diff -ru --new-file openssh-3.7p1/ChangeLog openssh-3.7.1p1/ChangeLog --- openssh-3.7p1/ChangeLog 2003-09-16 16:00:52.000000000 +1000 +++ openssh-3.7.1p1/ChangeLog 2003-09-17 07:35:09.000000000 +1000 @@ -1,3 +1,11 @@ +20030917 + - (djm) OpenBSD Sync + - markus@cvs.openbsd.org 2003/09/16 21:02:40 + [buffer.c channels.c version.h] + more malloc/fatal fixes; ok millert/deraadt; ghudson at MIT.EDU + - (djm) Crank RPM spec versions + - (djm) Release 3.7.1p1 + 20030916 - (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252: Retrieve PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it @@ -1107,4 +1115,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2994.2.4 2003/09/16 06:00:52 djm Exp $ +$Id: ChangeLog,v 1.2994.2.6 2003/09/16 21:35:09 djm Exp $ diff -ru --new-file openssh-3.7p1/buffer.c openssh-3.7.1p1/buffer.c --- openssh-3.7p1/buffer.c 2003-09-16 13:31:03.000000000 +1000 +++ openssh-3.7.1p1/buffer.c 2003-09-17 07:34:12.000000000 +1000 @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: buffer.c,v 1.17 2003/09/16 03:03:47 deraadt Exp $"); +RCSID("$OpenBSD: buffer.c,v 1.18 2003/09/16 21:02:39 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -23,8 +23,11 @@ void buffer_init(Buffer *buffer) { - buffer->alloc = 4096; - buffer->buf = xmalloc(buffer->alloc); + const u_int len = 4096; + + buffer->alloc = 0; + buffer->buf = xmalloc(len); + buffer->alloc = len; buffer->offset = 0; buffer->end = 0; } @@ -34,8 +37,10 @@ void buffer_free(Buffer *buffer) { - memset(buffer->buf, 0, buffer->alloc); - xfree(buffer->buf); + if (buffer->alloc > 0) { + memset(buffer->buf, 0, buffer->alloc); + xfree(buffer->buf); + } } /* diff -ru --new-file openssh-3.7p1/channels.c openssh-3.7.1p1/channels.c --- openssh-3.7p1/channels.c 2003-09-02 22:52:31.000000000 +1000 +++ openssh-3.7.1p1/channels.c 2003-09-17 07:34:12.000000000 +1000 @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.194 2003/08/29 10:04:36 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.195 2003/09/16 21:02:40 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -229,12 +229,13 @@ if (found == -1) { /* There are no free slots. Take last+1 slot and expand the array. */ found = channels_alloc; - channels_alloc += 10; if (channels_alloc > 10000) fatal("channel_new: internal error: channels_alloc %d " "too big.", channels_alloc); + channels = xrealloc(channels, + (channels_alloc + 10) * sizeof(Channel *)); + channels_alloc += 10; debug2("channel: expanding %d", channels_alloc); - channels = xrealloc(channels, channels_alloc * sizeof(Channel *)); for (i = found; i < channels_alloc; i++) channels[i] = NULL; } diff -ru --new-file openssh-3.7p1/contrib/caldera/openssh.spec openssh-3.7.1p1/contrib/caldera/openssh.spec --- openssh-3.7p1/contrib/caldera/openssh.spec 2003-09-16 16:02:40.000000000 +1000 +++ openssh-3.7.1p1/contrib/caldera/openssh.spec 2003-09-17 07:35:10.000000000 +1000 @@ -17,7 +17,7 @@ #old cvs stuff. please update before use. may be deprecated. %define use_stable 1 %if %{use_stable} - %define version 3.7p1 + %define version 3.7.1p1 %define cvs %{nil} %define release 1 %else @@ -364,4 +364,4 @@ * Mon Jan 01 1998 ... Template Version: 1.31 -$Id: openssh.spec,v 1.43.2.2 2003/09/16 06:02:40 djm Exp $ +$Id: openssh.spec,v 1.43.2.3 2003/09/16 21:35:10 djm Exp $ diff -ru --new-file openssh-3.7p1/contrib/redhat/openssh.spec openssh-3.7.1p1/contrib/redhat/openssh.spec --- openssh-3.7p1/contrib/redhat/openssh.spec 2003-09-16 16:02:40.000000000 +1000 +++ openssh-3.7.1p1/contrib/redhat/openssh.spec 2003-09-17 07:35:10.000000000 +1000 @@ -1,4 +1,4 @@ -%define ver 3.7p1 +%define ver 3.7.1p1 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff -ru --new-file openssh-3.7p1/contrib/suse/openssh.spec openssh-3.7.1p1/contrib/suse/openssh.spec --- openssh-3.7p1/contrib/suse/openssh.spec 2003-09-16 13:59:43.000000000 +1000 +++ openssh-3.7.1p1/contrib/suse/openssh.spec 2003-09-17 07:35:10.000000000 +1000 @@ -1,6 +1,6 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 3.7p1 +Version: 3.7.1p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff -ru --new-file openssh-3.7p1/linux/Makefile openssh-3.7.1p1/linux/Makefile --- openssh-3.7p1/linux/Makefile 2003-09-16 16:40:06.000000000 +1000 +++ openssh-3.7.1p1/linux/Makefile 1970-01-01 10:00:00.000000000 +1000 @@ -1,400 +0,0 @@ -# $Id: Makefile.in,v 1.249 2003/09/14 01:40:36 dtucker Exp $ - -# uncomment if you run a non bourne compatable shell. Ie. csh -#SHELL = /bin/sh - -AUTORECONF=autoreconf - -prefix=/usr/local -exec_prefix=${prefix} -bindir=${exec_prefix}/bin -sbindir=${exec_prefix}/sbin -libexecdir=${exec_prefix}/libexec -datadir=${prefix}/share -mandir=${prefix}/man -mansubdir=man -sysconfdir=${prefix}/etc -piddir=/var/run -srcdir=.. -top_srcdir=.. - -DESTDIR= -VPATH=.. -SSH_PROGRAM=${exec_prefix}/bin/ssh -ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass -SFTP_SERVER=$(libexecdir)/sftp-server -SSH_KEYSIGN=$(libexecdir)/ssh-keysign -RAND_HELPER=$(libexecdir)/ssh-rand-helper -PRIVSEP_PATH=/var/empty -SSH_PRIVSEP_USER=sshd -STRIP_OPT=-s - -PATHS= -DSSHDIR=\"$(sysconfdir)\" \ - -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ - -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ - -D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \ - -D_PATH_SSH_KEY_SIGN=\"$(SSH_KEYSIGN)\" \ - -D_PATH_SSH_PIDDIR=\"$(piddir)\" \ - -D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \ - -DSSH_RAND_HELPER=\"$(RAND_HELPER)\" - -CC=gcc -LD=gcc -CFLAGS=-g -O2 -Wall -Wpointer-arith -Wno-uninitialized -CPPFLAGS=-I. -I$(srcdir) $(PATHS) -DHAVE_CONFIG_H -LIBS=-lutil -lz -lnsl -lcrypto -lcrypt -LIBPAM= -LIBWRAP= -AR=/usr/local/bin/ar -AWK=gawk -RANLIB=ranlib -INSTALL=/usr/bin/install -c -PERL=/usr/local/bin/perl -SED=/bin/sed -ENT= -XAUTH_PATH=/usr/X11R6/bin/xauth -LDFLAGS=-L. -Lopenbsd-compat/ -EXEEXT= - -INSTALL_SSH_PRNG_CMDS= -INSTALL_SSH_RAND_HELPER= - -TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT) - -LIBSSH_OBJS=authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o \ - cipher.o cipher-aes.o cipher-bf1.o cipher-ctr.o cipher-3des1.o \ - compat.o compress.o crc32.o deattack.o fatal.o \ - hostfile.o log.o match.o moduli.o mpaux.o nchan.o packet.o \ - readpass.o rsa.o tildexpand.o ttymodes.o xmalloc.o atomicio.o \ - key.o dispatch.o kex.o mac.o uuencode.o misc.o \ - rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o kexgex.o \ - kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \ - entropy.o scard-opensc.o gss-genr.o - -SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect1.o sshconnect2.o - -SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ - sshpty.o sshlogin.o servconf.o serverloop.o uidswap.o \ - auth.o auth1.o auth2.o auth-options.o session.o \ - auth-chall.o auth2-chall.o groupaccess.o \ - auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ - auth2-none.o auth2-passwd.o auth2-pubkey.o \ - monitor_mm.o monitor.o monitor_wrap.o monitor_fdpass.o \ - kexdhs.o kexgexs.o \ - auth-krb5.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o \ - loginrec.o auth-pam.o auth-sia.o md5crypt.o - -MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out -MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 -MANTYPE = doc - -CONFIGFILES=sshd_config.out ssh_config.out moduli.out -CONFIGFILES_IN=sshd_config ssh_config moduli - -PATHSUBS = \ - -e 's|/etc/ssh/ssh_prng_cmds|$(sysconfdir)/ssh_prng_cmds|g' \ - -e 's|/etc/ssh/ssh_config|$(sysconfdir)/ssh_config|g' \ - -e 's|/etc/ssh/ssh_known_hosts|$(sysconfdir)/ssh_known_hosts|g' \ - -e 's|/etc/ssh/sshd_config|$(sysconfdir)/sshd_config|g' \ - -e 's|/usr/libexec|$(libexecdir)|g' \ - -e 's|/etc/shosts.equiv|$(sysconfdir)/shosts.equiv|g' \ - -e 's|/etc/ssh/ssh_host_key|$(sysconfdir)/ssh_host_key|g' \ - -e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \ - -e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \ - -e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \ - -e 's|/etc/ssh/moduli|$(sysconfdir)/moduli|g' \ - -e 's|/etc/sshrc|$(sysconfdir)/sshrc|g' \ - -e 's|/usr/X11R6/bin/xauth|$(XAUTH_PATH)|g' \ - -e 's|/var/empty|$(PRIVSEP_PATH)|g' \ - -e 's|/usr/bin:/bin:/usr/sbin:/sbin|/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin|g' - -FIXPATHSCMD = $(SED) $(PATHSUBS) - -all: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) - -$(LIBSSH_OBJS): Makefile.in config.h -$(SSHOBJS): Makefile.in config.h -$(SSHDOBJS): Makefile.in config.h - -.c.o: - $(CC) $(CFLAGS) $(CPPFLAGS) -c $< - -LIBCOMPAT=openbsd-compat/libopenbsd-compat.a -$(LIBCOMPAT): always - (cd openbsd-compat && $(MAKE)) -always: - -libssh.a: $(LIBSSH_OBJS) - $(AR) rv $@ $(LIBSSH_OBJS) - $(RANLIB) $@ - -ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS) - $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) - $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBS) - -scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o - $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o - $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o - $(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o - $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o - $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o - $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) - -sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o - $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-int.o sftp-common.o sftp-glob.o progressmeter.o - $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-int.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o - $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - -# test driver for the loginrec code - not built by default -logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o - $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) - -$(MANPAGES): $(MANPAGES_IN) - if test "$(MANTYPE)" = "cat"; then \ - manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \ - else \ - manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \ - fi; \ - if test "$(MANTYPE)" = "man"; then \ - $(FIXPATHSCMD) $${manpage} | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \ - else \ - $(FIXPATHSCMD) $${manpage} > $@; \ - fi - -$(CONFIGFILES): $(CONFIGFILES_IN) - conffile=`echo $@ | sed 's/.out$$//'`; \ - $(FIXPATHSCMD) $(srcdir)/$${conffile} > $@ - -ssh_prng_cmds.out: ssh_prng_cmds - if test ! -z "$(INSTALL_SSH_PRNG_CMDS)"; then \ - $(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \ - fi - -# fake rule to stop make trying to compile moduli.o into a binary "modulo" -moduli: - echo - -clean: - rm -f *.o *.a $(TARGETS) logintest config.cache config.log - rm -f *.out core - (cd openbsd-compat && $(MAKE) clean) - (cd regress && $(MAKE) clean) - -distclean: - rm -f *.o *.a $(TARGETS) logintest config.cache config.log - rm -f *.out core - rm -f Makefile config.h config.status ssh_prng_cmds *~ - rm -rf autom4te.cache - (cd openbsd-compat && $(MAKE) distclean) - (cd scard && $(MAKE) distclean) - (cd regress && $(MAKE) distclean) - -veryclean: distclean - rm -f configure config.h.in *.0 - -mrproper: veryclean - -realclean: veryclean - -catman-do: - @for f in $(MANPAGES_IN) ; do \ - base=`echo $$f | sed 's/\..*$$//'` ; \ - echo "$$f -> $$base.0" ; \ - nroff -mandoc $$f | cat -v | sed -e 's/.\^H//g' \ - >$$base.0 ; \ - done - -distprep: catman-do - $(AUTORECONF) - (cd scard && $(MAKE) -f Makefile.in distprep) - -install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files host-key check-config -install-nokeys: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files - -check-config: - -$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config - -scard-install: - (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install) - -install-files: scard-install - $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(datadir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1 - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5 - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8 - $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir) - (umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH)) - $(INSTALL) -m 0755 $(STRIP_OPT) ssh $(DESTDIR)$(bindir)/ssh - $(INSTALL) -m 0755 $(STRIP_OPT) scp $(DESTDIR)$(bindir)/scp - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-add $(DESTDIR)$(bindir)/ssh-add - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent $(DESTDIR)$(bindir)/ssh-agent - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan - $(INSTALL) -m 0755 $(STRIP_OPT) sshd $(DESTDIR)$(sbindir)/sshd - if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \ - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \ - fi - $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign $(DESTDIR)$(SSH_KEYSIGN) - $(INSTALL) -m 0755 $(STRIP_OPT) sftp $(DESTDIR)$(bindir)/sftp - $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server $(DESTDIR)$(SFTP_SERVER) - $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 - $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 - $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 - $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1 - $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 - $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 - $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 - $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 - $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 - if [ ! -z "$(INSTALL_SSH_RAND_HELPER)" ]; then \ - $(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \ - fi - $(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 - $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 - $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 - -rm -f $(DESTDIR)$(bindir)/slogin - ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 - ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 - if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ - $(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \ - fi - @if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \ - $(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \ - else \ - echo "$(DESTDIR)$(sysconfdir)/ssh_config already exists, install will not overwrite"; \ - fi - @if [ ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \ - $(INSTALL) -m 644 sshd_config.out $(DESTDIR)$(sysconfdir)/sshd_config; \ - else \ - echo "$(DESTDIR)$(sysconfdir)/sshd_config already exists, install will not overwrite"; \ - fi - @if [ -f ssh_prng_cmds -a ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \ - if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds ] ; then \ - $(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \ - else \ - echo "$(DESTDIR)$(sysconfdir)/ssh_prng_cmds already exists, install will not overwrite"; \ - fi ; \ - fi - @if [ ! -f $(DESTDIR)$(sysconfdir)/moduli ]; then \ - if [ -f $(DESTDIR)$(sysconfdir)/primes ]; then \ - echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \ - mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR)$(sysconfdir)/moduli"; \ - else \ - $(INSTALL) -m 644 moduli.out $(DESTDIR)$(sysconfdir)/moduli; \ - fi ; \ - else \ - echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \ - fi - -host-key: ssh-keygen$(EXEEXT) - @if [ -z "$(DESTDIR)" ] ; then \ - if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \ - echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \ - else \ - ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" ; \ - fi ; \ - if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key ] ; then \ - echo "$(DESTDIR)$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \ - else \ - ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ; \ - fi ; \ - if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key ] ; then \ - echo "$(DESTDIR)$(sysconfdir)/ssh_host_rsa_key already exists, skipping." ; \ - else \ - ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" ; \ - fi ; \ - fi ; - -host-key-force: ssh-keygen$(EXEEXT) - ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" - ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" - ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" - -uninstallall: uninstall - -rm -f $(DESTDIR)$(sysconfdir)/ssh_config - -rm -f $(DESTDIR)$(sysconfdir)/sshd_config - -rm -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds - -rmdir $(DESTDIR)$(sysconfdir) - -rmdir $(DESTDIR)$(bindir) - -rmdir $(DESTDIR)$(sbindir) - -rmdir $(DESTDIR)$(mandir)/$(mansubdir)1 - -rmdir $(DESTDIR)$(mandir)/$(mansubdir)8 - -rmdir $(DESTDIR)$(mandir) - -rmdir $(DESTDIR)$(libexecdir) - -uninstall: - -rm -f $(DESTDIR)$(bindir)/slogin - -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT) - -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT) - -rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT) - -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) - -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) - -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) - -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT) - -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT) - -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) - -rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) - -rm -f $(DESTDIR)$(RAND_HELPER)$(EXEEXT) - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 - -tests: $(TARGETS) - BUILDDIR=`pwd`; \ - [ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \ - TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ - TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \ - TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \ - TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add"; \ - TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen"; \ - TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \ - TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \ - TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \ - cd $(srcdir)/regress || exit $$?; \ - $(MAKE) \ - .OBJDIR="$${BUILDDIR}/regress" \ - .CURDIR="`pwd`" \ - BUILDDIR="$${BUILDDIR}" \ - OBJ="$${BUILDDIR}/regress/" \ - PATH="$${BUILDDIR}:$${PATH}" \ - TEST_SSH_SSH="$${TEST_SSH_SSH}" \ - TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \ - TEST_SSH_SSHAGENT="$${TEST_SSH_SSHAGENT}" \ - TEST_SSH_SSHADD="$${TEST_SSH_SSHADD}" \ - TEST_SSH_SSHKEYGEN="$${TEST_SSH_SSHKEYGEN}" \ - TEST_SSH_SSHKEYSCAN="$${TEST_SSH_SSHKEYSCAN}" \ - TEST_SSH_SFTP="$${TEST_SSH_SFTP}" \ - TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \ - EXEEXT="$(EXEEXT)" \ - $@ Binary files openssh-3.7p1/linux/atomicio.o and openssh-3.7.1p1/linux/atomicio.o differ Binary files openssh-3.7p1/linux/auth-bsdauth.o and openssh-3.7.1p1/linux/auth-bsdauth.o differ Binary files openssh-3.7p1/linux/auth-chall.o and openssh-3.7.1p1/linux/auth-chall.o differ Binary files openssh-3.7p1/linux/auth-krb5.o and openssh-3.7.1p1/linux/auth-krb5.o differ Binary files openssh-3.7p1/linux/auth-options.o and openssh-3.7.1p1/linux/auth-options.o differ Binary files openssh-3.7p1/linux/auth-pam.o and openssh-3.7.1p1/linux/auth-pam.o differ Binary files openssh-3.7p1/linux/auth-passwd.o and openssh-3.7.1p1/linux/auth-passwd.o differ Binary files openssh-3.7p1/linux/auth-rh-rsa.o and openssh-3.7.1p1/linux/auth-rh-rsa.o differ Binary files openssh-3.7p1/linux/auth-rhosts.o and openssh-3.7.1p1/linux/auth-rhosts.o differ Binary files openssh-3.7p1/linux/auth-rsa.o and openssh-3.7.1p1/linux/auth-rsa.o differ Binary files openssh-3.7p1/linux/auth-sia.o and openssh-3.7.1p1/linux/auth-sia.o differ Binary files openssh-3.7p1/linux/auth-skey.o and openssh-3.7.1p1/linux/auth-skey.o differ Binary files openssh-3.7p1/linux/auth.o and openssh-3.7.1p1/linux/auth.o differ Binary files openssh-3.7p1/linux/auth1.o and openssh-3.7.1p1/linux/auth1.o differ Binary files openssh-3.7p1/linux/auth2-chall.o and openssh-3.7.1p1/linux/auth2-chall.o differ Binary files openssh-3.7p1/linux/auth2-gss.o and openssh-3.7.1p1/linux/auth2-gss.o differ Binary files openssh-3.7p1/linux/auth2-hostbased.o and openssh-3.7.1p1/linux/auth2-hostbased.o differ Binary files openssh-3.7p1/linux/auth2-kbdint.o and openssh-3.7.1p1/linux/auth2-kbdint.o differ Binary files openssh-3.7p1/linux/auth2-none.o and openssh-3.7.1p1/linux/auth2-none.o differ Binary files openssh-3.7p1/linux/auth2-passwd.o and openssh-3.7.1p1/linux/auth2-passwd.o differ Binary files openssh-3.7p1/linux/auth2-pubkey.o and openssh-3.7.1p1/linux/auth2-pubkey.o differ Binary files openssh-3.7p1/linux/auth2.o and openssh-3.7.1p1/linux/auth2.o differ Binary files openssh-3.7p1/linux/authfd.o and openssh-3.7.1p1/linux/authfd.o differ Binary files openssh-3.7p1/linux/authfile.o and openssh-3.7.1p1/linux/authfile.o differ Binary files openssh-3.7p1/linux/bufaux.o and openssh-3.7.1p1/linux/bufaux.o differ Binary files openssh-3.7p1/linux/buffer.o and openssh-3.7.1p1/linux/buffer.o differ Binary files openssh-3.7p1/linux/canohost.o and openssh-3.7.1p1/linux/canohost.o differ Binary files openssh-3.7p1/linux/channels.o and openssh-3.7.1p1/linux/channels.o differ Binary files openssh-3.7p1/linux/cipher-3des1.o and openssh-3.7.1p1/linux/cipher-3des1.o differ Binary files openssh-3.7p1/linux/cipher-aes.o and openssh-3.7.1p1/linux/cipher-aes.o differ Binary files openssh-3.7p1/linux/cipher-bf1.o and openssh-3.7.1p1/linux/cipher-bf1.o differ Binary files openssh-3.7p1/linux/cipher-ctr.o and openssh-3.7.1p1/linux/cipher-ctr.o differ Binary files openssh-3.7p1/linux/cipher.o and openssh-3.7.1p1/linux/cipher.o differ Binary files openssh-3.7p1/linux/clientloop.o and openssh-3.7.1p1/linux/clientloop.o differ Binary files openssh-3.7p1/linux/compat.o and openssh-3.7.1p1/linux/compat.o differ Binary files openssh-3.7p1/linux/compress.o and openssh-3.7.1p1/linux/compress.o differ diff -ru --new-file openssh-3.7p1/linux/config.h openssh-3.7.1p1/linux/config.h --- openssh-3.7p1/linux/config.h 2003-09-16 16:40:07.000000000 +1000 +++ openssh-3.7.1p1/linux/config.h 1970-01-01 10:00:00.000000000 +1000 @@ -1,995 +0,0 @@ -/* config.h. Generated automatically by configure. */ -/* config.h.in. Generated automatically from configure.ac by autoheader. */ -/* $Id: acconfig.h,v 1.166 2003/09/16 01:52:19 dtucker Exp $ */ - -/* - * Copyright (c) 1999-2003 Damien Miller. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _CONFIG_H -#define _CONFIG_H - -/* Generated automatically from acconfig.h by autoheader. */ -/* Please make your changes there */ - - - -/* Define if your platform breaks doing a seteuid before a setuid */ -/* #undef SETEUID_BREAKS_SETUID */ - -/* Define if your setreuid() is broken */ -/* #undef BROKEN_SETREUID */ - -/* Define if your setregid() is broken */ -/* #undef BROKEN_SETREGID */ - -/* Define to a Set Process Title type if your system is */ -/* supported by bsd-setproctitle.c */ -#define SPT_TYPE SPT_REUSEARGV -/* #undef SPT_PADCHAR */ - -/* setgroups() NOOP allowed */ -/* #undef SETGROUPS_NOOP */ - -/* SCO workaround */ -/* #undef BROKEN_SYS_TERMIO_H */ - -/* Define if you have SecureWare-based protected password database */ -/* #undef HAVE_SECUREWARE */ - -/* If your header files don't define LOGIN_PROGRAM, then use this (detected) */ -/* from environment and PATH */ -#define LOGIN_PROGRAM_FALLBACK "/bin/login" - -/* Define if your password has a pw_class field */ -/* #undef HAVE_PW_CLASS_IN_PASSWD */ - -/* Define if your password has a pw_expire field */ -/* #undef HAVE_PW_EXPIRE_IN_PASSWD */ - -/* Define if your password has a pw_change field */ -/* #undef HAVE_PW_CHANGE_IN_PASSWD */ - -/* Define if your system uses access rights style file descriptor passing */ -/* #undef HAVE_ACCRIGHTS_IN_MSGHDR */ - -/* Define if your system uses ancillary data style file descriptor passing */ -#define HAVE_CONTROL_IN_MSGHDR 1 - -/* Define if you system's inet_ntoa is busted (e.g. Irix gcc issue) */ -/* #undef BROKEN_INET_NTOA */ - -/* Define if your system defines sys_errlist[] */ -#define HAVE_SYS_ERRLIST 1 - -/* Define if your system defines sys_nerr */ -#define HAVE_SYS_NERR 1 - -/* Define if your system choked on IP TOS setting */ -/* #undef IP_TOS_IS_BROKEN */ - -/* Define if you have the getuserattr function. */ -/* #undef HAVE_GETUSERATTR */ - -/* Work around problematic Linux PAM modules handling of PAM_TTY */ -#define PAM_TTY_KLUDGE 1 - -/* Use PIPES instead of a socketpair() */ -/* #undef USE_PIPES */ - -/* Define if your snprintf is busted */ -/* #undef BROKEN_SNPRINTF */ - -/* Define if you are on Cygwin */ -/* #undef HAVE_CYGWIN */ - -/* Define if you have a broken realpath. */ -/* #undef BROKEN_REALPATH */ - -/* Define if you are on NeXT */ -/* #undef HAVE_NEXT */ - -/* Define if you are on NEWS-OS */ -/* #undef HAVE_NEWS4 */ - -/* Define if you want to enable PAM support */ -/* #undef USE_PAM */ - -/* Define if you want to enable AIX4's authenticate function */ -/* #undef WITH_AIXAUTHENTICATE */ - -/* Define if your AIX loginfailed() function takes 4 arguments (AIX >= 5.2) */ -/* #undef AIX_LOGINFAILED_4ARG */ - -/* Define if you have/want arrays (cluster-wide session managment, not C arrays) */ -/* #undef WITH_IRIX_ARRAY */ - -/* Define if you want IRIX project management */ -/* #undef WITH_IRIX_PROJECT */ - -/* Define if you want IRIX audit trails */ -/* #undef WITH_IRIX_AUDIT */ - -/* Define if you want IRIX kernel jobs */ -/* #undef WITH_IRIX_JOBS */ - -/* Location of PRNGD/EGD random number socket */ -/* #undef PRNGD_SOCKET */ - -/* Port number of PRNGD/EGD random number socket */ -/* #undef PRNGD_PORT */ - -/* Builtin PRNG command timeout */ -#define ENTROPY_TIMEOUT_MSEC 200 - -/* non-privileged user for privilege separation */ -#define SSH_PRIVSEP_USER "sshd" - -/* Define if you want to install preformatted manpages.*/ -/* #undef MANTYPE */ - -/* Define if your ssl headers are included with #include */ -#define HAVE_OPENSSL 1 - -/* Define if you are linking against RSAref. Used only to print the right - * message at run-time. */ -/* #undef RSAREF */ - -/* struct timeval */ -#define HAVE_STRUCT_TIMEVAL 1 - -/* struct utmp and struct utmpx fields */ -#define HAVE_HOST_IN_UTMP 1 -#define HAVE_HOST_IN_UTMPX 1 -#define HAVE_ADDR_IN_UTMP 1 -#define HAVE_ADDR_IN_UTMPX 1 -#define HAVE_ADDR_V6_IN_UTMP 1 -#define HAVE_ADDR_V6_IN_UTMPX 1 -/* #undef HAVE_SYSLEN_IN_UTMPX */ -#define HAVE_PID_IN_UTMP 1 -#define HAVE_TYPE_IN_UTMP 1 -#define HAVE_TYPE_IN_UTMPX 1 -#define HAVE_TV_IN_UTMP 1 -#define HAVE_TV_IN_UTMPX 1 -#define HAVE_ID_IN_UTMP 1 -#define HAVE_ID_IN_UTMPX 1 -#define HAVE_EXIT_IN_UTMP 1 -/* #undef HAVE_TIME_IN_UTMP */ -/* #undef HAVE_TIME_IN_UTMPX */ - -/* Define if you don't want to use your system's login() call */ -/* #undef DISABLE_LOGIN */ - -/* Define if you don't want to use pututline() etc. to write [uw]tmp */ -/* #undef DISABLE_PUTUTLINE */ - -/* Define if you don't want to use pututxline() etc. to write [uw]tmpx */ -/* #undef DISABLE_PUTUTXLINE */ - -/* Define if you don't want to use lastlog */ -/* #undef DISABLE_LASTLOG */ - -/* Define if you don't want to use lastlog in session.c */ -/* #undef NO_SSH_LASTLOG */ - -/* Define if you don't want to use utmp */ -/* #undef DISABLE_UTMP */ - -/* Define if you don't want to use utmpx */ -#define DISABLE_UTMPX 1 - -/* Define if you don't want to use wtmp */ -/* #undef DISABLE_WTMP */ - -/* Define if you don't want to use wtmpx */ -#define DISABLE_WTMPX 1 - -/* Some systems need a utmpx entry for /bin/login to work */ -/* #undef LOGIN_NEEDS_UTMPX */ - -/* Some versions of /bin/login need the TERM supplied on the commandline */ -/* #undef LOGIN_NEEDS_TERM */ - -/* Define if your login program cannot handle end of options ("--") */ -/* #undef LOGIN_NO_ENDOPT */ - -/* Define if you want to specify the path to your lastlog file */ -/* #undef CONF_LASTLOG_FILE */ - -/* Define if you want to specify the path to your utmp file */ -/* #undef CONF_UTMP_FILE */ - -/* Define if you want to specify the path to your wtmp file */ -/* #undef CONF_WTMP_FILE */ - -/* Define if you want to specify the path to your utmpx file */ -/* #undef CONF_UTMPX_FILE */ - -/* Define if you want to specify the path to your wtmpx file */ -/* #undef CONF_WTMPX_FILE */ - -/* Define if you want external askpass support */ -/* #undef USE_EXTERNAL_ASKPASS */ - -/* Define if libc defines __progname */ -#define HAVE___PROGNAME 1 - -/* Define if compiler implements __FUNCTION__ */ -#define HAVE___FUNCTION__ 1 - -/* Define if compiler implements __func__ */ -#define HAVE___func__ 1 - -/* Define this is you want GSSAPI support in the version 2 protocol */ -/* #undef GSSAPI */ - -/* Define if you want Kerberos 5 support */ -/* #undef KRB5 */ - -/* Define this if you are using the Heimdal version of Kerberos V5 */ -/* #undef HEIMDAL */ - -/* Define if you want S/Key support */ -/* #undef SKEY */ - -/* Define if you want TCP Wrappers support */ -/* #undef LIBWRAP */ - -/* Define if your libraries define login() */ -#define HAVE_LOGIN 1 - -/* Define if your libraries define daemon() */ -#define HAVE_DAEMON 1 - -/* Define if your libraries define getpagesize() */ -#define HAVE_GETPAGESIZE 1 - -/* Define if xauth is found in your path */ -#define XAUTH_PATH "/usr/X11R6/bin/xauth" - -/* Define if you want to allow MD5 passwords */ -/* #undef HAVE_MD5_PASSWORDS */ - -/* Define if you want to disable shadow passwords */ -/* #undef DISABLE_SHADOW */ - -/* Define if you want to use shadow password expire field */ -#define HAS_SHADOW_EXPIRE 1 - -/* Define if you have Digital Unix Security Integration Architecture */ -/* #undef HAVE_OSF_SIA */ - -/* Define if you have getpwanam(3) [SunOS 4.x] */ -/* #undef HAVE_GETPWANAM */ - -/* Define if you have an old version of PAM which takes only one argument */ -/* to pam_strerror */ -/* #undef HAVE_OLD_PAM */ - -/* Define if you are using Solaris-derived PAM which passes pam_messages */ -/* to the conversation function with an extra level of indirection */ -/* #undef PAM_SUN_CODEBASE */ - -/* Set this to your mail directory if you don't have maillock.h */ -#define MAIL_DIRECTORY "/var/spool/mail" - -/* Data types */ -#define HAVE_U_INT 1 -#define HAVE_INTXX_T 1 -#define HAVE_U_INTXX_T 1 -#define HAVE_UINTXX_T 1 -#define HAVE_INT64_T 1 -#define HAVE_U_INT64_T 1 -#define HAVE_U_CHAR 1 -#define HAVE_SIZE_T 1 -#define HAVE_SSIZE_T 1 -#define HAVE_CLOCK_T 1 -#define HAVE_MODE_T 1 -#define HAVE_PID_T 1 -#define HAVE_SA_FAMILY_T 1 -#define HAVE_STRUCT_SOCKADDR_STORAGE 1 -#define HAVE_STRUCT_ADDRINFO 1 -#define HAVE_STRUCT_IN6_ADDR 1 -#define HAVE_STRUCT_SOCKADDR_IN6 1 - -/* Fields in struct sockaddr_storage */ -#define HAVE_SS_FAMILY_IN_SS 1 -/* #undef HAVE___SS_FAMILY_IN_SS */ - -/* Define if you have /dev/ptmx */ -/* #undef HAVE_DEV_PTMX */ - -/* Define if you have /dev/ptc */ -/* #undef HAVE_DEV_PTS_AND_PTC */ - -/* Define if you need to use IP address instead of hostname in $DISPLAY */ -/* #undef IPADDR_IN_DISPLAY */ - -/* Specify default $PATH */ -#define USER_PATH "/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin" - -/* Specify location of ssh.pid */ -#define _PATH_SSH_PIDDIR "/var/run" - -/* getaddrinfo is broken (if present) */ -/* #undef BROKEN_GETADDRINFO */ - -/* Workaround more Linux IPv6 quirks */ -#define DONT_TRY_OTHER_AF 1 - -/* Detect IPv4 in IPv6 mapped addresses and treat as IPv4 */ -#define IPV4_IN_IPV6 1 - -/* Define if you have BSD auth support */ -/* #undef BSD_AUTH */ - -/* Define if X11 doesn't support AF_UNIX sockets on that system */ -/* #undef NO_X11_UNIX_SOCKETS */ - -/* Define if the concept of ports only accessible to superusers isn't known */ -/* #undef NO_IPPORT_RESERVED_CONCEPT */ - -/* Needed for SCO and NeXT */ -/* #undef BROKEN_SAVED_UIDS */ - -/* Define if your system glob() function has the GLOB_ALTDIRFUNC extension */ -#define GLOB_HAS_ALTDIRFUNC 1 - -/* Define if your system glob() function has gl_matchc options in glob_t */ -/* #undef GLOB_HAS_GL_MATCHC */ - -/* Define in your struct dirent expects you to allocate extra space for d_name */ -/* #undef BROKEN_ONE_BYTE_DIRENT_D_NAME */ - -/* Define if your system has /etc/default/login */ -/* #undef HAVE_ETC_DEFAULT_LOGIN */ - -/* Define if your getopt(3) defines and uses optreset */ -/* #undef HAVE_GETOPT_OPTRESET */ - -/* Define on *nto-qnx systems */ -/* #undef MISSING_NFDBITS */ - -/* Define on *nto-qnx systems */ -/* #undef MISSING_HOWMANY */ - -/* Define on *nto-qnx systems */ -/* #undef MISSING_FD_MASK */ - -/* Define if you want smartcard support */ -/* #undef SMARTCARD */ - -/* Define if you want smartcard support using sectok */ -/* #undef USE_SECTOK */ - -/* Define if you want smartcard support using OpenSC */ -/* #undef USE_OPENSC */ - -/* Define if you want to use OpenSSL's internally seeded PRNG only */ -#define OPENSSL_PRNG_ONLY 1 - -/* Define if you shouldn't strip 'tty' from your ttyname in [uw]tmp */ -/* #undef WITH_ABBREV_NO_TTY */ - -/* Define if you want a different $PATH for the superuser */ -/* #undef SUPERUSER_PATH */ - -/* Path that unprivileged child will chroot() to in privep mode */ -/* #undef PRIVSEP_PATH */ - -/* Define if your platform needs to skip post auth file descriptor passing */ -/* #undef DISABLE_FD_PASSING */ - -/* Silly mkstemp() */ -#define HAVE_STRICT_MKSTEMP 1 - -/* Some systems put this outside of libc */ -#define HAVE_NANOSLEEP 1 - -/* Define if sshd somehow reacquires a controlling TTY after setsid() */ -/* #undef SSHD_ACQUIRES_CTTY */ - -/* Define if cmsg_type is not passed correctly */ -/* #undef BROKEN_CMSG_TYPE */ - -/* Strings used in /etc/passwd to denote locked account */ -/* #undef LOCKED_PASSWD_STRING */ -#define LOCKED_PASSWD_PREFIX "!!" -/* #undef LOCKED_PASSWD_SUBSTR */ - -/* Define if DNS support is to be activated */ -/* #undef DNS */ - -/* Define if getrrsetbyname() exists */ -/* #undef HAVE_GETRRSETBYNAME */ - -/* Define if HEADER.ad exists in arpa/nameser.h */ -/* #undef HAVE_HEADER_AD */ - - -/* Define if the `getpgrp' function takes no argument. */ -#define GETPGRP_VOID 1 - -/* Define if you have the `arc4random' function. */ -/* #undef HAVE_ARC4RANDOM */ - -/* Define if you have the `b64_ntop' function. */ -/* #undef HAVE_B64_NTOP */ - -/* Define if you have the `b64_pton' function. */ -/* #undef HAVE_B64_PTON */ - -/* Define if you have the `basename' function. */ -#define HAVE_BASENAME 1 - -/* Define if you have the `bcopy' function. */ -#define HAVE_BCOPY 1 - -/* Define if you have the `bindresvport_sa' function. */ -/* #undef HAVE_BINDRESVPORT_SA */ - -/* Define if you have the header file. */ -/* #undef HAVE_BSTRING_H */ - -/* Define if you have the `clock' function. */ -#define HAVE_CLOCK 1 - -/* Define if you have the header file. */ -#define HAVE_CRYPT_H 1 - -/* Define if you have the `dirname' function. */ -#define HAVE_DIRNAME 1 - -/* Define if you have the header file. */ -#define HAVE_ENDIAN_H 1 - -/* Define if you have the `endutent' function. */ -#define HAVE_ENDUTENT 1 - -/* Define if you have the `endutxent' function. */ -#define HAVE_ENDUTXENT 1 - -/* Define if you have the `fchmod' function. */ -#define HAVE_FCHMOD 1 - -/* Define if you have the `fchown' function. */ -#define HAVE_FCHOWN 1 - -/* Define if you have the header file. */ -#define HAVE_FEATURES_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_FLOATINGPOINT_H */ - -/* Define if you have the `freeaddrinfo' function. */ -#define HAVE_FREEADDRINFO 1 - -/* Define if you have the `futimes' function. */ -/* #undef HAVE_FUTIMES */ - -/* Define if you have the `gai_strerror' function. */ -#define HAVE_GAI_STRERROR 1 - -/* Define if you have the `getaddrinfo' function. */ -#define HAVE_GETADDRINFO 1 - -/* Define if you have the `getcwd' function. */ -#define HAVE_GETCWD 1 - -/* Define if you have the `getgrouplist' function. */ -#define HAVE_GETGROUPLIST 1 - -/* Define if you have the `getluid' function. */ -/* #undef HAVE_GETLUID */ - -/* Define if you have the `getnameinfo' function. */ -#define HAVE_GETNAMEINFO 1 - -/* Define if you have the `getopt' function. */ -#define HAVE_GETOPT 1 - -/* Define if you have the header file. */ -#define HAVE_GETOPT_H 1 - -/* Define if you have the `getpeereid' function. */ -/* #undef HAVE_GETPEEREID */ - -/* Define if you have the `getpwanam' function. */ -/* #undef HAVE_GETPWANAM */ - -/* Define if you have the `getrlimit' function. */ -#define HAVE_GETRLIMIT 1 - -/* Define if you have the `getrusage' function. */ -/* #undef HAVE_GETRUSAGE */ - -/* Define if you have the `gettimeofday' function. */ -#define HAVE_GETTIMEOFDAY 1 - -/* Define if you have the `getttyent' function. */ -#define HAVE_GETTTYENT 1 - -/* Define if you have the `getutent' function. */ -#define HAVE_GETUTENT 1 - -/* Define if you have the `getutid' function. */ -#define HAVE_GETUTID 1 - -/* Define if you have the `getutline' function. */ -#define HAVE_GETUTLINE 1 - -/* Define if you have the `getutxent' function. */ -#define HAVE_GETUTXENT 1 - -/* Define if you have the `getutxid' function. */ -#define HAVE_GETUTXID 1 - -/* Define if you have the `getutxline' function. */ -#define HAVE_GETUTXLINE 1 - -/* Define if you have the `glob' function. */ -#define HAVE_GLOB 1 - -/* Define if you have the header file. */ -#define HAVE_GLOB_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_GSSAPI_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_IA_H */ - -/* Define if you have the `inet_aton' function. */ -#define HAVE_INET_ATON 1 - -/* Define if you have the `inet_ntoa' function. */ -#define HAVE_INET_NTOA 1 - -/* Define if you have the `inet_ntop' function. */ -#define HAVE_INET_NTOP 1 - -/* Define if you have the `innetgr' function. */ -#define HAVE_INNETGR 1 - -/* Define if you have the header file. */ -#define HAVE_INTTYPES_H 1 - -/* Define if you have the header file. */ -#define HAVE_LASTLOG_H 1 - -/* Define if you have the `crypt' library (-lcrypt). */ -/* #undef HAVE_LIBCRYPT */ - -/* Define if you have the `dl' library (-ldl). */ -/* #undef HAVE_LIBDL */ - -/* Define if you have the header file. */ -#define HAVE_LIBGEN_H 1 - -/* Define if you have the `nsl' library (-lnsl). */ -#define HAVE_LIBNSL 1 - -/* Define if you have the `pam' library (-lpam). */ -/* #undef HAVE_LIBPAM */ - -/* Define if you have the `sectok' library (-lsectok). */ -/* #undef HAVE_LIBSECTOK */ - -/* Define if you have the `socket' library (-lsocket). */ -/* #undef HAVE_LIBSOCKET */ - -/* Define if you have the header file. */ -/* #undef HAVE_LIBUTIL_H */ - -/* Define if you have the `xnet' library (-lxnet). */ -/* #undef HAVE_LIBXNET */ - -/* Define if you have the `z' library (-lz). */ -#define HAVE_LIBZ 1 - -/* Define if you have the header file. */ -#define HAVE_LIMITS_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_LOGIN_CAP_H */ - -/* Define if you have the `login_getcapbool' function. */ -/* #undef HAVE_LOGIN_GETCAPBOOL */ - -/* Define if you have the header file. */ -/* #undef HAVE_LOGIN_H */ - -/* Define if you have the `logout' function. */ -#define HAVE_LOGOUT 1 - -/* Define if you have the `logwtmp' function. */ -#define HAVE_LOGWTMP 1 - -/* Define if you have the header file. */ -/* #undef HAVE_MAILLOCK_H */ - -/* Define if you have the `md5_crypt' function. */ -/* #undef HAVE_MD5_CRYPT */ - -/* Define if you have the `memmove' function. */ -#define HAVE_MEMMOVE 1 - -/* Define if you have the header file. */ -#define HAVE_MEMORY_H 1 - -/* Define if you have the `mkdtemp' function. */ -#define HAVE_MKDTEMP 1 - -/* Define if you have the `mmap' function. */ -#define HAVE_MMAP 1 - -/* Define if you have the header file. */ -#define HAVE_NETDB_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_NETGROUP_H */ - -/* Define if you have the header file. */ -#define HAVE_NETINET_IN_SYSTM_H 1 - -/* Define if you have the `ngetaddrinfo' function. */ -/* #undef HAVE_NGETADDRINFO */ - -/* Define if you have the `nsleep' function. */ -/* #undef HAVE_NSLEEP */ - -/* Define if you have the `ogetaddrinfo' function. */ -/* #undef HAVE_OGETADDRINFO */ - -/* Define if you have the `openlog_r' function. */ -/* #undef HAVE_OPENLOG_R */ - -/* Define if you have the `openpty' function. */ -#define HAVE_OPENPTY 1 - -/* Define if you have the `pam_getenvlist' function. */ -/* #undef HAVE_PAM_GETENVLIST */ - -/* Define if you have the `pam_putenv' function. */ -/* #undef HAVE_PAM_PUTENV */ - -/* Define if you have the header file. */ -#define HAVE_PATHS_H 1 - -/* Define if you have the `pstat' function. */ -/* #undef HAVE_PSTAT */ - -/* Define if you have the header file. */ -#define HAVE_PTY_H 1 - -/* Define if you have the `pututline' function. */ -#define HAVE_PUTUTLINE 1 - -/* Define if you have the `pututxline' function. */ -#define HAVE_PUTUTXLINE 1 - -/* Define if you have the `readpassphrase' function. */ -/* #undef HAVE_READPASSPHRASE */ - -/* Define if you have the header file. */ -/* #undef HAVE_READPASSPHRASE_H */ - -/* Define if you have the `realpath' function. */ -#define HAVE_REALPATH 1 - -/* Define if you have the `recvmsg' function. */ -#define HAVE_RECVMSG 1 - -/* Define if you have the header file. */ -#define HAVE_RPC_TYPES_H 1 - -/* Define if you have the `rresvport_af' function. */ -#define HAVE_RRESVPORT_AF 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SECTOK_H */ - -/* Define if you have the header file. */ -#define HAVE_SECURITY_PAM_APPL_H 1 - -/* Define if you have the `sendmsg' function. */ -#define HAVE_SENDMSG 1 - -/* Define if you have the `setauthdb' function. */ -/* #undef HAVE_SETAUTHDB */ - -/* Define if you have the `setdtablesize' function. */ -/* #undef HAVE_SETDTABLESIZE */ - -/* Define if you have the `setegid' function. */ -#define HAVE_SETEGID 1 - -/* Define if you have the `setenv' function. */ -#define HAVE_SETENV 1 - -/* Define if you have the `seteuid' function. */ -#define HAVE_SETEUID 1 - -/* Define if you have the `setgroups' function. */ -#define HAVE_SETGROUPS 1 - -/* Define if you have the `setlogin' function. */ -/* #undef HAVE_SETLOGIN */ - -/* Define if you have the `setluid' function. */ -/* #undef HAVE_SETLUID */ - -/* Define if you have the `setpcred' function. */ -/* #undef HAVE_SETPCRED */ - -/* Define if you have the `setproctitle' function. */ -/* #undef HAVE_SETPROCTITLE */ - -/* Define if you have the `setregid' function. */ -#define HAVE_SETREGID 1 - -/* Define if you have the `setresgid' function. */ -#define HAVE_SETRESGID 1 - -/* Define if you have the `setresuid' function. */ -#define HAVE_SETRESUID 1 - -/* Define if you have the `setreuid' function. */ -#define HAVE_SETREUID 1 - -/* Define if you have the `setrlimit' function. */ -#define HAVE_SETRLIMIT 1 - -/* Define if you have the `setsid' function. */ -#define HAVE_SETSID 1 - -/* Define if you have the `setutent' function. */ -#define HAVE_SETUTENT 1 - -/* Define if you have the `setutxent' function. */ -#define HAVE_SETUTXENT 1 - -/* Define if you have the `setvbuf' function. */ -#define HAVE_SETVBUF 1 - -/* Define if you have the header file. */ -#define HAVE_SHADOW_H 1 - -/* Define if you have the `sigaction' function. */ -#define HAVE_SIGACTION 1 - -/* Define if you have the `sigvec' function. */ -#define HAVE_SIGVEC 1 - -/* Define if the system has the type `sig_atomic_t'. */ -#define HAVE_SIG_ATOMIC_T 1 - -/* Define if you have the `snprintf' function. */ -#define HAVE_SNPRINTF 1 - -/* Define if you have the `socketpair' function. */ -#define HAVE_SOCKETPAIR 1 - -/* Define if you have the header file. */ -#define HAVE_STDDEF_H 1 - -/* Define if you have the header file. */ -#define HAVE_STDINT_H 1 - -/* Define if you have the header file. */ -#define HAVE_STDLIB_H 1 - -/* Define if you have the `strerror' function. */ -#define HAVE_STRERROR 1 - -/* Define if you have the `strftime' function. */ -#define HAVE_STRFTIME 1 - -/* Define if you have the header file. */ -#define HAVE_STRINGS_H 1 - -/* Define if you have the header file. */ -#define HAVE_STRING_H 1 - -/* Define if you have the `strlcat' function. */ -/* #undef HAVE_STRLCAT */ - -/* Define if you have the `strlcpy' function. */ -/* #undef HAVE_STRLCPY */ - -/* Define if you have the `strmode' function. */ -/* #undef HAVE_STRMODE */ - -/* Define if you have the `strnvis' function. */ -/* #undef HAVE_STRNVIS */ - -/* Define if you have the `strsep' function. */ -#define HAVE_STRSEP 1 - -/* Define if `st_blksize' is member of `struct stat'. */ -#define HAVE_STRUCT_STAT_ST_BLKSIZE 1 - -/* Define if the system has the type `struct timespec'. */ -#define HAVE_STRUCT_TIMESPEC 1 - -/* Define if you have the `sysconf' function. */ -#define HAVE_SYSCONF 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_AUDIT_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_BITYPES_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_BSDTTY_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_CDEFS_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_MMAN_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_PSTAT_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_SELECT_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_STAT_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_STROPTS_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_STRTIO_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_SYSMACROS_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_TIMERS_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_TIME_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_TYPES_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_UN_H 1 - -/* Define if you have the `tcgetpgrp' function. */ -#define HAVE_TCGETPGRP 1 - -/* Define if you have the `tcsendbreak' function. */ -#define HAVE_TCSENDBREAK 1 - -/* Define if you have the `time' function. */ -#define HAVE_TIME 1 - -/* Define if you have the header file. */ -#define HAVE_TIME_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_TMPDIR_H */ - -/* Define if you have the `truncate' function. */ -#define HAVE_TRUNCATE 1 - -/* Define if you have the header file. */ -#define HAVE_TTYENT_H 1 - -/* Define if you have the header file. */ -#define HAVE_UNISTD_H 1 - -/* Define if you have the `updwtmp' function. */ -#define HAVE_UPDWTMP 1 - -/* Define if you have the header file. */ -/* #undef HAVE_USERSEC_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_UTIL_H */ - -/* Define if you have the `utimes' function. */ -#define HAVE_UTIMES 1 - -/* Define if you have the header file. */ -#define HAVE_UTIME_H 1 - -/* Define if you have the `utmpname' function. */ -#define HAVE_UTMPNAME 1 - -/* Define if you have the `utmpxname' function. */ -#define HAVE_UTMPXNAME 1 - -/* Define if you have the header file. */ -#define HAVE_UTMPX_H 1 - -/* Define if you have the header file. */ -#define HAVE_UTMP_H 1 - -/* Define if you have the `vhangup' function. */ -#define HAVE_VHANGUP 1 - -/* Define if you have the `vsnprintf' function. */ -#define HAVE_VSNPRINTF 1 - -/* Define if you have the `waitpid' function. */ -#define HAVE_WAITPID 1 - -/* Define if you have the `_getlong' function. */ -/* #undef HAVE__GETLONG */ - -/* Define if you have the `_getpty' function. */ -/* #undef HAVE__GETPTY */ - -/* Define if you have the `_getshort' function. */ -/* #undef HAVE__GETSHORT */ - -/* Define if you have the `__b64_ntop' function. */ -/* #undef HAVE___B64_NTOP */ - -/* Define if you have the `__b64_pton' function. */ -/* #undef HAVE___B64_PTON */ - -/* The size of a `char', as computed by sizeof. */ -#define SIZEOF_CHAR 1 - -/* The size of a `int', as computed by sizeof. */ -#define SIZEOF_INT 4 - -/* The size of a `long int', as computed by sizeof. */ -#define SIZEOF_LONG_INT 4 - -/* The size of a `long long int', as computed by sizeof. */ -#define SIZEOF_LONG_LONG_INT 8 - -/* The size of a `short int', as computed by sizeof. */ -#define SIZEOF_SHORT_INT 2 - -/* Define if you have the ANSI C header files. */ -#define STDC_HEADERS 1 - -/* Define if your processor stores words with the most significant byte first - (like Motorola and SPARC, unlike Intel and VAX). */ -/* #undef WORDS_BIGENDIAN */ - -/* Number of bits in a file offset, on hosts where this is settable. */ -#define _FILE_OFFSET_BITS 64 - -/* Define for large files, on AIX-style hosts. */ -/* #undef _LARGE_FILES */ - -/* Define as `__inline' if that's what the C compiler calls it, or to nothing - if it is not supported. */ -/* #undef inline */ - -/* type to use in place of socklen_t if not defined */ -/* #undef socklen_t */ - -/* ******************* Shouldn't need to edit below this line ************** */ - -#endif /* _CONFIG_H */ diff -ru --new-file openssh-3.7p1/linux/config.log openssh-3.7.1p1/linux/config.log --- openssh-3.7p1/linux/config.log 2003-09-16 16:40:08.000000000 +1000 +++ openssh-3.7.1p1/linux/config.log 1970-01-01 10:00:00.000000000 +1000 @@ -1,3385 +0,0 @@ -This file contains any messages produced by compilers while -running configure, to aid debugging if configure makes a mistake. - -It was created by configure, which was -generated by GNU Autoconf 2.52. Invocation command line was - - $ ../configure - -## ---------- ## -## Platform. ## -## ---------- ## - -hostname = gate -uname -m = i686 -uname -r = 2.4.20-20.8 -uname -s = Linux -uname -v = #1 Mon Aug 18 15:11:31 EDT 2003 - -/usr/bin/uname -p = unknown -/bin/uname -X = unknown - -/bin/arch = i686 -/usr/bin/arch -k = unknown -/usr/convex/getsysinfo = unknown -hostinfo = unknown -/bin/machine = unknown -/usr/bin/oslevel = unknown -/bin/universe = unknown - -PATH = /usr/local/bin:/bin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/local/avr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/local/avr/bin - -## ------------ ## -## Core tests. ## -## ------------ ## - -configure:1001: PATH=".;."; conftest.sh -../configure: line 1002: conftest.sh: command not found -configure:1004: $? = 127 -configure:1058: checking for gcc -configure:1073: found /usr/bin/gcc -configure:1081: result: gcc -configure:1309: checking for C compiler version -configure:1312: gcc --version &5 -gcc (GCC) 3.2 20020903 (Red Hat Linux 8.0 3.2-7) -Copyright (C) 2002 Free Software Foundation, Inc. -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - -configure:1315: $? = 0 -configure:1317: gcc -v &5 -Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/3.2/specs -Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --disable-checking --host=i386-redhat-linux --with-system-zlib --enable-__cxa_atexit -Thread model: posix -gcc version 3.2 20020903 (Red Hat Linux 8.0 3.2-7) -configure:1320: $? = 0 -configure:1322: gcc -V &5 -gcc: argument to `-V' is missing -configure:1325: $? = 1 -configure:1345: checking for C compiler default output -configure:1348: gcc conftest.c >&5 -configure:1351: $? = 0 -configure:1380: result: a.out -configure:1385: checking whether the C compiler works -configure:1391: ./a.out -configure:1394: $? = 0 -configure:1409: result: yes -configure:1416: checking whether we are cross compiling -configure:1418: result: no -configure:1421: checking for executable suffix -configure:1423: gcc -o conftest conftest.c >&5 -configure:1426: $? = 0 -configure:1448: result: -configure:1454: checking for object suffix -configure:1472: gcc -c conftest.c >&5 -configure:1475: $? = 0 -configure:1494: result: o -configure:1498: checking whether we are using the GNU C compiler -configure:1519: gcc -c conftest.c >&5 -configure:1522: $? = 0 -configure:1525: test -s conftest.o -configure:1528: $? = 0 -configure:1540: result: yes -configure:1546: checking whether gcc accepts -g -configure:1564: gcc -c -g conftest.c >&5 -configure:1567: $? = 0 -configure:1570: test -s conftest.o -configure:1573: $? = 0 -configure:1583: result: yes -configure:1610: gcc -c -g -O2 conftest.c >&5 -conftest.c:2: parse error before "me" -configure:1613: $? = 1 -configure: failed program was: -#ifndef __cplusplus - choke me -#endif -configure:1742: checking build system type -configure:1760: result: i686-pc-linux-gnu -configure:1767: checking host system type -configure:1781: result: i686-pc-linux-gnu -configure:1788: checking whether byte ordering is bigendian -configure:1813: gcc -c -g -O2 conftest.c >&5 -configure:1816: $? = 0 -configure:1819: test -s conftest.o -configure:1822: $? = 0 -configure:1843: gcc -c -g -O2 conftest.c >&5 -configure: In function `main': -configure:1834: `not' undeclared (first use in this function) -configure:1834: (Each undeclared identifier is reported only once -configure:1834: for each function it appears in.) -configure:1834: parse error before "big" -configure:1846: $? = 1 -configure: failed program was: -#line 1826 "configure" -#include "confdefs.h" -#include -#include - -int -main () -{ -#if BYTE_ORDER != BIG_ENDIAN - not big endian -#endif - - ; - return 0; -} -configure:1910: result: no -configure:1925: checking for mawk -configure:1951: result: no -configure:1925: checking for gawk -configure:1940: found /bin/gawk -configure:1948: result: gawk -configure:1963: checking how to run the C preprocessor -configure:1989: gcc -E conftest.c -configure:1995: $? = 0 -configure:2022: gcc -E conftest.c -configure:2019:28: ac_nonexistent.h: No such file or directory -configure:2028: $? = 1 -configure: failed program was: -#line 2018 "configure" -#include "confdefs.h" -#include -configure:2065: result: gcc -E -configure:2080: gcc -E conftest.c -configure:2086: $? = 0 -configure:2113: gcc -E conftest.c -configure:2110:28: ac_nonexistent.h: No such file or directory -configure:2119: $? = 1 -configure: failed program was: -#line 2109 "configure" -#include "confdefs.h" -#include -configure:2196: checking for ranlib -configure:2211: found /usr/local/bin/ranlib -configure:2220: result: ranlib -configure:2244: checking for a BSD compatible install -configure:2293: result: /usr/bin/install -c -configure:2306: checking for ar -configure:2323: found /usr/local/bin/ar -configure:2334: result: /usr/local/bin/ar -configure:2345: checking for perl5 -configure:2376: result: no -configure:2345: checking for perl -configure:2362: found /usr/local/bin/perl -configure:2373: result: /usr/local/bin/perl -configure:2385: checking for sed -configure:2402: found /bin/sed -configure:2413: result: /bin/sed -configure:2422: checking for ent -configure:2453: result: no -configure:2459: checking for bash -configure:2476: found /bin/bash -configure:2487: result: /bin/bash -configure:2496: checking for ksh -configure:2524: result: /bin/bash -configure:2533: checking for sh -configure:2561: result: /bin/bash -configure:2570: checking for sh -configure:2587: found /bin/sh -configure:2598: result: /bin/sh -configure:2613: checking for special C compiler options needed for large files -configure:2687: result: no -configure:2693: checking for _FILE_OFFSET_BITS value needed for large files -configure:2721: gcc -c -g -O2 conftest.c >&5 -configure:2708: warning: left shift count >= width of type -configure:2708: warning: left shift count >= width of type -configure:2710: size of array `off_t_is_large' is negative -configure:2724: $? = 1 -configure: failed program was: -#line 2701 "configure" -#include "confdefs.h" -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -configure:2760: gcc -c -g -O2 conftest.c >&5 -configure:2763: $? = 0 -configure:2766: test -s conftest.o -configure:2769: $? = 0 -configure:2780: result: 64 -configure:2790: checking for _LARGE_FILES value needed for large files -configure:2818: gcc -c -g -O2 conftest.c >&5 -configure:2821: $? = 0 -configure:2824: test -s conftest.o -configure:2827: $? = 0 -configure:2877: result: no -configure:2905: checking for login -configure:2922: found /bin/login -configure:2933: result: /bin/login -configure:2952: checking for gcc option to accept ANSI C -configure:3009: gcc -c -g -O2 conftest.c >&5 -configure:3012: $? = 0 -configure:3015: test -s conftest.o -configure:3018: $? = 0 -configure:3035: result: none needed -configure:3043: checking for inline -configure:3060: gcc -c -g -O2 conftest.c >&5 -configure:3063: $? = 0 -configure:3066: test -s conftest.o -configure:3069: $? = 0 -configure:3080: result: inline -configure:4628: checking compiler and flags for sanity -configure:4644: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:4639: warning: implicit declaration of function `exit' -configure:4647: $? = 0 -configure:4649: ./conftest -configure:4652: $? = 0 -configure:4654: result: yes -configure:4685: checking for bstring.h -configure:4695: gcc -E conftest.c -configure:4692:21: bstring.