}" ; exit 1; } +test "x$TEST_SSH_SSHD" == "x" && { echo "${warn}Please define ${attn}TEST_SSH_SSHD${norm}" ; exit 1; } +test "x$TEST_SSH_SSHAGENT" == "x" && { echo "${warn}Please define ${attn}TEST_SSH_SSHAGENT${norm}" ; exit 1; } +test "x$TEST_SSH_SSHADD" == "x" && { echo "${warn}Please define ${attn}TEST_SSH_SSHADD${norm}" ; exit 1; } +test "x$TEST_SSH_SSHKEYGEN" == "x" && { echo "${warn}Please define ${attn}TEST_SSH_SSHKEYGEN${norm}"; exit 1; } +#TEST_SSH_SSHKEYSCAN +#TEST_SSH_SFTP +#TEST_SSH_SFTPSERVER + + +SSHD_LOG="${CWD}/sshd_x509.log" +SSHD_PID="${CWD}/.sshd_x509.pid" +SSHD_CFG="${CWD}/sshd_config-certTests" +SSH_CFG="${CWD}/ssh_config-certTests" + +SSH_ERRLOG="${CWD}/.ssh_x509.err.log" +SSH_REPLY="${CWD}/.ssh_x509.reply" +SSH_EXTRA_OPTIONS="" + + +TEST_SSH_CLIENTKEYS="\ + testid_rsa + testid_dsa +" + +#TEST_SSHD_HOSTKEY="${CWD}/testhostkey_rsa-rsa_md5" +TEST_SSHD_HOSTKEY="${CWD}/testhostkey_rsa" + + +USERDIR="${HOME}/.ssh" +if test ! -d "${USERDIR}"; then + mkdir "${USERDIR}" || exit 1 +fi +chmod 700 "${USERDIR}" || exit 1 + +AUTHORIZEDKEYSFILE="${USERDIR}/authorized_keys-certTests" +USERKNOWNHOSTSFILE="${USERDIR}/known_hosts-certTests" + + +# === +runSSHdaemon() { + echo "=======================================================================" >> "${SSHD_LOG}" + + if test -f "${SSHD_PID}"; then + echo "${warn}sshd pid file exist!${norm}" 1>&2 + fi + + #NOTES: + #- without -d option sshd run in daemon mode and this command always return 0 !!! + #- bug or ?: with option -e no log to stderr in daemon mode + $SUDO "$TEST_SSH_SSHD" -f "${SSHD_CFG}" \ + -o PidFile="${SSHD_PID}" \ + -o SyslogFacility="${SSHSERVER_SYSLOGFACILITY}" \ + -o LogLevel="${SSHSERVER_LOGLEVEL}" \ + >> "${SSHD_LOG}" 2>&1 + + sleep 3 + if test ! -f "${SSHD_PID}"; then + printf "${warn}cannot start sshd:${norm} " 1>&2 + error_file_not_readable "${SSHD_PID}" + return 33 + fi +} + + +# === +killSSHdaemon() { + $SUDO kill `cat "${SSHD_PID}" 2>/dev/null` > /dev/null 2>&1 + let K=0 + while test $K -le 9; do + if test ! -f "${SSHD_PID}"; then + break + fi + sleep 1 + let K=$K+1 + done + rm -f "${SSHD_CFG}" + if test -f "${SSHD_PID}"; then + $SUDO kill -9 `cat "${SSHD_PID}" 2>/dev/null` > /dev/null 2>&1 + sleep 1 + $SUDO rm -f "${SSHD_PID}" > /dev/null 2>&1 + return 0 + fi + return 0 +} + + +# === +testEND() { + ( echo + echo "*=- The END -=*" + ) >> "${SSHD_LOG}" + + rm -f "${SSH_ERRLOG}" + rm -f "${SSH_REPLY}" + rm -f "${AUTHORIZEDKEYSFILE}" + rm -f "${USERKNOWNHOSTSFILE}" + rm -f "${SSH_CFG}" +} + +testBREAK() { + ( echo + echo "*=- BREAK -=*" + ) >> "${SSHD_LOG}" + killSSHdaemon +} + +trap testBREAK INT QUIT ABRT KILL TERM || exit 1 +trap testEND EXIT || exit 1 + + +# === +creTestSSHDcfgFile() { + cat > "${SSHD_CFG}" < "${SSH_CFG}" < "${SSH_ERRLOG}" > "${SSH_REPLY}" +} + + +runTest () { + local type="$1" + local identity_file="$2" + local info="$3" + local must_fail="$4" + local msg="OpenSSH Certificate TeSt-${type}" + local status=0 + + case $must_fail in + Y|y|Yes|yes|YES|1) + must_fail=1;; + *) + must_fail=0;; + esac + + printf '%s' " * ${extd}${type}${norm} ${info}" + run_ssh "${identity_file}" "${msg}"; status=$? + + if test "x$must_fail" = "x1"; then + if test $status -ne 0; then + status=0 + else + status=1 + fi + fi + + show_status $status + if test $status -ne 0; then + printf '%s' "${warn}" + cat "${SSH_ERRLOG}"; printf '%s' "${norm}" + else + if test "x$must_fail" = "x1"; then + if ! fgrep 'Permission denied (publickey)' "${SSH_ERRLOG}" > /dev/null; then + status=33 + printf '%s' "${warn}" + else + printf '%s' "${done}" + fi + cat "${SSH_ERRLOG}"; printf '%s' "${norm}" + else + if ! fgrep "$msg" "${SSH_REPLY}" > /dev/null; then + status=33 + printf '%s' "${warn}" + cat "${SSH_REPLY}"; printf '%s' "${norm}" + fi + fi + fi + + return $status +} + + +# === +do_all () { + printf '%s' "" > "${AUTHORIZEDKEYSFILE}" + chmod 644 "${AUTHORIZEDKEYSFILE}" || return $? + + printf '%s' "" > "${SSHD_LOG}" + if test ! -f "${TEST_SSHD_HOSTKEY}"; then + "$TEST_SSH_SSHKEYGEN" -t rsa -f "${TEST_SSHD_HOSTKEY}" -N "" + fi + if test ! -f "${TEST_SSHD_HOSTKEY}.pub"; then + echo "${warn}Public host file ${attn}${TEST_SSHD_HOSTKEY}.pub${warn} not found !${norm}" + return 3 + fi + ( printf '%s' "${SSHD_LISTENADDRESS} " + cat "${TEST_SSHD_HOSTKEY}.pub" + ) > "${USERKNOWNHOSTSFILE}" + chmod 644 "${USERKNOWNHOSTSFILE}" || return $? + + # call the test scripts + for LTEST in ${SSH_X509TESTS}; do + ( + . ${SCRIPTDIR}test-${LTEST}.sh.inc && + do_test + ) || return $? + done + + printSeparator + return 0 +} + + +# === +echo +echo "${extd}Testing OpenSSH client with certificates:${norm}" +printSeparator + +do_all; status=$? + +echo +echo "${extd}Testing OpenSSH client with certificates finished.${norm}" +show_status $status " ${extd}status${norm}:" +echo + +exit $status diff -ruN openssh-3.6.1p1/tests/CA/test-agent.sh.inc openssh-3.6.1p1+x509g/tests/CA/test-agent.sh.inc --- openssh-3.6.1p1/tests/CA/test-agent.sh.inc 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/test-agent.sh.inc 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,139 @@ +# +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Test OpenSSH client authentication: +# - add a key to agent; +# - list agent keys; +# - try to connect with key from agent; +# - remove the key from agent. + + +testAgent () { + local type="$1" + local identity_file="${SSH_CLIENTKEY}-${type}" + if test ! -r "${identity_file}"; then + error_file_not_readable "${identity_file}"; return $? + fi + + local sshkeytype + local subject + + sshkeytype=`getSSHkeyType "${identity_file}"` || return $? + subject=`getSubject "${identity_file}"` || return $? + + echo "${sshkeytype} Subject: ${subject}" > "${AUTHORIZEDKEYSFILE}" + +( +killAgent () { + "${TEST_SSH_SSHAGENT}" -k > /dev/null + sleep 1 + exit $1 +} + +checkEmptyListResponse () { + case $1 in + 1) return 0;; + 0) killAgent 99;; + *) killAgent $1;; + esac + return 33 +} + +showAgentMsg() { + show_status $1 "$2" + if test $1 -ne 0; then + printf '%s' "${warn}" + cat "${SSH_ERRLOG}" + printf '%s' "${norm}" + if test $1 -ne 2; then + killAgent $1 + fi + exit $1 + fi + + if test "x$3" != "x"; then + printf '%s' "${done}" + cat "$3" + printf '%s' "${norm}" + fi + return 0 +} + + eval `"${TEST_SSH_SSHAGENT}"` > /dev/null + + "${TEST_SSH_SSHADD}" -L >/dev/null; checkEmptyListResponse $? + + "${TEST_SSH_SSHADD}" "${identity_file}" 2> "${SSH_ERRLOG}" > "${SSH_REPLY}"; \ + showAgentMsg $? " add identity ${extd}${SSH_CLIENTKEY}-${attn}${type}${norm} to agent ..." + + "${TEST_SSH_SSHADD}" -L 2> "${SSH_ERRLOG}" > "${SSH_REPLY}"; \ + status=$? + if test $status -ne 0; then + showAgentMsg ${status} + else + printf " ${done}-${norm} " + cat "${SSH_REPLY}" + fi + + runTest "${type}" \ + "use-only-key-from-agent" \ + "key from agent ..." || + killAgent $? + + "${TEST_SSH_SSHADD}" -d "${identity_file}".pub \ + 2> "${SSH_ERRLOG}" > "${SSH_REPLY}"; \ + showAgentMsg $? " remove identity ${extd}${SSH_CLIENTKEY}-${attn}${type}${norm} from agent ..." + + "${TEST_SSH_SSHADD}" -L > /dev/null; checkEmptyListResponse $? + + killAgent 0 +) || return $? + +} + +# === + +do_test () { + local status=0 + echo + echo "* ${extd}against ${attn}CACertificateFile${norm} and