1 /*
2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5 /* $OpenBSD: pathnames.h,v 1.13 2002/05/23 19:24:30 markus Exp $ */
6
7 #ifndef _PATHNAMES_H
8 #define _PATHNAMES_H
9
10 #pragma ident "%Z%%M% %I% %E% SMI"
11
12 #ifdef __cplusplus
13 extern "C" {
14 #endif
15
16
17 /*
18 * Author: Tatu Ylonen <ylo@cs.hut.fi>
19 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
20 * All rights reserved
21 *
22 * As far as I am concerned, the code I have written for this software
23 * can be used freely for any purpose. Any derived versions of this
24 * software must be clearly marked as such, and if the derived work is
25 * incompatible with the protocol description in the RFC file, it must be
26 * called by a name other than "ssh" or "Secure Shell".
27 */
28
29 #define ETCDIR "/etc"
30
31 #ifndef SSHDIR
32 #define SSHDIR ETCDIR "/ssh"
33 #endif
34
35 #ifndef _PATH_SSH_PIDDIR
36 #define _PATH_SSH_PIDDIR "/var/run"
37 #endif
38
39 /*
40 * System-wide file containing host keys of known hosts. This file should be
41 * world-readable.
42 */
43 #define _PATH_SSH_SYSTEM_HOSTFILE SSHDIR "/ssh_known_hosts"
44 /* backward compat for protocol 2 */
45 #define _PATH_SSH_SYSTEM_HOSTFILE2 SSHDIR "/ssh_known_hosts2"
46
47 /*
48 * Of these, ssh_host_key must be readable only by root, whereas ssh_config
49 * should be world-readable.
50 */
51 #define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config"
52 #define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config"
53 #define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key"
54 #define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key"
55 #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key"
56 #define _PATH_DH_MODULI SSHDIR "/moduli"
57 /* Backwards compatibility */
58 #define _PATH_DH_PRIMES SSHDIR "/primes"
59
60 #ifndef _PATH_SSH_PROGRAM
61 #define _PATH_SSH_PROGRAM "/usr/bin/ssh"
62 #endif
63
64 /*
65 * The process id of the daemon listening for connections is saved here to
66 * make it easier to kill the correct daemon when necessary.
67 */
68 #define _PATH_SSH_DAEMON_PID_FILE _PATH_SSH_PIDDIR "/sshd.pid"
69
70 /*
71 * The directory in user\'s home directory in which the files reside. The
72 * directory should be world-readable (though not all files are).
73 */
74 #define _PATH_SSH_USER_DIR ".ssh"
75
76 /*
77 * Per-user file containing host keys of known hosts. This file need not be
78 * readable by anyone except the user him/herself, though this does not
79 * contain anything particularly secret.
80 */
81 #define _PATH_SSH_USER_HOSTFILE "~/.ssh/known_hosts"
82 /* backward compat for protocol 2 */
83 #define _PATH_SSH_USER_HOSTFILE2 "~/.ssh/known_hosts2"
84
85 /*
86 * Name of the default file containing client-side authentication key. This
87 * file should only be readable by the user him/herself.
88 */
89 #define _PATH_SSH_CLIENT_IDENTITY ".ssh/identity"
90 #define _PATH_SSH_CLIENT_ID_DSA ".ssh/id_dsa"
91 #define _PATH_SSH_CLIENT_ID_RSA ".ssh/id_rsa"
92
93 /*
94 * Configuration file in user\'s home directory. This file need not be
95 * readable by anyone but the user him/herself, but does not contain anything
96 * particularly secret. If the user\'s home directory resides on an NFS
97 * volume where root is mapped to nobody, this may need to be world-readable.
98 */
99 #define _PATH_SSH_USER_CONFFILE ".ssh/config"
100
101 /*
102 * File containing a list of those rsa keys that permit logging in as this
103 * user. This file need not be readable by anyone but the user him/herself,
104 * but does not contain anything particularly secret. If the user\'s home
105 * directory resides on an NFS volume where root is mapped to nobody, this
106 * may need to be world-readable. (This file is read by the daemon which is
107 * running as root.)
108 */
109 #define _PATH_SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys"
110
111 /* backward compat for protocol v2 */
112 #define _PATH_SSH_USER_PERMITTED_KEYS2 ".ssh/authorized_keys2"
113
114 /*
115 * Per-user and system-wide ssh "rc" files. These files are executed with
116 * /bin/sh before starting the shell or command if they exist. They will be
117 * passed "proto cookie" as arguments if X11 forwarding with spoofing is in
118 * use. xauth will be run if neither of these exists.
119 */
120 #define _PATH_SSH_USER_RC ".ssh/rc"
121 #define _PATH_SSH_SYSTEM_RC SSHDIR "/sshrc"
122
123 /*
124 * Ssh-only version of /etc/hosts.equiv. Additionally, the daemon may use
125 * ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled.
126 */
127 #define _PATH_SSH_HOSTS_EQUIV SSHDIR "/shosts.equiv"
128 #define _PATH_RHOSTS_EQUIV "/etc/hosts.equiv"
129
130 /*
131 * /etc/default/login
132 */
133 #define _PATH_DEFAULT_LOGIN "/etc/default/login"
134
135 /*
136 * Default location of askpass
137 */
138 #ifndef _PATH_SSH_ASKPASS_DEFAULT
139 #define _PATH_SSH_ASKPASS_DEFAULT "/usr/lib/ssh/ssh-askpass"
140 #endif
141
142 /* Location of ssh-keysign for hostbased authentication */
143 #ifndef _PATH_SSH_KEY_SIGN
144 #define _PATH_SSH_KEY_SIGN "/usr/lib/ssh/ssh-keysign"
145 #endif
146
147 /* xauth for X11 forwarding */
148 #ifndef _PATH_XAUTH
149 #define _PATH_XAUTH "/usr/openwin/bin/xauth"
150 #endif
151
152 /* UNIX domain socket for X11 server; displaynum will replace %u */
153 #ifndef _PATH_UNIX_X
154 #define _PATH_UNIX_X "/tmp/.X11-unix/X%u"
155 #endif
156
157 /* for scp */
158 #ifndef _PATH_CP
159 #define _PATH_CP "cp"
160 #endif
161
162 /* for sftp */
163 #ifndef _PATH_SFTP_SERVER
164 #define _PATH_SFTP_SERVER "/usr/lib/ssh/sftp-server"
165 #endif
166
167 /* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */
168 #ifndef _PATH_PRIVSEP_CHROOT_DIR
169 #define _PATH_PRIVSEP_CHROOT_DIR "/var/empty"
170 #endif
171
172 #ifndef _PATH_LS
173 #define _PATH_LS "ls"
174 #endif
175
176 /* path to login program */
177 #ifndef LOGIN_PROGRAM
178 # ifdef LOGIN_PROGRAM_FALLBACK
179 # define LOGIN_PROGRAM LOGIN_PROGRAM_FALLBACK
180 # else
181 # define LOGIN_PROGRAM "/usr/bin/login"
182 # endif
183 #endif /* LOGIN_PROGRAM */
184
185 /* Askpass program define */
186 #ifndef ASKPASS_PROGRAM
187 #define ASKPASS_PROGRAM "/usr/lib/ssh/ssh-askpass"
188 #endif /* ASKPASS_PROGRAM */
189
190 #ifdef __cplusplus
191 }
192 #endif
193
194 #endif /* _PATHNAMES_H */