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for crypt.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for endian.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for features.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for floatingpoint.h -configure:4695: gcc -E conftest.c -configure:4692:27: floatingpoint.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for getopt.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for glob.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for ia.h -configure:4695: gcc -E conftest.c -configure:4692:16: ia.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for lastlog.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for limits.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for login.h -configure:4695: gcc -E conftest.c -configure:4692:19: login.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for login_cap.h -configure:4695: gcc -E conftest.c -configure:4692:23: login_cap.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for maillock.h -configure:4695: gcc -E conftest.c -configure:4692:22: maillock.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for netdb.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for netgroup.h -configure:4695: gcc -E conftest.c -configure:4692:22: netgroup.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for netinet/in_systm.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for paths.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for pty.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for readpassphrase.h -configure:4695: gcc -E conftest.c -configure:4692:28: readpassphrase.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for rpc/types.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for security/pam_appl.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for shadow.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for stddef.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for stdint.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for strings.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/strtio.h -configure:4695: gcc -E conftest.c -configure:4692:24: sys/strtio.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for sys/audit.h -configure:4695: gcc -E conftest.c -configure:4692:23: sys/audit.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for sys/bitypes.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/bsdtty.h -configure:4695: gcc -E conftest.c -configure:4692:24: sys/bsdtty.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for sys/cdefs.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/mman.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/pstat.h -configure:4695: gcc -E conftest.c -configure:4692:23: sys/pstat.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for sys/select.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/stat.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/stropts.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/sysmacros.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/time.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for sys/timers.h -configure:4695: gcc -E conftest.c -configure:4692:24: sys/timers.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for sys/un.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for time.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for tmpdir.h -configure:4695: gcc -E conftest.c -configure:4692:20: tmpdir.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for ttyent.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for usersec.h -configure:4695: gcc -E conftest.c -configure:4692:21: usersec.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for util.h -configure:4695: gcc -E conftest.c -configure:4692:18: util.h: No such file or directory -configure:4701: $? = 1 -configure: failed program was: -#line 4691 "configure" -#include "confdefs.h" -#include -configure:4720: result: no -configure:4685: checking for utime.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for utmp.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4685: checking for utmpx.h -configure:4695: gcc -E conftest.c -configure:4701: $? = 0 -configure:4720: result: yes -configure:4731: checking for yp_match -configure:4768: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -/tmp/ccoAU1xi.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:4759: undefined reference to `yp_match' -collect2: ld returned 1 exit status -configure:4771: $? = 1 -configure: failed program was: -#line 4737 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char yp_match (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char yp_match (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_yp_match) || defined (__stub___yp_match) -choke me -#else -f = yp_match; -#endif - - ; - return 0; -} -configure:4787: result: no -configure:4793: checking for yp_match in -lnsl -configure:4820: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lnsl >&5 -configure:4823: $? = 0 -configure:4826: test -s conftest -configure:4829: $? = 0 -configure:4840: result: yes -configure:4853: checking for setsockopt -configure:4890: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lnsl >&5 -configure:4893: $? = 0 -configure:4896: test -s conftest -configure:4899: $? = 0 -configure:4909: result: yes -configure:5036: checking for dirname -configure:5073: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lnsl >&5 -configure:5076: $? = 0 -configure:5079: test -s conftest -configure:5082: $? = 0 -configure:5092: result: yes -configure:5102: checking for libgen.h -configure:5112: gcc -E conftest.c -configure:5118: $? = 0 -configure:5137: result: yes -configure:5320: checking for getspnam -configure:5357: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lnsl >&5 -configure:5360: $? = 0 -configure:5363: test -s conftest -configure:5366: $? = 0 -configure:5376: result: yes -configure:5436: checking for library containing basename -configure:5463: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lnsl >&5 -configure:5466: $? = 0 -configure:5469: test -s conftest -configure:5472: $? = 0 -configure:5525: result: none required -configure:5578: checking for deflate in -lz -configure:5605: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lz -lnsl >&5 -configure:5608: $? = 0 -configure:5611: test -s conftest -configure:5614: $? = 0 -configure:5625: result: yes -configure:5640: checking for strcasecmp -configure:5677: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lz -lnsl >&5 -configure:5680: $? = 0 -configure:5683: test -s conftest -configure:5686: $? = 0 -configure:5696: result: yes -configure:5756: checking for utimes -configure:5793: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lz -lnsl >&5 -configure:5796: $? = 0 -configure:5799: test -s conftest -configure:5802: $? = 0 -configure:5812: result: yes -configure:5879: checking for libutil.h -configure:5889: gcc -E conftest.c -configure:5886:21: libutil.h: No such file or directory -configure:5895: $? = 1 -configure: failed program was: -#line 5885 "configure" -#include "confdefs.h" -#include -configure:5914: result: no -configure:5924: checking for library containing login -configure:5951: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lz -lnsl >&5 -/tmp/ccyzt8hn.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:5944: undefined reference to `login' -collect2: ld returned 1 exit status -configure:5954: $? = 1 -configure: failed program was: -#line 5932 "configure" -#include "confdefs.h" - -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char login (); -int -main () -{ -login (); - ; - return 0; -} -configure:5991: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:5994: $? = 0 -configure:5997: test -s conftest -configure:6000: $? = 0 -configure:6013: result: -lutil -configure:6026: checking for logout -configure:6063: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6066: $? = 0 -configure:6069: test -s conftest -configure:6072: $? = 0 -configure:6082: result: yes -configure:6026: checking for updwtmp -configure:6063: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6066: $? = 0 -configure:6069: test -s conftest -configure:6072: $? = 0 -configure:6082: result: yes -configure:6026: checking for logwtmp -configure:6063: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6066: $? = 0 -configure:6069: test -s conftest -configure:6072: $? = 0 -configure:6082: result: yes -configure:6095: checking for strftime -configure:6132: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6135: $? = 0 -configure:6138: test -s conftest -configure:6141: $? = 0 -configure:6151: result: yes -configure:6221: checking for GLOB_ALTDIRFUNC support -configure:6240: result: yes -configure:6252: checking for gl_matchc field in glob_t -configure:6274: result: no -configure:6280: checking whether struct dirent allocates space for d_name -configure:6297: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure: In function `main': -configure:6292: warning: implicit declaration of function `exit' -configure:6300: $? = 0 -configure:6302: ./conftest -configure:6305: $? = 0 -configure:6307: result: yes -configure:6494: checking for arc4random -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/cca1ghk3.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `arc4random' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char arc4random (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char arc4random (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_arc4random) || defined (__stub___arc4random) -choke me -#else -f = arc4random; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for __b64_ntop -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccQjFb5i.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `__b64_ntop' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char __b64_ntop (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char __b64_ntop (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub___b64_ntop) || defined (__stub_____b64_ntop) -choke me -#else -f = __b64_ntop; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for b64_ntop -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccWe8eoP.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `b64_ntop' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char b64_ntop (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char b64_ntop (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_b64_ntop) || defined (__stub___b64_ntop) -choke me -#else -f = b64_ntop; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for __b64_pton -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccea8iFl.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `__b64_pton' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char __b64_pton (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char __b64_pton (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub___b64_pton) || defined (__stub_____b64_pton) -choke me -#else -f = __b64_pton; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for b64_pton -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccqx82Gw.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `b64_pton' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char b64_pton (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char b64_pton (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_b64_pton) || defined (__stub___b64_pton) -choke me -#else -f = b64_pton; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for basename -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for bcopy -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for bindresvport_sa -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccabuk15.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `bindresvport_sa' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char bindresvport_sa (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char bindresvport_sa (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_bindresvport_sa) || defined (__stub___bindresvport_sa) -choke me -#else -f = bindresvport_sa; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for clock -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for fchmod -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for fchown -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for freeaddrinfo -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for futimes -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure: In function `main': -configure:6520: `choke' undeclared (first use in this function) -configure:6520: (Each undeclared identifier is reported only once -configure:6520: for each function it appears in.) -configure:6520: parse error before "me" -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char futimes (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char futimes (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_futimes) || defined (__stub___futimes) -choke me -#else -f = futimes; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for gai_strerror -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for getaddrinfo -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for getcwd -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for getgrouplist -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for getnameinfo -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for getopt -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for getpeereid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccmNKT2w.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `getpeereid' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getpeereid (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char getpeereid (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_getpeereid) || defined (__stub___getpeereid) -choke me -#else -f = getpeereid; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for _getpty -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccAwtpe3.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `_getpty' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char _getpty (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char _getpty (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub__getpty) || defined (__stub____getpty) -choke me -#else -f = _getpty; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for getrlimit -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for getttyent -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for glob -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for inet_aton -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for inet_ntoa -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for inet_ntop -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for innetgr -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for login_getcapbool -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccGDPBeR.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `login_getcapbool' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char login_getcapbool (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char login_getcapbool (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_login_getcapbool) || defined (__stub___login_getcapbool) -choke me -#else -f = login_getcapbool; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for md5_crypt -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccmzjv2k.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `md5_crypt' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char md5_crypt (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char md5_crypt (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_md5_crypt) || defined (__stub___md5_crypt) -choke me -#else -f = md5_crypt; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for memmove -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for mkdtemp -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for mmap -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for ngetaddrinfo -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccMr5aWc.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `ngetaddrinfo' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char ngetaddrinfo (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char ngetaddrinfo (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_ngetaddrinfo) || defined (__stub___ngetaddrinfo) -choke me -#else -f = ngetaddrinfo; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for nsleep -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/cc20jFHy.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `nsleep' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char nsleep (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char nsleep (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_nsleep) || defined (__stub___nsleep) -choke me -#else -f = nsleep; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for ogetaddrinfo -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccAKDUs2.