x509 key from ${attn}agent${norm}:" + + creTestSSHDcfgFile + cat >> "$SSHD_CFG" </dev/null > "${AUTHORIZEDKEYSFILE}" || return $? + runTest "${type}" "${identity_file}"\ + "${extd}valid${norm} blob" || return $? + + local blob + blob=`cat "${AUTHORIZEDKEYSFILE}"` + echo $blob | cut -c 1-50 > "${AUTHORIZEDKEYSFILE}" + runTest "${type}" "${identity_file}"\ + "${warn}invalid${norm} blob" "Yes" || return $? + + return 0 +} + + +# === + +do_test () { + local status=0 + echo + echo "* ${extd}against ${attn}CACertificateFile${norm} and autorization by x509 ${attn}blob${norm}:" + + creTestSSHDcfgFile + cat >> "$SSHD_CFG" <> "$SSHD_CFG" <> "$SSHD_CFG" <> "$SSHD_CFG" < /dev/null + local FILE="${SSH_CACRLDIR}/${CAKEY_PREFIX}-${crltype}.crl.pem" + local HASH + HASH=`${OPENSSL} crl -out /dev/null -in "${FILE}" -hash`; status=$? + if test $status -eq 0; then + hashfile="${CRL_TEST_DIR}/${HASH}.r0" + ln -s "${FILE}" "${hashfile}"; status=$? + fi + #printf "${norm}" + show_status $status || return $? + + if test $status -eq 0; then + ( + for DIGEST in ${RSA_DIGEST_LIST}; do + test_crlbytype0 "${crltype}" "rsa_${DIGEST}" || exit $? + done + test_crlbytype0 "${crltype}" "dsa" || exit $? + ); status=$? + fi + + if test $status -eq 0; then + rm -f "${hashfile}"; status=$? + else + rm -f "${hashfile}" + fi + return $status +} + + +#=== +test_onlyonecrl () { + local status=0 + local CRL_TEST_DIR="${SSH_CAROOT}/crl-test" + + printSeparator + echo "Begin test ${extd}with only ${attn}one CRL file${norm} in ${attn}CARevocationPath${norm}..." + + mkdir -p "${CRL_TEST_DIR}" || return $? + + creTestSSHDcfgFile + cat >> "$SSHD_CFG" < /dev/null + if test $status -eq 0; then + rmdir "${CRL_TEST_DIR}"; status=$? + else + rmdir "${CRL_TEST_DIR}" + fi + return $status +} + + +#=== +do_test () { + + echo + echo "* ${extd}against ${attn}CA CRL${norm} file and/or hash-dir:" + + test_nocrl && + test_crlfile && + test_crldir && + test_onlyonecrl + + return $? +} diff -ruN openssh-3.6.1p1/tests/CA/test-dn_auth_file.sh.inc openssh-3.6.1p1+x509g/tests/CA/test-dn_auth_file.sh.inc --- openssh-3.6.1p1/tests/CA/test-dn_auth_file.sh.inc 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/test-dn_auth_file.sh.inc 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,111 @@ +# +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Test OpenSSH client authentication: +# - "IdentityFile" contain private key and x509 certificate; +# - "AuthorizedKeysFile" contain certificate "Distinguished Name"/ +# "Subject" in varios formats. +# + + +testDNautorizations1 () { + local type="$1" + local identity_file="${SSH_CLIENTKEY}-${type}" + if test ! -r "$identity_file"; then + error_file_not_readable "${identity_file}"; return $? + fi + + local sshkeytype + local subject + + sshkeytype=`getSSHkeyType "${identity_file}"` || return $? + subject=`getSubject "${identity_file}"` || return $? + + for subtype in\ + "Subject:" \ + "SuBjecT=" \ + "sUbjecT" \ + "diStinguished name:" \ + "distiNguished-nAme:" \ + "distinguiShed_naMe:" \ + "disTinguishednamE:" \ + "dN:" \ + ; do + echo "${sshkeytype} ${subtype} ${subject}" > "${AUTHORIZEDKEYSFILE}" + runTest "${type} ${subtype}" "${identity_file}" "" || return $? + done + + subtype="subject" + subject=`getSubject "${identity_file}" -nameopt RFC2253` || return $? + echo "${sshkeytype} ${subtype} ${subject}" > "${AUTHORIZEDKEYSFILE}" + runTest "${type} ${subtype} in ${attn}RFC2253${norm} format" "${identity_file}" "" || return $? + + echo "${sshkeytype} ${subtype} ${subject}" | sed -e 's/,/\//'> "${AUTHORIZEDKEYSFILE}" + runTest "${type} ${subtype} and