OpenSSH for BSD/OS

Portable OpenSSH

Portable OpenSSH 2.9 fully supports BSD authentication and works on BSD/OS, so my port of OpenSSH is essentially useless now and is thus discontinued. To compile portable OpenSSH on BSD/OS with BSD authentication support (recommended):

	$ ./configure --with-bsd-auth
	$ make
	$ su
	# make install

BSD/OS 4.2 and later come with portable OpenSSH, but you might want to upgrade to a more current version.

OpenSSH 2.3.0

OpenSSH 2.1.0

OpenSSH 1.2.3


Ego Search

This page (at its old URL) is listed at the BSD Newsletter security software page.


Copyright (c) 1999, 2000
	Vadim Vygonets <vadik at>.  All rights reserved.

This is a port of OpenSSH 2.3.0 to BSD/OS 3.x, 4.0 and 4.1.

This may be the last port of OpenSSH to BSD/OS from me, because
BSDi is planning to ship OpenSSH with BSD/OS 4.2.

The main points of this port are BSD authentication and login_cap
support.  It also makes OpenSSH compile on BSD/OS out of the box.

This port owes a great deal to Brian Fundakowski Feldman
<green at> and his port of OpenSSH from the FreeBSD
ports collection.

This port also incorporates my patches to auth-passwd.c of ssh
1.2.26 (BSD authentication).  I also tried to incorporate login
capabilities handling throughout sshd.  The code was partly based
on Brian's code and partly on my older code.

= Changes from previous versions				=

	We link with OpenSSL 0.9.6 now.

	Diffs from the FreeBSD version are not distributed right
	now (but will be).

	ConnectionsPerPeriod is currently not integrated.
	Consider using MaxStartups instead.  If you still need
	ConnectionsPerPeriod, bug me and I may do it.

	sftp-server is not even compiled.  It needs futimes(2)
	system call, which does not exist on BSD/OS.  I'm sure
	this can be overcome quite easily, and I'll do it when I
	feel like it (possibly never).

	Support of login_cap (and, possibly, BSD authentication)
	from BSDi (thanks guys) is being integrated OpenBSD and
	OpenSSH, so I have less work to do.  The way these issues
	are handled in the BSD/OS port of OpenSSH is somewhat
	different now, as OpenBSD did it differently (and yes,
	I've sent them my patches).  Not that you shoud care, but
	if something breaks, you know whom to blame.

	The way login_cap_t is handled is different now.  It's no
	longer passed all way from do_authentication() down to
	do_child(), but generated and destroyed in authentication
	routines, and then generated in do_exec_{no_,}pty() and
	destroyed in do_child.  Passing it all way down became
	cumbersome due to the way SSH2 authentication routines
	are organized.  And FreeBSD doesn't use login_cap_t in
	OpenSSH authentication routines.

	There are now two different BSD/OS-related CPP macros,
	LOGIN_CAP and BSD_AUTH.  This is to prepare ground for
	merging of this port with the FreeBSD port of OpenSSH.

	Important note: sshd is now installed in /usr/local/sbin.
	I strongly advise that you remove /usr/local/bin/sshd to
	avoid confusion.


Please also note that I can get arrested, too.

You need OpenSSL 0.9.6.  You can get it from:

It seems that USA citizens and residents don't have to use RSAREF
now.  If you still insist on using RSAREF, you can obtain it fom
RSA Security Inc. (  See the file INSTALL in
the OpenSSL distribution for some details.

If you intend to use OpenSSL on an 80386 machine (as opposed to
i486 or higher), consult the file INSTALL in the OpenSSL
distribution.  The rest of this file assumes that you are rich.

Compile and install OpenSSL with the following commands:
	$ ./config --prefix=/usr/local --openssldir=/usr/local/lib/openssl
	$ make
	$ make test
	$ su
	# make install

OpenSSH expects to find OpenSSL header files in subdirectory ssl.
Calm it by doing:
	# cd /usr/local/include
	# ln -s openssl ssl

Compile OpenSSH by doing:
	$ make

Install OpenSSH:
	# make install

Valid XHTML 1.0! Valid CSS!
Vadik /
Last updated: 2003-02-11