1 /*      $OpenBSD: ssh.h,v 1.71 2002/06/22 02:00:29 stevesk Exp $        */
   2 
   3 #ifndef _SSH_H
   4 #define _SSH_H
   5 
   6 #ifdef __cplusplus
   7 extern "C" {
   8 #endif
   9 
  10 
  11 /*
  12  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  13  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  14  *                    All rights reserved
  15  *
  16  * As far as I am concerned, the code I have written for this software
  17  * can be used freely for any purpose.  Any derived versions of this
  18  * software must be clearly marked as such, and if the derived work is
  19  * incompatible with the protocol description in the RFC file, it must be
  20  * called by a name other than "ssh" or "Secure Shell".
  21  */
  22 /*
  23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  */
  26 
  27 #include <netinet/in.h> /* For struct sockaddr_in */
  28 #include <pwd.h> /* For struct pw */
  29 #include <stdarg.h> /* For va_list */
  30 #include <syslog.h> /* For LOG_AUTH and friends */
  31 #include <sys/socket.h> /* For struct sockaddr_storage */
  32 #include "fake-socket.h" /* For struct sockaddr_storage */
  33 #ifdef HAVE_SYS_SELECT_H
  34 # include <sys/select.h>
  35 #endif
  36 
  37 /* Cipher used for encrypting authentication files. */
  38 #define SSH_AUTHFILE_CIPHER     SSH_CIPHER_3DES
  39 
  40 /* Default port number. */
  41 #define SSH_DEFAULT_PORT        22
  42 
  43 /* Maximum number of TCP/IP ports forwarded per direction. */
  44 #define SSH_MAX_FORWARDS_PER_DIRECTION  100
  45 
  46 /*
  47  * Maximum number of RSA authentication identity files that can be specified
  48  * in configuration files or on the command line.
  49  */
  50 #define SSH_MAX_IDENTITY_FILES          100
  51 
  52 /*
  53  * Major protocol version.  Different version indicates major incompatibility
  54  * that prevents communication.
  55  *
  56  * Minor protocol version.  Different version indicates minor incompatibility
  57  * that does not prevent interoperation.
  58  */
  59 #define PROTOCOL_MAJOR_1        1
  60 #define PROTOCOL_MINOR_1        5
  61 
  62 /* We support both SSH1 and SSH2 */
  63 #define PROTOCOL_MAJOR_2        2
  64 #define PROTOCOL_MINOR_2        0
  65 
  66 /*
  67  * Name for the service.  The port named by this service overrides the
  68  * default port if present.
  69  */
  70 #define SSH_SERVICE_NAME        "ssh"
  71 
  72 /*
  73  * Name of the environment variable containing the process ID of the
  74  * authentication agent.
  75  */
  76 #define SSH_AGENTPID_ENV_NAME   "SSH_AGENT_PID"
  77 
  78 /*
  79  * Name of the environment variable containing the pathname of the
  80  * authentication socket.
  81  */
  82 #define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
  83 
  84 /*
  85  * Environment variable for overwriting the default location of askpass
  86  */
  87 #define SSH_ASKPASS_ENV         "SSH_ASKPASS"
  88 
  89 /*
  90  * Force host key length and server key length to differ by at least this
  91  * many bits.  This is to make double encryption with rsaref work.
  92  */
  93 #define SSH_KEY_BITS_RESERVED           128
  94 
  95 /*
  96  * Length of the session key in bytes.  (Specified as 256 bits in the
  97  * protocol.)
  98  */
  99 #define SSH_SESSION_KEY_LENGTH          32
 100 
 101 /* Name of Kerberos service for SSH to use. */
 102 #define KRB4_SERVICE_NAME               "rcmd"
 103 
 104 /* Used to identify ``EscapeChar none'' */
 105 #define SSH_ESCAPECHAR_NONE             -2
 106 
 107 /*
 108  * unprivileged user when UsePrivilegeSeparation=yes;
 109  * sshd will change its privileges to this user and its
 110  * primary group.
 111  */
 112 #ifndef SSH_PRIVSEP_USER
 113 #define SSH_PRIVSEP_USER                "sshd"
 114 #endif
 115 
 116 /* Minimum modulus size (n) for RSA keys. */
 117 #define SSH_RSA_MINIMUM_MODULUS_SIZE    768
 118 
 119 /* Listen backlog for sshd, ssh-agent and forwarding sockets */
 120 #define SSH_LISTEN_BACKLOG              128
 121 
 122 /*
 123  * Do not display banner when in remote command mode only. Note that RFC 4254
 124  * uses "exec" as a mode name for the channel opened for the execution of the
 125  * given command.
 126  */
 127 #define SSH_NO_BANNER_IN_EXEC_MODE      2
 128 
 129 #ifdef __cplusplus
 130 }
 131 #endif
 132 
 133 #endif /* _SSH_H */