mixed tag-separator symbol" "${identity_file}" "" || return $? + + for subtype in\ + "Invalid" \ + "Subject-" \ + ; do + echo "${sshkeytype} ${subtype} ${subject}" > "${AUTHORIZEDKEYSFILE}" + runTest "${type} ${warn}${subtype}${norm}" "${identity_file}"\ + "autorization type" "Yes" || return $? + done + + subtype="Subject" + ( printf "${sshkeytype} ${subtype}" + echo "${subject}" | cut -c -40 + ) > "${AUTHORIZEDKEYSFILE}" + runTest "${type} ${warn}invalid${norm} ${subtype}" "${identity_file}"\ + "" "Yes" || return $? + + return 0 +} + + +# === + +do_test () { + local status=0 + echo + echo "* ${extd}against ${attn}CACertificateFile${norm} and autorization by x509 ${attn}'Distinguished Name'${norm}:" + + creTestSSHDcfgFile + cat >> "$SSHD_CFG" <> "$SSHD_CFG" </dev/null + + for DIGEST in ${RSA_DIGEST_LIST}; do + if test $status -eq 0; then + type="rsa_${DIGEST}" + HASH=`$OPENSSL x509 -in "${SSH_CACERTDIR}/${CAKEY_PREFIX}-${type}.crt.pem" -noout -hash` + ( cd "${CRT_TEST_DIR}"; ln -s "${SSH_CACERTDIR}/${CAKEY_PREFIX}-${type}.crt.pem" "$HASH.0" ) + do_test_catype "${type}"; status=$? + rm -f "${CRT_TEST_DIR}/$HASH.0" + fi + done + if test $status -eq 0; then + type="dsa" + HASH=`$OPENSSL x509 -in "${SSH_CACERTDIR}/${CAKEY_PREFIX}-${type}.crt.pem" -noout -hash` + ( cd "${CRT_TEST_DIR}"; ln -s "${SSH_CACERTDIR}/${CAKEY_PREFIX}-${type}.crt.pem" "$HASH.0" ) + do_test_catype "${type}"; status=$? + rm -f "${CRT_TEST_DIR}/$HASH.0" + fi + + rmdir "${CRT_TEST_DIR}" + done + killSSHdaemon + return $status +} diff -ruN openssh-3.6.1p1/tests/CA/verify.sh openssh-3.6.1p1+x509g/tests/CA/verify.sh --- openssh-3.6.1p1/tests/CA/verify.sh 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/tests/CA/verify.sh 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,40 @@ +#!/bin/sh +# Copyright (c) 2002 Roumen Petrov, Sofia, Bulgaria +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# DESCRIPTION: Verify all testid_*.crt testhostkey_*.crt files in current +# directory agains openssh "Test CA". +# + +CWD=`pwd` +SCRIPTDIR=`echo $0 | sed 's/verify.sh//'` +. "${SCRIPTDIR}functions" +. "${SCRIPTDIR}config" + + +for VERIFY in \ + "${OPENSSL} verify -CAfile ${SSH_CAROOT}/${CACERTFILE}" \ + "${OPENSSL} verify -CApath ${SSH_CACERTDIR}" \ +; do + echo ${attn}${VERIFY} ....${norm} + for F in testid_*.crt testhostkey_*.crt; do + ${VERIFY} "$F" || exit 1 + done +done diff -ruN openssh-3.6.1p1/x509store.c openssh-3.6.1p1+x509g/x509store.c --- openssh-3.6.1p1/x509store.c 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/x509store.c 2003-01-30 09:06:01.000000000 +0200 @@ -0,0 +1,568 @@ +/* + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#include "x509store.h" +#include "log.h" +#include "xmalloc.h" +#include "openssl/e_os.h" +#include "openssl/err.h" +#include "includes.h" +#include "openssl/x509v3.h" + + +/* allowed client certificate purpose */ +static int sshpurpose_index = -1; +static X509_STORE *x509store = NULL; +#define SSH_CHECK_REVOKED + + +#ifdef SSH_CHECK_REVOKED +static X509_STORE *x509revoked = NULL; +static int ssh_x509revoked_cb(int ok, X509_STORE_CTX *ctx); + + +static char * +ssh_ASN1_INTEGER_2_string(ASN1_INTEGER *_asni) { + BIO *bio; + int k; + char *p; + + bio = BIO_new(BIO_s_mem()); + if (bio == NULL) { + fatal("ssh_ASN1_INTEGER_2_string: out of memory"); + return NULL; /* ;-) */ + } + + i2a_ASN1_INTEGER(bio, _asni); + k = BIO_pending(bio); + p = xmalloc(k + 1); + k = BIO_read(bio, p, k); + p[k] = '\0'; + BIO_free_all(bio); + + return p; +} + + +static int +ssh_x509store_lookup(X509_STORE *store, int type, X509_NAME *name, X509_OBJECT *xobj) { + X509_STORE_CTX ctx; + int ret; + + X509_STORE_CTX_init(&ctx, store, NULL, NULL); + ret = X509_STORE_get_by_subject(&ctx, type, name, xobj); + X509_STORE_CTX_cleanup(&ctx); + + return ret; +} +#endif /*def SSH_CHECK_REVOKED*/ + + +static int MS_CALLBACK +ssh_x509store_cb(int ok, X509_STORE_CTX *ctx) { + if (!ok) { + char buf[512]; + X509_NAME_oneline( X509_get_subject_name(ctx->current_cert), buf, sizeof(buf)); + error("ssh_x509store_cb: subject='%.512s', error %d at %d depth lookup:%.200s\n", + buf, + ctx->error, + ctx->error_depth, + X509_verify_cert_error_string(ctx->error)); + +#if 0 + if (ctx->error == X509_V_ERR_CERT_HAS_EXPIRED) ok=1; + /* since we are just checking the certificates, it is + * ok if they are self signed. But we should still warn + * the user. + */ + if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1; + /* Continue after extension errors too */ + if (ctx->error == X509_V_ERR_INVALID_CA) ok=1; + if (ctx->error == X509_V_ERR_PATH_LENGTH_EXCEEDED) ok=1; + if (ctx->error == X509_V_ERR_INVALID_PURPOSE) ok=1; + if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1; +#endif + } +#ifdef SSH_CHECK_REVOKED + if (ok) { + ok = ssh_x509revoked_cb(ok, ctx); + } +#endif + return(ok); +} + + +typedef struct { + const char **synonyms; +} CertPurposes; + + +static const char *__purpose_any[] = { + "any", "any purpose", "any_purpose", "anypurpose", NULL +}; + + +static const char *__purpose_sslclient[] = { + "sslclient", "ssl client", "ssl_client", "client", NULL +}; + + +static const char *__purpose_sslserver[] = { + "sslserver", "ssl server", "ssl_server", "server", NULL +}; + + +static CertPurposes +sslclient_purposes[] = { + { __purpose_sslclient }, + { __purpose_any }, + { NULL } +}; + + +static CertPurposes +sslserver_purposes [] = { + { __purpose_sslserver }, + { __purpose_any }, + { NULL } +}; + + +static const char* +get_cert_purpose (const char* _purpose_synonym, CertPurposes *_purposes) { + int i; + + for (i = 0; _purposes[i].synonyms[0]; i++) { + const char *q = _purposes[i].synonyms[0]; + if (strcasecmp(_purpose_synonym, q) == 0 ) { + return q; + } else { + const char **p; + for (p = (_purposes[i].synonyms) + 1; *p; p++) { + if (strcasecmp(_purpose_synonym, *p) == 0 ) { + return q; + } + } + } + } + return NULL; +} + + + +int +sshclient_cert_purpose (const char* _purpose_synonym) { + const char * sslpurpose = get_cert_purpose(_purpose_synonym, sslclient_purposes); + if (sslpurpose != NULL) { + int purpose_index = X509_PURPOSE_get_by_sname((char*)sslpurpose); + if (purpose_index < 0) + fatal("client:X509_PURPOSE_get_by_sname fail for argument '%.30s(%.40s)'", sslpurpose, _purpose_synonym); + return purpose_index; + } + return -1; +} + + +int +sshserver_cert_purpose (const char* _purpose_synonym) { + const char * sslpurpose = get_cert_purpose(_purpose_synonym, sslserver_purposes); + if (sslpurpose != NULL) { + int purpose_index = X509_PURPOSE_get_by_sname((char*)sslpurpose); + if (purpose_index < 0) + fatal("server:X509_PURPOSE_get_by_sname fail for argument '%.30s(%.40s)'", sslpurpose, _purpose_synonym); + return purpose_index; + } + return -1; +} + + +void +ssh_x509store_setpurpose(int _sshpurpose_index) { + sshpurpose_index = _sshpurpose_index; +} + + +static void +ssh_x509store_initcontext() { + if (x509store == NULL) { + x509store = X509_STORE_new(); + if (x509store == NULL) { + fatal ("cannot create x509store context"); + } + X509_STORE_set_verify_cb_func(x509store, ssh_x509store_cb); + } +#ifdef SSH_CHECK_REVOKED + if (x509revoked == NULL) { + x509revoked = X509_STORE_new(); + if (x509revoked == NULL) { + fatal ("cannot create x509revoced context"); + } + } +#endif +} + + +int +ssh_x509store_addlocations (const X509StoreOptions *_locations) { + int flag = 0, flag2 = 0; + + if (_locations == NULL) { + error("ssh_x509store_addlocations: _locations is NULL"); + return 0; + } + if ((_locations->certificate_path == NULL) && + (_locations->certificate_file == NULL)) { + error("ssh_x509store_addlocations: certificate path and file are NULLs"); + return 0; + } +#ifdef SSH_CHECK_REVOKED + if ((_locations->revocation_path == NULL) && + (_locations->revocation_file == NULL)) { + error("ssh_x509store_addlocations: revocation path and file are NULLs"); + return 0; + } +#endif + ssh_x509store_initcontext(); + /* + Note: + After X509_LOOKUP_{add_dir|load_file} calls we must call + ERR_clear_error() otherwise when the first call to + X509_LOOKUP_XXXX fail the second call fail too ! + */ + if (_locations->certificate_path != NULL) { + X509_LOOKUP *lookup = X509_STORE_add_lookup(x509store, X509_LOOKUP_hash_dir()); + if (lookup == NULL) { + fatal("ssh_x509store_addlocations:cannot add hash dir lookup !"); + return 0; /* ;-) */ + } + if (X509_LOOKUP_add_dir(lookup, _locations->certificate_path, X509_FILETYPE_PEM)) { + debug2( "hash dir '%.400s' added to x509 store", _locations->certificate_path); + flag = 1; + } + ERR_clear_error(); + } + if (_locations->certificate_file != NULL) { + X509_LOOKUP *lookup = X509_STORE_add_lookup(x509store, X509_LOOKUP_file()); + if (lookup == NULL) { + fatal("ssh_x509store_addlocations:cannot add file lookup !"); + return 0; /* ;-) */ + } + if (X509_LOOKUP_load_file(lookup, _locations->certificate_file, X509_FILETYPE_PEM)) { + debug2( "file '%.400s' added to x509 store", _locations->certificate_file); + flag = 1; + } + ERR_clear_error(); + } +#ifdef SSH_CHECK_REVOKED + if (_locations->revocation_path != NULL) { + X509_LOOKUP *lookup = X509_STORE_add_lookup(x509revoked, X509_LOOKUP_hash_dir()); + if (lookup == NULL) { + fatal("ssh_x509store_addlocations:cannot add hash dir revocation lookup !"); + return 0; /* ;-) */ + } + if (X509_LOOKUP_add_dir(lookup, _locations->revocation_path, X509_FILETYPE_PEM)) { + debug2( "hash dir '%.400s' added to x509 revocation store", _locations->revocation_path); + flag2 = 1; + } + ERR_clear_error(); + } + if (_locations->revocation_file != NULL) { + X509_LOOKUP *lookup = X509_STORE_add_lookup(x509revoked, X509_LOOKUP_file()); + if (lookup == NULL) { + fatal("ssh_x509store_addlocations:cannot add file revocation lookup !"); + return 0; /* ;-) */ + } + if (X509_LOOKUP_load_file(lookup, _locations->revocation_file, X509_FILETYPE_PEM)) { + debug2( "file '%.400s' added to x509 revocation store", _locations->revocation_file); + flag2 = 1; + } + ERR_clear_error(); + } +#else + flag2 = 1; +#endif + return flag && flag2; +} + + +static int +ssh_verify_cert (X509_STORE_CTX *_csc, X509 *_cert) { + X509_STORE_CTX_init(_csc, x509store, _cert, NULL); + + if(sshpurpose_index >= 0) { + X509_PURPOSE *xptmp = X509_PURPOSE_get0(sshpurpose_index); + if (X509_STORE_CTX_set_purpose(_csc, X509_PURPOSE_get_id(xptmp)) == 0) { + int ecode = X509_STORE_CTX_get_error(_csc); + error("ssh_x509store_check: purpose error, code=%d, msg='%.200s'" + , ecode + , X509_verify_cert_error_string(ecode)); + return -1; + } + } + + /* + if(issuer_checks) + X509_STORE_CTX_set_flags(_csc, X509_V_FLAG_CB_ISSUER_CHECK); + */ + + if(X509_verify_cert(_csc) == 0) { + int ecode = X509_STORE_CTX_get_error(_csc); + error("ssh_x509store_check: verify error, code=%d, msg='%.200s'" + , ecode + , X509_verify_cert_error_string(ecode)); + return -1; + } + + return 1; +} + + +int +ssh_x509store_check(X509 *_cert) { + X509_STORE_CTX *csc; + int ret = 1; + + if (x509store == NULL) { + error("ssh_x509store_check: context is NULL\n"); + return -1; + } + + if (get_log_level() >= SYSLOG_LEVEL_DEBUG3) { + char buf[512]; + X509_NAME_oneline( X509_get_subject_name(_cert), buf, sizeof(buf)); + debug3("ssh_x509store_check: for '%.512s'", buf); + } + + csc = X509_STORE_CTX_new(); + if (csc == NULL) { + int ecode = ERR_get_error(); + error("ssh_x509store_check:X509_STORE_CTX_new failed with '%.200s'", ERR_error_string(ecode, NULL)); + + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + return -1; + } + + ret = ssh_verify_cert(csc, _cert); + X509_STORE_CTX_free(csc); + + debug3("ssh_x509store_check: return %d", ret); + return (ret); +} + + +#ifdef SSH_CHECK_REVOKED +static int +ssh_check_crl(X509_STORE_CTX *_ctx, X509_CRL *_crl) { + X509 *cert = NULL; + time_t *pcheck_time; + int k; + + if (_crl == NULL) { + return 1; + } + + cert = X509_STORE_CTX_get_current_cert(_ctx); + if (cert == NULL) { + error("ssh_check_crl: missing current certificate in x509store context"); + return 0; + } + + if (get_log_level() >= SYSLOG_LEVEL_DEBUG3) { + BIO *bio; + char buf[512]; + char *p; + + bio = BIO_new(BIO_s_mem()); + if (bio == NULL) { + fatal("ssh_check_crl: out of memory"); + return 0; /* ;-) */ + } + + X509_NAME_oneline( X509_CRL_get_issuer(_crl), buf, sizeof(buf)); + + BIO_printf(bio, ", Last Update: "); + ASN1_UTCTIME_print(bio, X509_CRL_get_lastUpdate(_crl)); + + BIO_printf(bio, ", Next Update: "); + ASN1_UTCTIME_print(bio, X509_CRL_get_nextUpdate(_crl)); + + k = BIO_pending(bio); + p = xmalloc(k + 1); + k = BIO_read(bio, p, k); + p[k] = '\0'; + + debug3("ssh_check_crl: Issuer: %s%s", buf, p); + + xfree(p); + BIO_free(bio); + } + + { + EVP_PKEY *pkey = X509_get_pubkey(cert); + if(pkey == NULL) { + error("ssh_check_crl:unable to devode public key"); + X509_STORE_CTX_set_error(_ctx, X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY); + return 0; + } + + if (X509_CRL_verify(_crl, pkey) <= 0) { + error("ssh_check_crl:CRL has invalid signature"); + X509_STORE_CTX_set_error(_ctx, X509_V_ERR_CRL_SIGNATURE_FAILURE); + return 0; + } + EVP_PKEY_free(pkey); + } + + + if (_ctx->flags & X509_V_FLAG_USE_CHECK_TIME) + pcheck_time = &_ctx->check_time; + else + pcheck_time = NULL; + + k = X509_cmp_time(X509_CRL_get_lastUpdate(_crl), pcheck_time); + if (k == 0) { + X509_STORE_CTX_set_error(_ctx, X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD); + error("ssh_check_crl:CRL has invalid lastUpdate field"); + return 0; + } + if (k > 0) { + X509_STORE_CTX_set_error(_ctx, X509_V_ERR_CRL_NOT_YET_VALID); + error("ssh_check_crl:CRL is not yet valid"); + return 0; + } + + k = X509_cmp_time(X509_CRL_get_nextUpdate(_crl), pcheck_time); + if (k == 0) { + error("ssh_check_crl:CRL has invalid nextUpdate field"); + X509_STORE_CTX_set_error(_ctx, X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD); + return 0; + } + if (k < 0) { + error("ssh_check_crl:CRL is expired"); + X509_STORE_CTX_set_error(_ctx, X509_V_ERR_CRL_HAS_EXPIRED); + return 0; + } + + return 1; +} + + +static int +ssh_check_crl_cert(X509_STORE_CTX *_ctx, X509_CRL *_crl, X509 *_cert) { + X509_REVOKED revoked; + int k; + char *p, buf1[512], buf2[512]; + + if (_crl == NULL) return 1; + revoked.serialNumber = X509_get_serialNumber(_cert); + k = sk_X509_REVOKED_find(_crl->crl->revoked, &revoked); + if (k < 0) return 1; + + X509_STORE_CTX_set_error(_ctx, X509_V_ERR_CERT_REVOKED); + /* yes, revoked. print log and ...