Copyright (c) 1999, 2000 Vadim Vygonets . All rights reserved. This is a port of OpenSSH 2.3.0 to BSD/OS 3.x, 4.0 and 4.1. This may be the last port of OpenSSH to BSD/OS from me, because BSDi is planning to ship OpenSSH with BSD/OS 4.2. The main points of this port are BSD authentication and login_cap support. It also makes OpenSSH compile on BSD/OS out of the box. This port owes a great deal to Brian Fundakowski Feldman and his port of OpenSSH from the FreeBSD ports collection. This port also incorporates my patches to auth-passwd.c of ssh 1.2.26 (BSD authentication). I also tried to incorporate login capabilities handling throughout sshd. The code was partly based on Brian's code and partly on my older code. ================================================================= = Changes from previous versions = ================================================================= 2.3.0: We link with OpenSSL 0.9.6 now. Diffs from the FreeBSD version are not distributed right now (but will be). ConnectionsPerPeriod is currently not integrated. Consider using MaxStartups instead. If you still need ConnectionsPerPeriod, bug me and I may do it. sftp-server is not even compiled. It needs futimes(2) system call, which does not exist on BSD/OS. I'm sure this can be overcome quite easily, and I'll do it when I feel like it (possibly never). Support of login_cap (and, possibly, BSD authentication) from BSDi (thanks guys) is being integrated OpenBSD and OpenSSH, so I have less work to do. The way these issues are handled in the BSD/OS port of OpenSSH is somewhat different now, as OpenBSD did it differently (and yes, I've sent them my patches). Not that you shoud care, but if something breaks, you know whom to blame. 2.1.0: The way login_cap_t is handled is different now. It's no longer passed all way from do_authentication() down to do_child(), but generated and destroyed in authentication routines, and then generated in do_exec_{no_,}pty() and destroyed in do_child. Passing it all way down became cumbersome due to the way SSH2 authentication routines are organized. And FreeBSD doesn't use login_cap_t in OpenSSH authentication routines. There are now two different BSD/OS-related CPP macros, LOGIN_CAP and BSD_AUTH. This is to prepare ground for merging of this port with the FreeBSD port of OpenSSH. 1.2.2/1.2.3: Important note: sshd is now installed in /usr/local/sbin. I strongly advise that you remove /usr/local/bin/sshd to avoid confusion. ================================================================= = INSTALLATION = ================================================================= IF YOU DON'T LIVE IN A FREE COUNTRY, DON'T BLAME ME IF YOU GET ARRESTED FOR USING THESE INSTRUCTIONS. I don't care, alright? Please also note that I can get arrested, too. You need OpenSSL 0.9.6. You can get it from: http://www.openssl.org/ It seems that USA citizens and residents don't have to use RSAREF now. If you still insist on using RSAREF, you can obtain it fom RSA Security Inc. (http://www.rsa.com/). See the file INSTALL in the OpenSSL distribution for some details. If you intend to use OpenSSL on an 80386 machine (as opposed to i486 or higher), consult the file INSTALL in the OpenSSL distribution. The rest of this file assumes that you are rich. Compile and install OpenSSL with the following commands: $ ./config --prefix=/usr/local --openssldir=/usr/local/lib/openssl $ make $ make test $ su # make install OpenSSH expects to find OpenSSL header files in subdirectory ssl. Calm it by doing: # cd /usr/local/include # ln -s openssl ssl Compile OpenSSH by doing: $ make Install OpenSSH: # make install