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `ogetaddrinfo' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char ogetaddrinfo (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char ogetaddrinfo (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_ogetaddrinfo) || defined (__stub___ogetaddrinfo) -choke me -#else -f = ogetaddrinfo; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for openlog_r -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccy1SWSA.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `openlog_r' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char openlog_r (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char openlog_r (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_openlog_r) || defined (__stub___openlog_r) -choke me -#else -f = openlog_r; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for openpty -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for pstat -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/cc0UoZbl.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `pstat' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char pstat (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char pstat (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_pstat) || defined (__stub___pstat) -choke me -#else -f = pstat; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for readpassphrase -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/cc8U1mOO.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `readpassphrase' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char readpassphrase (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char readpassphrase (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_readpassphrase) || defined (__stub___readpassphrase) -choke me -#else -f = readpassphrase; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for realpath -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for recvmsg -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for rresvport_af -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for sendmsg -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setdtablesize -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/cc6XTtCm.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `setdtablesize' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char setdtablesize (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char setdtablesize (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_setdtablesize) || defined (__stub___setdtablesize) -choke me -#else -f = setdtablesize; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for setegid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setenv -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for seteuid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setgroups -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setlogin -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure: In function `main': -configure:6520: `choke' undeclared (first use in this function) -configure:6520: (Each undeclared identifier is reported only once -configure:6520: for each function it appears in.) -configure:6520: parse error before "me" -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char setlogin (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char setlogin (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_setlogin) || defined (__stub___setlogin) -choke me -#else -f = setlogin; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for setpcred -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/cc8emG50.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `setpcred' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char setpcred (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char setpcred (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_setpcred) || defined (__stub___setpcred) -choke me -#else -f = setpcred; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for setproctitle -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccW5OI0d.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `setproctitle' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char setproctitle (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char setproctitle (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_setproctitle) || defined (__stub___setproctitle) -choke me -#else -f = setproctitle; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for setregid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setresgid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setresuid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setreuid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setrlimit -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setsid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for setvbuf -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for sigaction -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for sigvec -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for snprintf -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for socketpair -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for strerror -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for strlcat -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccickFyB.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `strlcat' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strlcat (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char strlcat (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_strlcat) || defined (__stub___strlcat) -choke me -#else -f = strlcat; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for strlcpy -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/ccsbUQg5.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `strlcpy' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strlcpy (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char strlcpy (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_strlcpy) || defined (__stub___strlcpy) -choke me -#else -f = strlcpy; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for strmode -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/cc27fHdB.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `strmode' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strmode (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char strmode (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_strmode) || defined (__stub___strmode) -choke me -#else -f = strmode; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for strnvis -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -/tmp/cc4sPbj7.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:6522: undefined reference to `strnvis' -collect2: ld returned 1 exit status -configure:6534: $? = 1 -configure: failed program was: -#line 6500 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strnvis (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char strnvis (); -char (*f) (); - -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_strnvis) || defined (__stub___strnvis) -choke me -#else -f = strnvis; -#endif - - ; - return 0; -} -configure:6550: result: no -configure:6494: checking for sysconf -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for tcgetpgrp -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for truncate -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for utimes -configure:6550: result: yes -configure:6494: checking for vhangup -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for vsnprintf -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6494: checking for waitpid -configure:6531: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6534: $? = 0 -configure:6537: test -s conftest -configure:6540: $? = 0 -configure:6550: result: yes -configure:6560: checking for library containing nanosleep -configure:6587: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6590: $? = 0 -configure:6593: test -s conftest -configure:6596: $? = 0 -configure:6649: result: none required -configure:6659: checking for ANSI C header files -configure:6673: gcc -E conftest.c -configure:6679: $? = 0 -configure:6766: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure: In function `main': -configure:6758: warning: implicit declaration of function `exit' -configure:6769: $? = 0 -configure:6771: ./conftest -configure:6774: $? = 0 -configure:6787: result: yes -configure:6803: checking for sys/types.h -configure:6815: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:6818: $? = 0 -configure:6821: test -s conftest.o -configure:6824: $? = 0 -configure:6834: result: yes -configure:6803: checking for sys/stat.h -configure:6834: result: yes -configure:6803: checking for stdlib.h -configure:6815: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:6818: $? = 0 -configure:6821: test -s conftest.o -configure:6824: $? = 0 -configure:6834: result: yes -configure:6803: checking for string.h -configure:6815: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:6818: $? = 0 -configure:6821: test -s conftest.o -configure:6824: $? = 0 -configure:6834: result: yes -configure:6803: checking for memory.h -configure:6815: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:6818: $? = 0 -configure:6821: test -s conftest.o -configure:6824: $? = 0 -configure:6834: result: yes -configure:6803: checking for strings.h -configure:6834: result: yes -configure:6803: checking for inttypes.h -configure:6815: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:6818: $? = 0 -configure:6821: test -s conftest.o -configure:6824: $? = 0 -configure:6834: result: yes -configure:6803: checking for stdint.h -configure:6834: result: yes -configure:6803: checking for unistd.h -configure:6815: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:6818: $? = 0 -configure:6821: test -s conftest.o -configure:6824: $? = 0 -configure:6834: result: yes -configure:6844: checking whether strsep is declared -configure:6865: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:6868: $? = 0 -configure:6871: test -s conftest.o -configure:6874: $? = 0 -configure:6884: result: yes -configure:6891: checking for strsep -configure:6928: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:6931: $? = 0 -configure:6934: test -s conftest -configure:6937: $? = 0 -configure:6947: result: yes -configure:6959: checking whether getrusage is declared -configure:6980: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:7004: `getrusage' undeclared (first use in this function) -configure:7004: (Each undeclared identifier is reported only once -configure:7004: for each function it appears in.) -configure:7004: warning: unused variable `p' -configure:6983: $? = 1 -configure: failed program was: -#line 6965 "configure" -#include "confdefs.h" -#include -#if HAVE_SYS_TYPES_H -# include -#endif -#if HAVE_SYS_STAT_H -# include -#endif -#if STDC_HEADERS -# include -# include -#else -# if HAVE_STDLIB_H -# include -# endif -#endif -#if HAVE_STRING_H -# if !STDC_HEADERS && HAVE_MEMORY_H -# include -# endif -# include -#endif -#if HAVE_STRINGS_H -# include -#endif -#if HAVE_INTTYPES_H -# include -#else -# if HAVE_STDINT_H -# include -# endif -#endif -#if HAVE_UNISTD_H -# include -#endif -int -main () -{ -#ifndef getrusage - char *p = (char *) getrusage; -#endif - - ; - return 0; -} -configure:6999: result: no -configure:7074: checking whether tcsendbreak is declared -configure:7096: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:7087: warning: unused variable `p' -configure:7099: $? = 0 -configure:7102: test -s conftest.o -configure:7105: $? = 0 -configure:7115: result: yes -configure:7198: checking for gettimeofday -configure:7235: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7238: $? = 0 -configure:7241: test -s conftest -configure:7244: $? = 0 -configure:7254: result: yes -configure:7198: checking for time -configure:7235: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7238: $? = 0 -configure:7241: test -s conftest -configure:7244: $? = 0 -configure:7254: result: yes -configure:7267: checking for endutent -configure:7304: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7307: $? = 0 -configure:7310: test -s conftest -configure:7313: $? = 0 -configure:7323: result: yes -configure:7267: checking for getutent -configure:7304: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7307: $? = 0 -configure:7310: test -s conftest -configure:7313: $? = 0 -configure:7323: result: yes -configure:7267: checking for getutid -configure:7304: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7307: $? = 0 -configure:7310: test -s conftest -configure:7313: $? = 0 -configure:7323: result: yes -configure:7267: checking for getutline -configure:7304: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7307: $? = 0 -configure:7310: test -s conftest -configure:7313: $? = 0 -configure:7323: result: yes -configure:7267: checking for pututline -configure:7304: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7307: $? = 0 -configure:7310: test -s conftest -configure:7313: $? = 0 -configure:7323: result: yes -configure:7267: checking for setutent -configure:7304: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7307: $? = 0 -configure:7310: test -s conftest -configure:7313: $? = 0 -configure:7323: result: yes -configure:7336: checking for utmpname -configure:7373: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7376: $? = 0 -configure:7379: test -s conftest -configure:7382: $? = 0 -configure:7392: result: yes -configure:7405: checking for endutxent -configure:7442: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7445: $? = 0 -configure:7448: test -s conftest -configure:7451: $? = 0 -configure:7461: result: yes -configure:7405: checking for getutxent -configure:7442: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7445: $? = 0 -configure:7448: test -s conftest -configure:7451: $? = 0 -configure:7461: result: yes -configure:7405: checking for getutxid -configure:7442: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7445: $? = 0 -configure:7448: test -s conftest -configure:7451: $? = 0 -configure:7461: result: yes -configure:7405: checking for getutxline -configure:7442: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7445: $? = 0 -configure:7448: test -s conftest -configure:7451: $? = 0 -configure:7461: result: yes -configure:7405: checking for pututxline -configure:7442: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7445: $? = 0 -configure:7448: test -s conftest -configure:7451: $? = 0 -configure:7461: result: yes -configure:7474: checking for setutxent -configure:7511: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7514: $? = 0 -configure:7517: test -s conftest -configure:7520: $? = 0 -configure:7530: result: yes -configure:7474: checking for utmpxname -configure:7511: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7514: $? = 0 -configure:7517: test -s conftest -configure:7520: $? = 0 -configure:7530: result: yes -configure:7540: checking for daemon -configure:7577: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7580: $? = 0 -configure:7583: test -s conftest -configure:7586: $? = 0 -configure:7596: result: yes -configure:7662: checking for getpagesize -configure:7699: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7702: $? = 0 -configure:7705: test -s conftest -configure:7708: $? = 0 -configure:7718: result: yes -configure:7786: checking whether snprintf correctly terminates long strings -configure:7802: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure: In function `main': -configure:7797: warning: implicit declaration of function `exit' -configure:7805: $? = 0 -configure:7807: ./conftest -configure:7810: $? = 0 -configure:7812: result: yes -configure:7834: checking for (overly) strict mkstemp -configure:7858: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure:7849: warning: return type defaults to `int' -configure: In function `main': -configure:7852: warning: implicit declaration of function `unlink' -configure:7861: $? = 0 -configure:7863: ./conftest -configure:7866: $? = 1 -configure: program exited with status 1 -configure: failed program was: -#line 7846 "configure" -#include "confdefs.h" - -#include -main() { char template[]="conftest.mkstemp-test"; -if (mkstemp(template) == -1) - exit(1); -unlink(template); exit(0); -} - -configure:7877: result: yes -configure:7889: checking if openpty correctly handles controlling tty -configure:7934: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl >&5 -configure: In function `main': -configure:7910: warning: implicit declaration of function `fork' -configure:7912: warning: implicit declaration of function `exit' -configure:7920: warning: implicit declaration of function `close' -configure:7921: warning: implicit declaration of function `setsid' -configure:7922: warning: implicit declaration of function `openpty' -configure:7937: $? = 0 -configure:7939: ./conftest -configure:7942: $? = 0 -configure:7945: result: yes -configure:7964: checking whether getpgrp takes no argument -configure:7983: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:8009: too many arguments to function `getpgrp' -configure:7986: $? = 1 -configure: failed program was: -#line 7971 "configure" -#include "confdefs.h" -#include -#if HAVE_SYS_TYPES_H -# include -#endif -#if HAVE_SYS_STAT_H -# include -#endif -#if STDC_HEADERS -# include -# include -#else -# if HAVE_STDLIB_H -# include -# endif -#endif -#if HAVE_STRING_H -# if !STDC_HEADERS && HAVE_MEMORY_H -# include -# endif -# include -#endif -#if HAVE_STRINGS_H -# include -#endif -#if HAVE_INTTYPES_H -# include -#else -# if HAVE_STDINT_H -# include -# endif -#endif -#if HAVE_UNISTD_H -# include -#endif -int -main () -{ -getpgrp (0); - ; - return 0; -} -configure:8015: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:8018: $? = 0 -configure:8021: test -s conftest.o -configure:8024: $? = 0 -configure:8119: result: yes -configure:8583: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto >&5 -configure:8586: $? = 0 -configure:8589: test -s conftest -configure:8592: $? = 0 -configure:8658: checking OpenSSL header version -configure:8689: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto >&5 -configure: In function `main': -configure:8678: warning: implicit declaration of function `exit' -configure:8680: warning: unsigned int format, long int arg (arg 3) -configure:8692: $? = 0 -configure:8694: ./conftest -configure:8697: $? = 0 -configure:8701: result: 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001) -configure:8720: checking OpenSSL library version -configure:8752: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto >&5 -configure: In function `main': -configure:8743: warning: unsigned int format, long unsigned int arg (arg 3) -configure:8755: $? = 0 -configure:8757: ./conftest -configure:8760: $? = 0 -configure:8764: result: 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001) -configure:8783: checking whether OpenSSL's headers match the library -configure:8800: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto >&5 -configure: In function `main': -configure:8795: warning: implicit declaration of function `exit' -configure:8795: warning: implicit declaration of function `SSLeay' -configure:8803: $? = 0 -configure:8805: ./conftest -configure:8808: $? = 0 -configure:8811: result: yes -configure:8836: checking for crypt in -lcrypt -configure:8863: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lcrypt -lutil -lz -lnsl -lcrypto >&5 -configure:8866: $? = 0 -configure:8869: test -s conftest -configure:8872: $? = 0 -configure:8883: result: yes -configure:8894: checking whether OpenSSL's PRNG is internally seeded -configure:8911: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:8914: $? = 0 -configure:8916: ./conftest -configure:8919: $? = 0 -configure:8923: result: yes -configure:9123: checking for ls -configure:9140: found /bin/ls -configure:9151: result: /bin/ls -configure:9164: checking for netstat -configure:9181: found /bin/netstat -configure:9192: result: /bin/netstat -configure:9205: checking for arp -configure:9222: found /sbin/arp -configure:9233: result: /sbin/arp -configure:9246: checking for ifconfig -configure:9263: found /sbin/ifconfig -configure:9274: result: /sbin/ifconfig -configure:9287: checking for jstat -configure:9318: result: no -configure:9328: checking for ps -configure:9345: found /bin/ps -configure:9356: result: /bin/ps -configure:9369: checking for sar -configure:9386: found /usr/bin/sar -configure:9397: result: /usr/bin/sar -configure:9410: checking for w -configure:9427: found /usr/bin/w -configure:9438: result: /usr/bin/w -configure:9451: checking for who -configure:9468: found /usr/bin/who -configure:9479: result: /usr/bin/who -configure:9492: checking for last -configure:9509: found /usr/bin/last -configure:9520: result: /usr/bin/last -configure:9533: checking for lastlog -configure:9550: found /usr/bin/lastlog -configure:9561: result: /usr/bin/lastlog -configure:9574: checking for df -configure:9591: found /bin/df -configure:9602: result: /bin/df -configure:9615: checking for vmstat -configure:9632: found /usr/bin/vmstat -configure:9643: result: /usr/bin/vmstat -configure:9656: checking for uptime -configure:9673: found /usr/bin/uptime -configure:9684: result: /usr/bin/uptime -configure:9697: checking for ipcs -configure:9714: found /usr/bin/ipcs -configure:9725: result: /usr/bin/ipcs -configure:9738: checking for tail -configure:9755: found /usr/bin/tail -configure:9766: result: /usr/bin/tail -configure:9800: checking for char -configure:9821: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:9824: $? = 0 -configure:9827: test -s conftest.o -configure:9830: $? = 0 -configure:9840: result: yes -configure:9843: checking size of char -configure:10007: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:10010: $? = 0 -configure:10012: ./conftest -configure:10015: $? = 0 -configure:10031: result: 1 -configure:10037: checking for short int -configure:10058: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:10061: $? = 0 -configure:10064: test -s conftest.o -configure:10067: $? = 0 -configure:10077: result: yes -configure:10080: checking size of short int -configure:10244: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:10247: $? = 0 -configure:10249: ./conftest -configure:10252: $? = 0 -configure:10268: result: 2 -configure:10274: checking for int -configure:10295: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:10298: $? = 0 -configure:10301: test -s conftest.o -configure:10304: $? = 0 -configure:10314: result: yes -configure:10317: checking size of int -configure:10481: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:10484: $? = 0 -configure:10486: ./conftest -configure:10489: $? = 0 -configure:10505: result: 4 -configure:10511: checking for long int -configure:10532: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:10535: $? = 0 -configure:10538: test -s conftest.o -configure:10541: $? = 0 -configure:10551: result: yes -configure:10554: checking size of long int -configure:10718: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:10721: $? = 0 -configure:10723: ./conftest -configure:10726: $? = 0 -configure:10742: result: 4 -configure:10748: checking for long long int -configure:10769: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:10772: $? = 0 -configure:10775: test -s conftest.o -configure:10778: $? = 0 -configure:10788: result: yes -configure:10791: checking size of long long int -configure:10955: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:10958: $? = 0 -configure:10960: ./conftest -configure:10963: $? = 0 -configure:10979: result: 8 -configure:10991: checking for u_int type -configure:11010: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11013: $? = 0 -configure:11016: test -s conftest.o -configure:11019: $? = 0 -configure:11031: result: yes -configure:11041: checking for intXX_t types -configure:11060: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11063: $? = 0 -configure:11066: test -s conftest.o -configure:11069: $? = 0 -configure:11081: result: yes -configure:11138: checking for int64_t type -configure:11166: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11169: $? = 0 -configure:11172: test -s conftest.o -configure:11175: $? = 0 -configure:11187: result: yes -configure:11196: checking for u_intXX_t types -configure:11215: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11218: $? = 0 -configure:11221: test -s conftest.o -configure:11224: $? = 0 -configure:11236: result: yes -configure:11291: checking for u_int64_t types -configure:11310: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11313: $? = 0 -configure:11316: test -s conftest.o -configure:11319: $? = 0 -configure:11331: result: yes -configure:11440: checking for uintXX_t types in stdint.h -configure:11455: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11458: $? = 0 -configure:11461: test -s conftest.o -configure:11464: $? = 0 -configure:11471: result: yes -configure:11541: checking for u_char -configure:11562: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11565: $? = 0 -configure:11568: test -s conftest.o -configure:11571: $? = 0 -configure:11583: result: yes -configure:11592: checking for socklen_t -configure:11615: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11618: $? = 0 -configure:11621: test -s conftest.o -configure:11624: $? = 0 -configure:11634: result: yes -configure:11712: checking for sig_atomic_t -configure:11734: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11737: $? = 0 -configure:11740: test -s conftest.o -configure:11743: $? = 0 -configure:11753: result: yes -configure:11763: checking for size_t -configure:11784: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11787: $? = 0 -configure:11790: test -s conftest.o -configure:11793: $? = 0 -configure:11805: result: yes -configure:11814: checking for ssize_t -configure:11835: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11838: $? = 0 -configure:11841: test -s conftest.o -configure:11844: $? = 0 -configure:11856: result: yes -configure:11865: checking for clock_t -configure:11886: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11889: $? = 0 -configure:11892: test -s conftest.o -configure:11895: $? = 0 -configure:11907: result: yes -configure:11916: checking for sa_family_t -configure:11938: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:11941: $? = 0 -configure:11944: test -s conftest.o -configure:11947: $? = 0 -configure:11994: result: yes -configure:12003: checking for pid_t -configure:12024: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:12027: $? = 0 -configure:12030: test -s conftest.o -configure:12033: $? = 0 -configure:12045: result: yes -configure:12054: checking for mode_t -configure:12075: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:12078: $? = 0 -configure:12081: test -s conftest.o -configure:12084: $? = 0 -configure:12096: result: yes -configure:12105: checking for struct sockaddr_storage -configure:12127: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:12120: warning: unused variable `s' -configure:12130: $? = 0 -configure:12133: test -s conftest.o -configure:12136: $? = 0 -configure:12148: result: yes -configure:12157: checking for struct sockaddr_in6 -configure:12179: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:12182: $? = 0 -configure:12185: test -s conftest.o -configure:12188: $? = 0 -configure:12200: result: yes -configure:12209: checking for struct in6_addr -configure:12231: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:12234: $? = 0 -configure:12237: test -s conftest.o -configure:12240: $? = 0 -configure:12252: result: yes -configure:12261: checking for struct addrinfo -configure:12284: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:12287: $? = 0 -configure:12290: test -s conftest.o -configure:12293: $? = 0 -configure:12305: result: yes -configure:12314: checking for struct timeval -configure:12333: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:12336: $? = 0 -configure:12339: test -s conftest.o -configure:12342: $? = 0 -configure:12354: result: yes -configure:12364: checking for struct timespec -configure:12385: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:12388: $? = 0 -configure:12391: test -s conftest.o -configure:12394: $? = 0 -configure:12404: result: yes -configure:12457: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:12435: warning: return type defaults to `int' -configure: In function `main': -configure:12447: warning: implicit declaration of function `exit' -configure:12460: $? = 0 -configure:12462: ./conftest -configure:12465: $? = 0 -configure:12484: checking for ut_host field in utmp.h -configure:12508: result: yes -configure:12524: checking for ut_host field in utmpx.h -configure:12548: result: yes -configure:12564: checking for syslen field in utmpx.h -configure:12588: result: no -configure:12604: checking for ut_pid field in utmp.h -configure:12628: result: yes -configure:12644: checking for ut_type field in utmp.h -configure:12668: result: yes -configure:12684: checking for ut_type field in utmpx.h -configure:12708: result: yes -configure:12724: checking for ut_tv field in utmp.h -configure:12748: result: yes -configure:12764: checking for ut_id field in utmp.h -configure:12788: result: yes -configure:12804: checking for ut_id field in utmpx.h -configure:12828: result: yes -configure:12844: checking for ut_addr field in utmp.h -configure:12868: result: yes -configure:12884: checking for ut_addr field in utmpx.h -configure:12908: result: yes -configure:12924: checking for ut_addr_v6 field in utmp.h -configure:12948: result: yes -configure:12964: checking for ut_addr_v6 field in utmpx.h -configure:12988: result: yes -configure:13004: checking for ut_exit field in utmp.h -configure:13028: result: yes -configure:13044: checking for ut_time field in utmp.h -configure:13068: result: no -configure:13084: checking for ut_time field in utmpx.h -configure:13108: result: no -configure:13124: checking for ut_tv field in utmpx.h -configure:13148: result: yes -configure:13161: checking for struct stat.st_blksize -configure:13181: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:13184: $? = 0 -configure:13187: test -s conftest.o -configure:13190: $? = 0 -configure:13200: result: yes -configure:13210: checking for ss_family field in struct sockaddr_storage -configure:13232: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:13235: $? = 0 -configure:13238: test -s conftest.o -configure:13241: $? = 0 -configure:13252: result: yes -configure:13261: checking for __ss_family field in struct sockaddr_storage -configure:13283: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:13276: structure has no member named `__ss_family' -configure:13286: $? = 1 -configure: failed program was: -#line 13268 "configure" -#include "confdefs.h" - -#include -#include - -int -main () -{ - struct sockaddr_storage s; s.__ss_family = 1; - ; - return 0; -} -configure:13304: result: no -configure:13313: checking for pw_class field in struct passwd -configure:13334: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:13327: structure has no member named `pw_class' -configure:13337: $? = 1 -configure: failed program was: -#line 13320 "configure" -#include "confdefs.h" - -#include - -int -main () -{ - struct passwd p; p.pw_class = 0; - ; - return 0; -} -configure:13355: result: no -configure:13364: checking for pw_expire field in struct passwd -configure:13385: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:13378: structure has no member named `pw_expire' -configure:13388: $? = 1 -configure: failed program was: -#line 13371 "configure" -#include "confdefs.h" - -#include - -int -main () -{ - struct passwd p; p.pw_expire = 0; - ; - return 0; -} -configure:13406: result: no -configure:13415: checking for pw_change field in struct passwd -configure:13436: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:13429: structure has no member named `pw_change' -configure:13439: $? = 1 -configure: failed program was: -#line 13422 "configure" -#include "confdefs.h" - -#include - -int -main () -{ - struct passwd p; p.pw_change = 0; - ; - return 0; -} -configure:13457: result: no -configure:13466: checking for msg_accrights field in struct msghdr -configure:13495: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure: In function `main': -configure:13488: structure has no member named `msg_accrights' -configure:13489: warning: implicit declaration of function `exit' -configure:13498: $? = 1 -configure: program exited with status 1 -configure: failed program was: -#line 13478 "configure" -#include "confdefs.h" - -#include -#include -#include -int main() { -#ifdef msg_accrights -exit(1); -#endif -struct msghdr m; -m.msg_accrights = 0; -exit(0); -} - -configure:13517: result: no -configure:13526: checking for msg_control field in struct msghdr -configure:13555: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure: In function `main': -configure:13549: warning: implicit declaration of function `exit' -configure:13558: $? = 0 -configure:13560: ./conftest -configure:13563: $? = 0 -configure:13577: result: yes -configure:13586: checking if libc defines __progname -configure:13605: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure: In function `main': -configure:13598: warning: implicit declaration of function `printf' -configure:13608: $? = 0 -configure:13611: test -s conftest -configure:13614: $? = 0 -configure:13626: result: yes -configure:13635: checking whether gcc implements __FUNCTION__ -configure:13656: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:13659: $? = 0 -configure:13662: test -s conftest -configure:13665: $? = 0 -configure:13677: result: yes -configure:13686: checking whether gcc implements __func__ -configure:13707: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:13710: $? = 0 -configure:13713: test -s conftest -configure:13716: $? = 0 -configure:13728: result: yes -configure:13737: checking whether getopt has optreset support -configure:13758: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -/tmp/cc6c5vX0.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:13751: undefined reference to `optreset' -collect2: ld returned 1 exit status -configure:13761: $? = 1 -configure: failed program was: -#line 13744 "configure" -#include "confdefs.h" - -#include - -int -main () -{ - extern int optreset; optreset = 0; - ; - return 0; -} -configure:13779: result: no -configure:13788: checking if libc defines sys_errlist -configure:13807: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure: In function `main': -configure:13800: warning: implicit declaration of function `printf' -/tmp/ccgJYceX.