*/ + p = ssh_ASN1_INTEGER_2_string(revoked.serialNumber); + X509_NAME_oneline(X509_get_subject_name(_cert), buf1, sizeof(buf1)); + X509_NAME_oneline(X509_CRL_get_issuer (_crl ), buf2, sizeof(buf2)); + + log ("certificate '%.512s' with serial '%.40s' revoked from issuer '%.512s'", + buf1, p, buf2); + xfree (p); + + return 0; +} + + +static int +ssh_x509revoked_cb(int ok, X509_STORE_CTX *ctx) { + X509 *cert; + X509_OBJECT xobj; + + if (!ok) return 0; + if (x509revoked == NULL) + return ok; /* XXX:hmm */ + + cert = X509_STORE_CTX_get_current_cert(ctx); + if (cert == NULL) { + error("ssh_x509revoked_cb: missing current certificate in x509store context"); + return 0; + } + + if (get_log_level() >= SYSLOG_LEVEL_DEBUG3) { + char buf[512]; + + X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf)); + debug3("ssh_x509revoked_cb:issuer =%.512s", buf); + + X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)); + debug3("ssh_x509revoked_cb:subject=%.512s", buf); + } + + memset(&xobj, 0, sizeof(xobj)); + if (ssh_x509store_lookup( + x509revoked, X509_LU_CRL, + X509_get_subject_name(cert), + &xobj) > 0) { +/* + In callback we cannot check CRL signature at this point when we use + X509_get_issuer_name(), because we don't know issuer public key! + Of course we can get the public key from X509_STORE defined by + static variable "x509store". + Of course we can check revocation outside callback, but we should + try to find public key in X509_STORE[s]. + + At this point we can get easy public key of "current certificate"! + + Method: "look forward" + At this call we check CLR (signature and other) issued with "current + certificate" ("CertA"). If all is OK with "CertA" by next call of + callback method "current certificate" is signed from "CertA" and the + CRL issued from "CertA", if any is already verified - cool ;-). + + Note that when a certificate is revoked all signed form that + certificate are revoked automatically too. With method "look forward" + we already know that all issuers of "current certificate" aren't + revoked. +*/ + ok = ssh_check_crl(ctx, xobj.data.crl); + } + X509_OBJECT_free_contents(&xobj); + if (!ok) return 0; + + memset(&xobj, 0, sizeof(xobj)); + if (ssh_x509store_lookup( + x509revoked, X509_LU_CRL, + X509_get_issuer_name(cert), + &xobj) > 0) { + ok = ssh_check_crl_cert(ctx, xobj.data.crl, cert); + } + X509_OBJECT_free_contents(&xobj); + /* clear rest of errors in OpenSSL "error buffer" */ + ERR_clear_error(); + + if (!ok) return 0; + + /**/ + return ok; +} +#endif diff -ruN openssh-3.6.1p1/x509store.h openssh-3.6.1p1+x509g/x509store.h --- openssh-3.6.1p1/x509store.h 1970-01-01 02:00:00.000000000 +0200 +++ openssh-3.6.1p1+x509g/x509store.h 2003-01-30 09:06:00.000000000 +0200 @@ -0,0 +1,58 @@ +#ifndef X509STORE_H +#define X509STORE_H +/* + * Copyright (c) 2002 Roumen Petrov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + + +#include +#if 0 +/* Set 0 (above) to 1 for OpenSSL 0.9.7beta2/3 :-( or comment in openssl "des_old.h" all lines: + #define cript ... + This is commented in beta4 ;-) + */ +#ifdef crypt +# undef crypt +#endif +#endif + + +int ssh_x509store_check(X509 *_cert); + +/* return purpose index, not purpose id (!) */ +int sshclient_cert_purpose (const char* _purpose_synonym); +int sshserver_cert_purpose (const char* _purpose_synonym); + + +typedef struct { + /* ssh PKI(X509) store */ + char *certificate_file; + char *certificate_path; + char *revocation_file; + char *revocation_path; +} X509StoreOptions; + +void ssh_x509store_setpurpose(int _sshpurpose_index); +int ssh_x509store_addlocations (const X509StoreOptions *_locations); + +#endif /* X509STORE_H */