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:13800: `sys_errlist' is deprecated; use `strerror' or `strerror_r' instead -configure:13810: $? = 0 -configure:13813: test -s conftest -configure:13816: $? = 0 -configure:13828: result: yes -configure:13837: checking if libc defines sys_nerr -configure:13856: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure: In function `main': -configure:13849: warning: implicit declaration of function `printf' -/tmp/ccoZrWpB.o: In function `main': -/home/dtucker/openssh/portable/openssh-3.7p1/linux/configure:13849: `sys_nerr' is deprecated; use `strerror' or `strerror_r' instead -configure:13859: $? = 0 -configure:13862: test -s conftest -configure:13865: $? = 0 -configure:13877: result: yes -configure:14992: checking for xauth -configure:15009: found /usr/X11R6/bin/xauth -configure:15020: result: /usr/X11R6/bin/xauth -configure:15096: checking for "/dev/ptc" -configure:15111: result: no -configure:15147: checking for nroff -configure:15164: found /usr/bin/nroff -configure:15175: result: /usr/bin/nroff -configure:15235: checking if the systems has expire shadow information -configure:15254: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure:15257: $? = 0 -configure:15260: test -s conftest.o -configure:15263: $? = 0 -configure:15274: result: yes -configure:15312: checking for "/etc/default/login" -configure:15327: result: no -configure:15427: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c -lutil -lz -lnsl -lcrypto -lcrypt >&5 -configure:15410: warning: return type defaults to `int' -configure: In function `main': -configure:15416: warning: implicit declaration of function `exit' -configure:15430: $? = 0 -configure:15432: ./conftest -configure:15435: $? = 0 -configure:15459: result: Adding /usr/local/bin to USER_PATH so scp will work -configure:15489: checking if we need to convert IPv4 in IPv6-mapped addresses -configure:15513: result: yes (default) -configure:15684: checking if your system defines LASTLOG_FILE -configure:15711: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:15704: `LASTLOG_FILE' undeclared (first use in this function) -configure:15704: (Each undeclared identifier is reported only once -configure:15704: for each function it appears in.) -configure:15704: warning: unused variable `lastlog' -configure:15714: $? = 1 -configure: failed program was: -#line 15687 "configure" -#include "confdefs.h" - -#include -#include -#ifdef HAVE_LASTLOG_H -# include -#endif -#ifdef HAVE_PATHS_H -# include -#endif -#ifdef HAVE_LOGIN_H -# include -#endif - -int -main () -{ - char *lastlog = LASTLOG_FILE; - ; - return 0; -} -configure:15728: result: no -configure:15730: checking if your system defines _PATH_LASTLOG -configure:15754: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:15747: warning: unused variable `lastlog' -configure:15757: $? = 0 -configure:15760: test -s conftest.o -configure:15763: $? = 0 -configure:15765: result: yes -configure:15802: checking if your system defines UTMP_FILE -configure:15823: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:15816: warning: unused variable `utmp' -configure:15826: $? = 0 -configure:15829: test -s conftest.o -configure:15832: $? = 0 -configure:15834: result: yes -configure:15867: checking if your system defines WTMP_FILE -configure:15888: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:15881: warning: unused variable `wtmp' -configure:15891: $? = 0 -configure:15894: test -s conftest.o -configure:15897: $? = 0 -configure:15899: result: yes -configure:15932: checking if your system defines UTMPX_FILE -configure:15956: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:15949: `UTMPX_FILE' undeclared (first use in this function) -configure:15949: (Each undeclared identifier is reported only once -configure:15949: for each function it appears in.) -configure:15949: warning: unused variable `utmpx' -configure:15959: $? = 1 -configure: failed program was: -#line 15935 "configure" -#include "confdefs.h" - -#include -#include -#ifdef HAVE_UTMPX_H -#include -#endif -#ifdef HAVE_PATHS_H -# include -#endif - -int -main () -{ - char *utmpx = UTMPX_FILE; - ; - return 0; -} -configure:15972: result: no -configure:15992: checking if your system defines WTMPX_FILE -configure:16016: gcc -c -g -O2 -Wall -Wpointer-arith -Wno-uninitialized conftest.c >&5 -configure: In function `main': -configure:16009: `WTMPX_FILE' undeclared (first use in this function) -configure:16009: (Each undeclared identifier is reported only once -configure:16009: for each function it appears in.) -configure:16009: warning: unused variable `wtmpx' -configure:16019: $? = 1 -configure: failed program was: -#line 15995 "configure" -#include "confdefs.h" - -#include -#include -#ifdef HAVE_UTMPX_H -#include -#endif -#ifdef HAVE_PATHS_H -# include -#endif - -int -main () -{ - char *wtmpx = WTMPX_FILE; - ; - return 0; -} -configure:16032: result: no -configure:16146: creating ./config.status - -## ----------------------- ## -## Running config.status. ## -## ----------------------- ## - -This file was extended by config.status 2.52, executed with - CONFIG_FILES = - CONFIG_HEADERS = - CONFIG_LINKS = - CONFIG_COMMANDS = - > ./config.status -on gate - -config.status:16634: creating Makefile -config.status:16634: creating openbsd-compat/Makefile -config.status:16634: creating scard/Makefile -config.status:16634: creating ssh_prng_cmds -config.status:16726: creating config.h - -## ----------------- ## -## Cache variables. ## -## ----------------- ## - -ac_cv_build=i686-pc-linux-gnu -ac_cv_build_alias=i686-pc-linux-gnu -ac_cv_c_bigendian=no -ac_cv_c_compiler_gnu=yes -ac_cv_c_inline=inline -ac_cv_cc_implements___FUNCTION__=yes -ac_cv_cc_implements___func__=yes -ac_cv_env_CC_set= -ac_cv_env_CC_value= -ac_cv_env_CFLAGS_set= -ac_cv_env_CFLAGS_value= -ac_cv_env_CPPFLAGS_set= -ac_cv_env_CPPFLAGS_value= -ac_cv_env_CPP_set= -ac_cv_env_CPP_value= -ac_cv_env_LDFLAGS_set= -ac_cv_env_LDFLAGS_value= -ac_cv_env_build_alias_set= -ac_cv_env_build_alias_value= -ac_cv_env_host_alias_set= -ac_cv_env_host_alias_value= -ac_cv_env_target_alias_set= -ac_cv_env_target_alias_value= -ac_cv_file___dev_ptc_=no -ac_cv_file___etc_default_login_=no -ac_cv_func___b64_ntop=no -ac_cv_func___b64_pton=no -ac_cv_func__getpty=no -ac_cv_func_arc4random=no -ac_cv_func_b64_ntop=no -ac_cv_func_b64_pton=no -ac_cv_func_basename=yes -ac_cv_func_bcopy=yes -ac_cv_func_bindresvport_sa=no -ac_cv_func_clock=yes -ac_cv_func_daemon=yes -ac_cv_func_dirname=yes -ac_cv_func_endutent=yes -ac_cv_func_endutxent=yes -ac_cv_func_fchmod=yes -ac_cv_func_fchown=yes -ac_cv_func_freeaddrinfo=yes -ac_cv_func_futimes=no -ac_cv_func_gai_strerror=yes -ac_cv_func_getaddrinfo=yes -ac_cv_func_getcwd=yes -ac_cv_func_getgrouplist=yes -ac_cv_func_getnameinfo=yes -ac_cv_func_getopt=yes -ac_cv_func_getpagesize=yes -ac_cv_func_getpeereid=no -ac_cv_func_getpgrp_void=yes -ac_cv_func_getrlimit=yes -ac_cv_func_getspnam=yes -ac_cv_func_gettimeofday=yes -ac_cv_func_getttyent=yes -ac_cv_func_getutent=yes -ac_cv_func_getutid=yes -ac_cv_func_getutline=yes -ac_cv_func_getutxent=yes -ac_cv_func_getutxid=yes -ac_cv_func_getutxline=yes -ac_cv_func_glob=yes -ac_cv_func_inet_aton=yes -ac_cv_func_inet_ntoa=yes -ac_cv_func_inet_ntop=yes -ac_cv_func_innetgr=yes -ac_cv_func_login_getcapbool=no -ac_cv_func_logout=yes -ac_cv_func_logwtmp=yes -ac_cv_func_md5_crypt=no -ac_cv_func_memmove=yes -ac_cv_func_mkdtemp=yes -ac_cv_func_mmap=yes -ac_cv_func_ngetaddrinfo=no -ac_cv_func_nsleep=no -ac_cv_func_ogetaddrinfo=no -ac_cv_func_openlog_r=no -ac_cv_func_openpty=yes -ac_cv_func_pstat=no -ac_cv_func_pututline=yes -ac_cv_func_pututxline=yes -ac_cv_func_readpassphrase=no -ac_cv_func_realpath=yes -ac_cv_func_recvmsg=yes -ac_cv_func_rresvport_af=yes -ac_cv_func_sendmsg=yes -ac_cv_func_setdtablesize=no -ac_cv_func_setegid=yes -ac_cv_func_setenv=yes -ac_cv_func_seteuid=yes -ac_cv_func_setgroups=yes -ac_cv_func_setlogin=no -ac_cv_func_setpcred=no -ac_cv_func_setproctitle=no -ac_cv_func_setregid=yes -ac_cv_func_setresgid=yes -ac_cv_func_setresuid=yes -ac_cv_func_setreuid=yes -ac_cv_func_setrlimit=yes -ac_cv_func_setsid=yes -ac_cv_func_setsockopt=yes -ac_cv_func_setutent=yes -ac_cv_func_setutxent=yes -ac_cv_func_setvbuf=yes -ac_cv_func_sigaction=yes -ac_cv_func_sigvec=yes -ac_cv_func_snprintf=yes -ac_cv_func_socketpair=yes -ac_cv_func_strcasecmp=yes -ac_cv_func_strerror=yes -ac_cv_func_strftime=yes -ac_cv_func_strlcat=no -ac_cv_func_strlcpy=no -ac_cv_func_strmode=no -ac_cv_func_strnvis=no -ac_cv_func_strsep=yes -ac_cv_func_sysconf=yes -ac_cv_func_tcgetpgrp=yes -ac_cv_func_time=yes -ac_cv_func_truncate=yes -ac_cv_func_updwtmp=yes -ac_cv_func_utimes=yes -ac_cv_func_utmpname=yes -ac_cv_func_utmpxname=yes -ac_cv_func_vhangup=yes -ac_cv_func_vsnprintf=yes -ac_cv_func_waitpid=yes -ac_cv_func_yp_match=no -ac_cv_have___ss_family_in_struct_ss=no -ac_cv_have_accrights_in_msghdr=no -ac_cv_have_clock_t=yes -ac_cv_have_control_in_msghdr=yes -ac_cv_have_decl_getrusage=no -ac_cv_have_decl_strsep=yes -ac_cv_have_decl_tcsendbreak=yes -ac_cv_have_getopt_optreset=no -ac_cv_have_int64_t=yes -ac_cv_have_intxx_t=yes -ac_cv_have_mode_t=yes -ac_cv_have_pid_t=yes -ac_cv_have_pw_change_in_struct_passwd=no -ac_cv_have_pw_class_in_struct_passwd=no -ac_cv_have_pw_expire_in_struct_passwd=no -ac_cv_have_sa_family_t=yes -ac_cv_have_size_t=yes -ac_cv_have_ss_family_in_struct_ss=yes -ac_cv_have_ssize_t=yes -ac_cv_have_struct_addrinfo=yes -ac_cv_have_struct_in6_addr=yes -ac_cv_have_struct_sockaddr_in6=yes -ac_cv_have_struct_sockaddr_storage=yes -ac_cv_have_struct_timeval=yes -ac_cv_have_u_char=yes -ac_cv_have_u_int=yes -ac_cv_have_u_int64_t=yes -ac_cv_have_u_intxx_t=yes -ac_cv_header_bstring_h=no -ac_cv_header_crypt_h=yes -ac_cv_header_endian_h=yes -ac_cv_header_features_h=yes -ac_cv_header_floatingpoint_h=no -ac_cv_header_getopt_h=yes -ac_cv_header_glob_h=yes -ac_cv_header_ia_h=no -ac_cv_header_inttypes_h=yes -ac_cv_header_lastlog_h=yes -ac_cv_header_libgen_h=yes -ac_cv_header_libutil_h=no -ac_cv_header_limits_h=yes -ac_cv_header_login_cap_h=no -ac_cv_header_login_h=no -ac_cv_header_maillock_h=no -ac_cv_header_memory_h=yes -ac_cv_header_netdb_h=yes -ac_cv_header_netgroup_h=no -ac_cv_header_netinet_in_systm_h=yes -ac_cv_header_paths_h=yes -ac_cv_header_pty_h=yes -ac_cv_header_readpassphrase_h=no -ac_cv_header_rpc_types_h=yes -ac_cv_header_security_pam_appl_h=yes -ac_cv_header_shadow_h=yes -ac_cv_header_stdc=yes -ac_cv_header_stddef_h=yes -ac_cv_header_stdint_h=yes -ac_cv_header_stdlib_h=yes -ac_cv_header_string_h=yes -ac_cv_header_strings_h=yes -ac_cv_header_sys_audit_h=no -ac_cv_header_sys_bitypes_h=yes -ac_cv_header_sys_bsdtty_h=no -ac_cv_header_sys_cdefs_h=yes -ac_cv_header_sys_mman_h=yes -ac_cv_header_sys_pstat_h=no -ac_cv_header_sys_select_h=yes -ac_cv_header_sys_stat_h=yes -ac_cv_header_sys_stropts_h=yes -ac_cv_header_sys_strtio_h=no -ac_cv_header_sys_sysmacros_h=yes -ac_cv_header_sys_time_h=yes -ac_cv_header_sys_timers_h=no -ac_cv_header_sys_types_h=yes -ac_cv_header_sys_un_h=yes -ac_cv_header_time_h=yes -ac_cv_header_tmpdir_h=no -ac_cv_header_ttyent_h=yes -ac_cv_header_unistd_h=yes -ac_cv_header_usersec_h=no -ac_cv_header_util_h=no -ac_cv_header_utime_h=yes -ac_cv_header_utmp_h=yes -ac_cv_header_utmpx_h=yes -ac_cv_host=i686-pc-linux-gnu -ac_cv_host_alias=i686-pc-linux-gnu -ac_cv_lib_crypt_crypt=yes -ac_cv_lib_nsl_yp_match=yes -ac_cv_lib_z_deflate=yes -ac_cv_libc_defines___progname=yes -ac_cv_libc_defines_sys_errlist=yes -ac_cv_libc_defines_sys_nerr=yes -ac_cv_member_struct_stat_st_blksize=yes -ac_cv_objext=o -ac_cv_path_AR=/usr/local/bin/ar -ac_cv_path_LOGIN_PROGRAM_FALLBACK=/bin/login -ac_cv_path_NROFF=/usr/bin/nroff -ac_cv_path_PERL=/usr/local/bin/perl -ac_cv_path_PROG_ARP=/sbin/arp -ac_cv_path_PROG_DF=/bin/df -ac_cv_path_PROG_IFCONFIG=/sbin/ifconfig -ac_cv_path_PROG_IPCS=/usr/bin/ipcs -ac_cv_path_PROG_LAST=/usr/bin/last -ac_cv_path_PROG_LASTLOG=/usr/bin/lastlog -ac_cv_path_PROG_LS=/bin/ls -ac_cv_path_PROG_NETSTAT=/bin/netstat -ac_cv_path_PROG_PS=/bin/ps -ac_cv_path_PROG_SAR=/usr/bin/sar -ac_cv_path_PROG_TAIL=/usr/bin/tail -ac_cv_path_PROG_UPTIME=/usr/bin/uptime -ac_cv_path_PROG_VMSTAT=/usr/bin/vmstat -ac_cv_path_PROG_W=/usr/bin/w -ac_cv_path_PROG_WHO=/usr/bin/who -ac_cv_path_SED=/bin/sed -ac_cv_path_SH=/bin/sh -ac_cv_path_TEST_MINUS_S_SH=/bin/bash -ac_cv_path_install='/usr/bin/install -c' -ac_cv_path_xauth_path=/usr/X11R6/bin/xauth -ac_cv_prog_AWK=gawk -ac_cv_prog_CPP='gcc -E' -ac_cv_prog_ac_ct_CC=gcc -ac_cv_prog_ac_ct_RANLIB=ranlib -ac_cv_prog_cc_g=yes -ac_cv_prog_cc_stdc= -ac_cv_search_basename='none required' -ac_cv_search_login=-lutil -ac_cv_search_nanosleep='none required' -ac_cv_sizeof_char=1 -ac_cv_sizeof_int=4 -ac_cv_sizeof_long_int=4 -ac_cv_sizeof_long_long_int=8 -ac_cv_sizeof_short_int=2 -ac_cv_sys_file_offset_bits=64 -ac_cv_sys_large_files=no -ac_cv_sys_largefile_CC=no -ac_cv_type_char=yes -ac_cv_type_int=yes -ac_cv_type_long_int=yes -ac_cv_type_long_long_int=yes -ac_cv_type_short_int=yes -ac_cv_type_sig_atomic_t=yes -ac_cv_type_socklen_t=yes -ac_cv_type_struct_timespec=yes -ossh_cv_utmp_h_has_ut_addr=yes -ossh_cv_utmp_h_has_ut_addr_v6=yes -ossh_cv_utmp_h_has_ut_exit=yes -ossh_cv_utmp_h_has_ut_host=yes -ossh_cv_utmp_h_has_ut_id=yes -ossh_cv_utmp_h_has_ut_pid=yes -ossh_cv_utmp_h_has_ut_time=no -ossh_cv_utmp_h_has_ut_tv=yes -ossh_cv_utmp_h_has_ut_type=yes -ossh_cv_utmpx_h_has_syslen=no -ossh_cv_utmpx_h_has_ut_addr=yes -ossh_cv_utmpx_h_has_ut_addr_v6=yes -ossh_cv_utmpx_h_has_ut_host=yes -ossh_cv_utmpx_h_has_ut_id=yes -ossh_cv_utmpx_h_has_ut_time=no -ossh_cv_utmpx_h_has_ut_tv=yes -ossh_cv_utmpx_h_has_ut_type=yes - -## ------------ ## -## confdefs.h. ## -## ------------ ## - -#define _FILE_OFFSET_BITS 64 -#define LOGIN_PROGRAM_FALLBACK "/bin/login" -#define DONT_TRY_OTHER_AF 1 -#define PAM_TTY_KLUDGE 1 -#define LOCKED_PASSWD_PREFIX "!!" -#define SPT_TYPE SPT_REUSEARGV -#define HAVE_CRYPT_H 1 -#define HAVE_ENDIAN_H 1 -#define HAVE_FEATURES_H 1 -#define HAVE_GETOPT_H 1 -#define HAVE_GLOB_H 1 -#define HAVE_LASTLOG_H 1 -#define HAVE_LIMITS_H 1 -#define HAVE_NETDB_H 1 -#define HAVE_NETINET_IN_SYSTM_H 1 -#define HAVE_PATHS_H 1 -#define HAVE_PTY_H 1 -#define HAVE_RPC_TYPES_H 1 -#define HAVE_SECURITY_PAM_APPL_H 1 -#define HAVE_SHADOW_H 1 -#define HAVE_STDDEF_H 1 -#define HAVE_STDINT_H 1 -#define HAVE_STRINGS_H 1 -#define HAVE_SYS_BITYPES_H 1 -#define HAVE_SYS_CDEFS_H 1 -#define HAVE_SYS_MMAN_H 1 -#define HAVE_SYS_SELECT_H 1 -#define HAVE_SYS_STAT_H 1 -#define HAVE_SYS_STROPTS_H 1 -#define HAVE_SYS_SYSMACROS_H 1 -#define HAVE_SYS_TIME_H 1 -#define HAVE_SYS_UN_H 1 -#define HAVE_TIME_H 1 -#define HAVE_TTYENT_H 1 -#define HAVE_UTIME_H 1 -#define HAVE_UTMP_H 1 -#define HAVE_UTMPX_H 1 -#define HAVE_LIBNSL 1 -#define HAVE_DIRNAME 1 -#define HAVE_LIBGEN_H 1 -#define HAVE_BASENAME 1 -#define HAVE_LIBZ 1 -#define HAVE_LOGIN 1 -#define HAVE_LOGOUT 1 -#define HAVE_UPDWTMP 1 -#define HAVE_LOGWTMP 1 -#define HAVE_STRFTIME 1 -#define GLOB_HAS_ALTDIRFUNC 1 -#define HAVE_BASENAME 1 -#define HAVE_BCOPY 1 -#define HAVE_CLOCK 1 -#define HAVE_FCHMOD 1 -#define HAVE_FCHOWN 1 -#define HAVE_FREEADDRINFO 1 -#define HAVE_GAI_STRERROR 1 -#define HAVE_GETADDRINFO 1 -#define HAVE_GETCWD 1 -#define HAVE_GETGROUPLIST 1 -#define HAVE_GETNAMEINFO 1 -#define HAVE_GETOPT 1 -#define HAVE_GETRLIMIT 1 -#define HAVE_GETTTYENT 1 -#define HAVE_GLOB 1 -#define HAVE_INET_ATON 1 -#define HAVE_INET_NTOA 1 -#define HAVE_INET_NTOP 1 -#define HAVE_INNETGR 1 -#define HAVE_MEMMOVE 1 -#define HAVE_MKDTEMP 1 -#define HAVE_MMAP 1 -#define HAVE_OPENPTY 1 -#define HAVE_REALPATH 1 -#define HAVE_RECVMSG 1 -#define HAVE_RRESVPORT_AF 1 -#define HAVE_SENDMSG 1 -#define HAVE_SETEGID 1 -#define HAVE_SETENV 1 -#define HAVE_SETEUID 1 -#define HAVE_SETGROUPS 1 -#define HAVE_SETREGID 1 -#define HAVE_SETRESGID 1 -#define HAVE_SETRESUID 1 -#define HAVE_SETREUID 1 -#define HAVE_SETRLIMIT 1 -#define HAVE_SETSID 1 -#define HAVE_SETVBUF 1 -#define HAVE_SIGACTION 1 -#define HAVE_SIGVEC 1 -#define HAVE_SNPRINTF 1 -#define HAVE_SOCKETPAIR 1 -#define HAVE_STRERROR 1 -#define HAVE_SYSCONF 1 -#define HAVE_TCGETPGRP 1 -#define HAVE_TRUNCATE 1 -#define HAVE_UTIMES 1 -#define HAVE_VHANGUP 1 -#define HAVE_VSNPRINTF 1 -#define HAVE_WAITPID 1 -#define HAVE_NANOSLEEP 1 -#define STDC_HEADERS 1 -#define HAVE_SYS_TYPES_H 1 -#define HAVE_SYS_STAT_H 1 -#define HAVE_STDLIB_H 1 -#define HAVE_STRING_H 1 -#define HAVE_MEMORY_H 1 -#define HAVE_STRINGS_H 1 -#define HAVE_INTTYPES_H 1 -#define HAVE_STDINT_H 1 -#define HAVE_UNISTD_H 1 -#define HAVE_STRSEP 1 -#define HAVE_TCSENDBREAK 1 -#define HAVE_GETTIMEOFDAY 1 -#define HAVE_TIME 1 -#define HAVE_ENDUTENT 1 -#define HAVE_GETUTENT 1 -#define HAVE_GETUTID 1 -#define HAVE_GETUTLINE 1 -#define HAVE_PUTUTLINE 1 -#define HAVE_SETUTENT 1 -#define HAVE_UTMPNAME 1 -#define HAVE_ENDUTXENT 1 -#define HAVE_GETUTXENT 1 -#define HAVE_GETUTXID 1 -#define HAVE_GETUTXLINE 1 -#define HAVE_PUTUTXLINE 1 -#define HAVE_SETUTXENT 1 -#define HAVE_UTMPXNAME 1 -#define HAVE_DAEMON 1 -#define HAVE_GETPAGESIZE 1 -#define HAVE_STRICT_MKSTEMP 1 -#define GETPGRP_VOID 1 -#define HAVE_OPENSSL 1 -#define OPENSSL_PRNG_ONLY 1 -#define ENTROPY_TIMEOUT_MSEC 200 -#define SSH_PRIVSEP_USER "sshd" -#define SIZEOF_CHAR 1 -#define SIZEOF_SHORT_INT 2 -#define SIZEOF_INT 4 -#define SIZEOF_LONG_INT 4 -#define SIZEOF_LONG_LONG_INT 8 -#define HAVE_U_INT 1 -#define HAVE_INTXX_T 1 -#define HAVE_INT64_T 1 -#define HAVE_U_INTXX_T 1 -#define HAVE_U_INT64_T 1 -#define HAVE_UINTXX_T 1 -#define HAVE_U_CHAR 1 -#define HAVE_SIG_ATOMIC_T 1 -#define HAVE_SIZE_T 1 -#define HAVE_SSIZE_T 1 -#define HAVE_CLOCK_T 1 -#define HAVE_SA_FAMILY_T 1 -#define HAVE_PID_T 1 -#define HAVE_MODE_T 1 -#define HAVE_STRUCT_SOCKADDR_STORAGE 1 -#define HAVE_STRUCT_SOCKADDR_IN6 1 -#define HAVE_STRUCT_IN6_ADDR 1 -#define HAVE_STRUCT_ADDRINFO 1 -#define HAVE_STRUCT_TIMEVAL 1 -#define HAVE_STRUCT_TIMESPEC 1 -#define HAVE_HOST_IN_UTMP 1 -#define HAVE_HOST_IN_UTMPX 1 -#define HAVE_PID_IN_UTMP 1 -#define HAVE_TYPE_IN_UTMP 1 -#define HAVE_TYPE_IN_UTMPX 1 -#define HAVE_TV_IN_UTMP 1 -#define HAVE_ID_IN_UTMP 1 -#define HAVE_ID_IN_UTMPX 1 -#define HAVE_ADDR_IN_UTMP 1 -#define HAVE_ADDR_IN_UTMPX 1 -#define HAVE_ADDR_V6_IN_UTMP 1 -#define HAVE_ADDR_V6_IN_UTMPX 1 -#define HAVE_EXIT_IN_UTMP 1 -#define HAVE_TV_IN_UTMPX 1 -#define HAVE_STRUCT_STAT_ST_BLKSIZE 1 -#define HAVE_SS_FAMILY_IN_SS 1 -#define HAVE_CONTROL_IN_MSGHDR 1 -#define HAVE___PROGNAME 1 -#define HAVE___FUNCTION__ 1 -#define HAVE___func__ 1 -#define HAVE_SYS_ERRLIST 1 -#define HAVE_SYS_NERR 1 -#define XAUTH_PATH "/usr/X11R6/bin/xauth" -#define MAIL_DIRECTORY "/var/spool/mail" -#define HAS_SHADOW_EXPIRE 1 -#define USER_PATH "/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin" -#define IPV4_IN_IPV6 1 -#define _PATH_SSH_PIDDIR "/var/run" -#define DISABLE_UTMPX 1 -#define DISABLE_WTMPX 1 - - -configure: exit 0 diff -ru --new-file openssh-3.7p1/linux/config.status openssh-3.7.1p1/linux/config.status --- openssh-3.7p1/linux/config.status 2003-09-16 16:40:06.000000000 +1000 +++ openssh-3.7.1p1/linux/config.status 1970-01-01 10:00:00.000000000 +1000 @@ -1,1103 +0,0 @@ -#! /bin/sh -# Generated automatically by configure. -# Run this file to recreate the current configuration. -# Compiler output produced by configure, useful for debugging -# configure, is in config.log if it exists. - -debug=false -SHELL=${CONFIG_SHELL-/bin/sh} -ac_cs_invocation="$0 $@" - -# Be Bourne compatible -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: -elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then - set -o posix -fi - -# Name of the executable. -as_me=`echo "$0" |sed 's,.*[\\/],,'` - -if expr a : '\(a\)' >/dev/null 2>&1; then - as_expr=expr -else - as_expr=false -fi - -rm -f conf$$ conf$$.exe conf$$.file -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - # We could just check for DJGPP; but this test a) works b) is more generic - # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04). - if test -f conf$$.exe; then - # Don't use ln at all; we don't have any links - as_ln_s='cp -p' - else - as_ln_s='ln -s' - fi -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln -else - as_ln_s='cp -p' -fi -rm -f conf$$ conf$$.exe conf$$.file - -as_executable_p="test -f" - -# Support unset when possible. -if (FOO=FOO; unset FOO) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false -fi - -# NLS nuisances. -$as_unset LANG || test "${LANG+set}" != set || { LANG=C; export LANG; } -$as_unset LC_ALL || test "${LC_ALL+set}" != set || { LC_ALL=C; export LC_ALL; } -$as_unset LC_TIME || test "${LC_TIME+set}" != set || { LC_TIME=C; export LC_TIME; } -$as_unset LC_CTYPE || test "${LC_CTYPE+set}" != set || { LC_CTYPE=C; export LC_CTYPE; } -$as_unset LANGUAGE || test "${LANGUAGE+set}" != set || { LANGUAGE=C; export LANGUAGE; } -$as_unset LC_COLLATE || test "${LC_COLLATE+set}" != set || { LC_COLLATE=C; export LC_COLLATE; } -$as_unset LC_NUMERIC || test "${LC_NUMERIC+set}" != set || { LC_NUMERIC=C; export LC_NUMERIC; } -$as_unset LC_MESSAGES || test "${LC_MESSAGES+set}" != set || { LC_MESSAGES=C; export LC_MESSAGES; } - -# IFS -# We need space, tab and new line, in precisely that order. -as_nl=' -' -IFS=" $as_nl" - -# CDPATH. -$as_unset CDPATH || test "${CDPATH+set}" != set || { CDPATH=:; export CDPATH; } - -exec 6>&1 - -config_files=" Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds" -config_headers=" config.h" - -ac_cs_usage="\ -\`$as_me' instantiates files from templates according to the -current configuration. - -Usage: $0 [OPTIONS] [FILE]... - - -h, --help print this help, then exit - -V, --version print version number, then exit - -d, --debug don't remove temporary files - --recheck update $as_me by reconfiguring in the same conditions - --file=FILE[:TEMPLATE] - instantiate the configuration file FILE - --header=FILE[:TEMPLATE] - instantiate the configuration header FILE - -Configuration files: -$config_files - -Configuration headers: -$config_headers - -Report bugs to ." -ac_cs_version="\ -config.status -configured by ../configure, generated by GNU Autoconf 2.52, - with options \"\" - -Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001 -Free Software Foundation, Inc. -This config.status script is free software; the Free Software Foundation -gives unlimited permission to copy, distribute and modify it." -srcdir=.. -INSTALL="/usr/bin/install -c" -# If no file are specified by the user, then we need to provide default -# value. By we need to know if files were specified by the user. -ac_need_defaults=: -while test $# != 0 -do - case $1 in - --*=*) - ac_option=`expr "x$1" : 'x\([^=]*\)='` - ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'` - shift - set dummy "$ac_option" "$ac_optarg" ${1+"$@"} - shift - ;; - -*);; - *) # This is not an option, so the user has probably given explicit - # arguments. - ac_need_defaults=false;; - esac - - case $1 in - # Handling of the options. - -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) - echo "running /bin/sh ../configure " " --no-create --no-recursion" - exec /bin/sh ../configure --no-create --no-recursion ;; - --version | --vers* | -V ) - echo "$ac_cs_version"; exit 0 ;; - --he | --h) - # Conflict between --help and --header - { { echo "$as_me:16319: error: ambiguous option: $1 -Try \`$0 --help' for more information." >&5 -echo "$as_me: error: ambiguous option: $1 -Try \`$0 --help' for more information." >&2;} - { (exit 1); exit 1; }; };; - --help | --hel | -h ) - echo "$ac_cs_usage"; exit 0 ;; - --debug | --d* | -d ) - debug=: ;; - --file | --fil | --fi | --f ) - shift - CONFIG_FILES="$CONFIG_FILES $1" - ac_need_defaults=false;; - --header | --heade | --head | --hea ) - shift - CONFIG_HEADERS="$CONFIG_HEADERS $1" - ac_need_defaults=false;; - - # This is an error. - -*) { { echo "$as_me:16338: error: unrecognized option: $1 -Try \`$0 --help' for more information." >&5 -echo "$as_me: error: unrecognized option: $1 -Try \`$0 --help' for more information." >&2;} - { (exit 1); exit 1; }; } ;; - - *) ac_config_targets="$ac_config_targets $1" ;; - - esac - shift -done - -exec 5>>config.log -cat >&5 << _ACEOF - -## ----------------------- ## -## Running config.status. ## -## ----------------------- ## - -This file was extended by $as_me 2.52, executed with - CONFIG_FILES = $CONFIG_FILES - CONFIG_HEADERS = $CONFIG_HEADERS - CONFIG_LINKS = $CONFIG_LINKS - CONFIG_COMMANDS = $CONFIG_COMMANDS - > $ac_cs_invocation -on `(hostname || uname -n) 2>/dev/null | sed 1q` - -_ACEOF -for ac_config_target in $ac_config_targets -do - case "$ac_config_target" in - # Handling of arguments. - "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;; - "openbsd-compat/Makefile" ) CONFIG_FILES="$CONFIG_FILES openbsd-compat/Makefile" ;; - "scard/Makefile" ) CONFIG_FILES="$CONFIG_FILES scard/Makefile" ;; - "ssh_prng_cmds" ) CONFIG_FILES="$CONFIG_FILES ssh_prng_cmds" ;; - "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; - *) { { echo "$as_me:16378: error: invalid argument: $ac_config_target" >&5 -echo "$as_me: error: invalid argument: $ac_config_target" >&2;} - { (exit 1); exit 1; }; };; - esac -done - -# If the user did not use the arguments to specify the items to instantiate, -# then the envvar interface is used. Set only those that are not. -# We use the long form for the default assignment because of an extremely -# bizarre bug on SunOS 4.1.3. -if $ac_need_defaults; then - test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files - test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers -fi - -# Create a temporary directory, and hook for its removal unless debugging. -$debug || -{ - trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0 - trap '{ (exit 1); exit 1; }' 1 2 13 15 -} - -# Create a (secure) tmp directory for tmp files. -: ${TMPDIR=/tmp} -{ - tmp=`(umask 077 && mktemp -d -q "$TMPDIR/csXXXXXX") 2>/dev/null` && - test -n "$tmp" && test -d "$tmp" -} || -{ - tmp=$TMPDIR/cs$$-$RANDOM - (umask 077 && mkdir $tmp) -} || -{ - echo "$me: cannot create a temporary directory in $TMPDIR" >&2 - { (exit 1); exit 1; } -} - - -# -# CONFIG_FILES section. -# - -# No need to generate the scripts if there are no CONFIG_FILES. -# This happens for instance when ./config.status config.h -if test -n "$CONFIG_FILES"; then - # Protect against being on the right side of a sed subst in config.status. - sed 's/,@/@@/; s/@,/@@/; s/,;t t$/@;t t/; /@;t t$/s/[\\&,]/\\&/g; - s/@@/,@/; s/@@/@,/; s/@;t t$/,;t t/' >$tmp/subs.sed <<\CEOF -s,@SHELL@,/bin/sh,;t t -s,@exec_prefix@,${prefix},;t t -s,@prefix@,/usr/local,;t t -s,@program_transform_name@,s,x,x,,;t t -s,@bindir@,${exec_prefix}/bin,;t t -s,@sbindir@,${exec_prefix}/sbin,;t t -s,@libexecdir@,${exec_prefix}/libexec,;t t -s,@datadir@,${prefix}/share,;t t -s,@sysconfdir@,${prefix}/etc,;t t -s,@sharedstatedir@,${prefix}/com,;t t -s,@localstatedir@,${prefix}/var,;t t -s,@libdir@,${exec_prefix}/lib,;t t -s,@includedir@,${prefix}/include,;t t -s,@oldincludedir@,/usr/include,;t t -s,@infodir@,${prefix}/info,;t t -s,@mandir@,${prefix}/man,;t t -s,@PACKAGE_NAME@,,;t t -s,@PACKAGE_TARNAME@,,;t t -s,@PACKAGE_VERSION@,,;t t -s,@PACKAGE_STRING@,,;t t -s,@PACKAGE_BUGREPORT@,,;t t -s,@build_alias@,,;t t -s,@host_alias@,,;t t -s,@target_alias@,,;t t -s,@ECHO_C@,,;t t -s,@ECHO_N@,-n,;t t -s,@ECHO_T@,,;t t -s,@PATH_SEPARATOR@,:,;t t -s,@DEFS@,-DHAVE_CONFIG_H,;t t -s,@LIBS@,-lutil -lz -lnsl -lcrypto -lcrypt ,;t t -s,@CC@,gcc,;t t -s,@CFLAGS@,-g -O2 -Wall -Wpointer-arith -Wno-uninitialized,;t t -s,@LDFLAGS@,,;t t -s,@CPPFLAGS@,,;t t -s,@ac_ct_CC@,gcc,;t t -s,@EXEEXT@,,;t t -s,@OBJEXT@,o,;t t -s,@build@,i686-pc-linux-gnu,;t t -s,@build_cpu@,i686,;t t -s,@build_vendor@,pc,;t t -s,@build_os@,linux-gnu,;t t -s,@host@,i686-pc-linux-gnu,;t t -s,@host_cpu@,i686,;t t -s,@host_vendor@,pc,;t t -s,@host_os@,linux-gnu,;t t -s,@AWK@,gawk,;t t -s,@CPP@,gcc -E,;t t -s,@RANLIB@,ranlib,;t t -s,@ac_ct_RANLIB@,ranlib,;t t -s,@INSTALL_PROGRAM@,${INSTALL},;t t -s,@INSTALL_SCRIPT@,${INSTALL},;t t -s,@INSTALL_DATA@,${INSTALL} -m 644,;t t -s,@AR@,/usr/local/bin/ar,;t t -s,@PERL@,/usr/local/bin/perl,;t t -s,@SED@,/bin/sed,;t t -s,@ENT@,,;t t -s,@TEST_MINUS_S_SH@,/bin/bash,;t t -s,@SH@,/bin/sh,;t t -s,@LOGIN_PROGRAM_FALLBACK@,/bin/login,;t t -s,@LD@,gcc,;t t -s,@LIBWRAP@,,;t t -s,@LIBPAM@,,;t t -s,@INSTALL_SSH_RAND_HELPER@,,;t t -s,@SSH_PRIVSEP_USER@,sshd,;t t -s,@PROG_LS@,/bin/ls,;t t -s,@PROG_NETSTAT@,/bin/netstat,;t t -s,@PROG_ARP@,/sbin/arp,;t t -s,@PROG_IFCONFIG@,/sbin/ifconfig,;t t -s,@PROG_JSTAT@,undef,;t t -s,@PROG_PS@,/bin/ps,;t t -s,@PROG_SAR@,/usr/bin/sar,;t t -s,@PROG_W@,/usr/bin/w,;t t -s,@PROG_WHO@,/usr/bin/who,;t t -s,@PROG_LAST@,/usr/bin/last,;t t -s,@PROG_LASTLOG@,/usr/bin/lastlog,;t t -s,@PROG_DF@,/bin/df,;t t -s,@PROG_VMSTAT@,/usr/bin/vmstat,;t t -s,@PROG_UPTIME@,/usr/bin/uptime,;t t -s,@PROG_IPCS@,/usr/bin/ipcs,;t t -s,@PROG_TAIL@,/usr/bin/tail,;t t -s,@INSTALL_SSH_PRNG_CMDS@,,;t t -s,@OPENSC_CONFIG@,,;t t -s,@PRIVSEP_PATH@,/var/empty,;t t -s,@xauth_path@,/usr/X11R6/bin/xauth,;t t -s,@STRIP_OPT@,-s,;t t -s,@XAUTH_PATH@,/usr/X11R6/bin/xauth,;t t -s,@NROFF@,/usr/bin/nroff,;t t -s,@MANTYPE@,doc,;t t -s,@mansubdir@,man,;t t -s,@user_path@,/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin,;t t -s,@piddir@,/var/run,;t t -CEOF - - # Split the substitutions into bite-sized pieces for seds with - # small command number limits, like on Digital OSF/1 and HP-UX. - ac_max_sed_lines=48 - ac_sed_frag=1 # Number of current file. - ac_beg=1 # First line for current file. - ac_end=$ac_max_sed_lines # Line after last line for current file. - ac_more_lines=: - ac_sed_cmds= - while $ac_more_lines; do - if test $ac_beg -gt 1; then - sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag - else - sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag - fi - if test ! -s $tmp/subs.frag; then - ac_more_lines=false - else - # The purpose of the label and of the branching condition is to - # speed up the sed processing (if there are no `@' at all, there - # is no need to browse any of the substitutions). - # These are the two extra sed commands mentioned above. - (echo ':t - /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed - if test -z "$ac_sed_cmds"; then - ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed" - else - ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed" - fi - ac_sed_frag=`expr $ac_sed_frag + 1` - ac_beg=$ac_end - ac_end=`expr $ac_end + $ac_max_sed_lines` - fi - done - if test -z "$ac_sed_cmds"; then - ac_sed_cmds=cat - fi -fi # test -n "$CONFIG_FILES" - -for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue - # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". - case $ac_file in - - | *:- | *:-:* ) # input from stdin - cat >$tmp/stdin - ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` - ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; - *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` - ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; - * ) ac_file_in=$ac_file.in ;; - esac - - # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories. - ac_dir=`$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$ac_file" : 'X\(//\)[^/]' \| \ - X"$ac_file" : 'X\(//\)$' \| \ - X"$ac_file" : 'X\(/\)' \| \ - . : '\(.\)' 2>/dev/null || -echo X"$ac_file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } - /^X\(\/\/\)[^/].*/{ s//\1/; q; } - /^X\(\/\/\)$/{ s//\1/; q; } - /^X\(\/\).*/{ s//\1/; q; } - s/.*/./; q'` - if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then - { case "$ac_dir" in - [\\/]* | ?:[\\/]* ) as_incr_dir=;; - *) as_incr_dir=.;; -esac -as_dummy="$ac_dir" -for as_mkdir_dir in `IFS='/\\'; set X $as_dummy; shift; echo "$@"`; do - case $as_mkdir_dir in - # Skip DOS drivespec - ?:) as_incr_dir=$as_mkdir_dir ;; - *) - as_incr_dir=$as_incr_dir/$as_mkdir_dir - test -d "$as_incr_dir" || mkdir "$as_incr_dir" - ;; - esac -done; } - - ac_dir_suffix="/`echo $ac_dir|sed 's,^\./,,'`" - # A "../" for each directory in $ac_dir_suffix. - ac_dots=`echo "$ac_dir_suffix" | sed 's,/[^/]*,../,g'` - else - ac_dir_suffix= ac_dots= - fi - - case $srcdir in - .) ac_srcdir=. - if test -z "$ac_dots"; then - ac_top_srcdir=. - else - ac_top_srcdir=`echo $ac_dots | sed 's,/$,,'` - fi ;; - [\\/]* | ?:[\\/]* ) - ac_srcdir=$srcdir$ac_dir_suffix; - ac_top_srcdir=$srcdir ;; - *) # Relative path. - ac_srcdir=$ac_dots$srcdir$ac_dir_suffix - ac_top_srcdir=$ac_dots$srcdir ;; - esac - - case $INSTALL in - [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; - *) ac_INSTALL=$ac_dots$INSTALL ;; - esac - - if test x"$ac_file" != x-; then - { echo "$as_me:16634: creating $ac_file" >&5 -echo "$as_me: creating $ac_file" >&6;} - rm -f "$ac_file" - fi - # Let's still pretend it is `configure' which instantiates (i.e., don't - # use $as_me), people would be surprised to read: - # /* config.h. Generated automatically by config.status. */ - configure_input="Generated automatically from `echo $ac_file_in | - sed 's,.*/,,'` by configure." - - # First look for the input files in the build tree, otherwise in the - # src tree. - ac_file_inputs=`IFS=: - for f in $ac_file_in; do - case $f in - -) echo $tmp/stdin ;; - [\\/$]*) - # Absolute (can't be DOS-style, as IFS=:) - test -f "$f" || { { echo "$as_me:16652: error: cannot find input file: $f" >&5 -echo "$as_me: error: cannot find input file: $f" >&2;} - { (exit 1); exit 1; }; } - echo $f;; - *) # Relative - if test -f "$f"; then - # Build tree - echo $f - elif test -f "$srcdir/$f"; then - # Source tree - echo $srcdir/$f - else - # /dev/null tree - { { echo "$as_me:16665: error: cannot find input file: $f" >&5 -echo "$as_me: error: cannot find input file: $f" >&2;} - { (exit 1); exit 1; }; } - fi;; - esac - done` || { (exit 1); exit 1; } - sed " - -:t -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -s,@configure_input@,$configure_input,;t t -s,@srcdir@,$ac_srcdir,;t t -s,@top_srcdir@,$ac_top_srcdir,;t t -s,@INSTALL@,$ac_INSTALL,;t t -" $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out - rm -f $tmp/stdin - if test x"$ac_file" != x-; then - mv $tmp/out $ac_file - else - cat $tmp/out - rm -f $tmp/out - fi - -done - -# -# CONFIG_HEADER section. -# - -# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where -# NAME is the cpp macro being defined and VALUE is the value it is being given. -# -# ac_d sets the value in "#define NAME VALUE" lines. -ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)' -ac_dB='[ ].*$,\1#\2' -ac_dC=' ' -ac_dD=',;t' -# ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE". -ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' -ac_uB='$,\1#\2define\3' -ac_uC=' ' -ac_uD=',;t' - -for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue - # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". - case $ac_file in - - | *:- | *:-:* ) # input from stdin - cat >$tmp/stdin - ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` - ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; - *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` - ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; - * ) ac_file_in=$ac_file.in ;; - esac - - test x"$ac_file" != x- && { echo "$as_me:16726: creating $ac_file" >&5 -echo "$as_me: creating $ac_file" >&6;} - - # First look for the input files in the build tree, otherwise in the - # src tree. - ac_file_inputs=`IFS=: - for f in $ac_file_in; do - case $f in - -) echo $tmp/stdin ;; - [\\/$]*) - # Absolute (can't be DOS-style, as IFS=:) - test -f "$f" || { { echo "$as_me:16737: error: cannot find input file: $f" >&5 -echo "$as_me: error: cannot find input file: $f" >&2;} - { (exit 1); exit 1; }; } - echo $f;; - *) # Relative - if test -f "$f"; then - # Build tree - echo $f - elif test -f "$srcdir/$f"; then - # Source tree - echo $srcdir/$f - else - # /dev/null tree - { { echo "$as_me:16750: error: cannot find input file: $f" >&5 -echo "$as_me: error: cannot find input file: $f" >&2;} - { (exit 1); exit 1; }; } - fi;; - esac - done` || { (exit 1); exit 1; } - # Remove the trailing spaces. - sed 's/[ ]*$//' $ac_file_inputs >$tmp/in - - # Handle all the #define templates only if necessary. - if egrep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then - # If there are no defines, we may have an empty if/fi - : - cat >$tmp/defines.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/defines.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/defines.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/defines.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/defines.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - fi # egrep - - # Handle all the #undef templates - cat >$tmp/undefs.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/undefs.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/undefs.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/undefs.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/undefs.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - cat >$tmp/undefs.sed <$tmp/out - rm -f $tmp/in - mv $tmp/out $tmp/in - - # Let's still pretend it is `configure' which instantiates (i.e., don't - # use $as_me), people would be surprised to read: - # /* config.h. Generated automatically by config.status. */ - if test x"$ac_file" = x-; then - echo "/* Generated automatically by configure. */" >$tmp/config.h - else - echo "/* $ac_file. Generated automatically by configure. */" >$tmp/config.h - fi - cat $tmp/in >>$tmp/config.h - rm -f $tmp/in - if test x"$ac_file" != x-; then - if cmp -s $ac_file $tmp/config.h 2>/dev/null; then - { echo "$as_me:16867: $ac_file is unchanged" >&5 -echo "$as_me: $ac_file is unchanged" >&6;} - else - ac_dir=`$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$ac_file" : 'X\(//\)[^/]' \| \ - X"$ac_file" : 'X\(//\)$' \| \ - X"$ac_file" : 'X\(/\)' \| \ - . : '\(.\)' 2>/dev/null || -echo X"$ac_file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } - /^X\(\/\/\)[^/].*/{ s//\1/; q; } - /^X\(\/\/\)$/{ s//\1/; q; } - /^X\(\/\).*/{ s//\1/; q; } - s/.*/./; q'` - if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then - { case "$ac_dir" in - [\\/]* | ?:[\\/]* ) as_incr_dir=;; - *) as_incr_dir=.;; -esac -as_dummy="$ac_dir" -for as_mkdir_dir in `IFS='/\\'; set X $as_dummy; shift; echo "$@"`; do - case $as_mkdir_dir in - # Skip DOS drivespec - ?:) as_incr_dir=$as_mkdir_dir ;; - *) - as_incr_dir=$as_incr_dir/$as_mkdir_dir - test -d "$as_incr_dir" || mkdir "$as_incr_dir" - ;; - esac -done; } - - fi - rm -f $ac_file - mv $tmp/config.h $ac_file - fi - else - cat $tmp/config.h - rm -f $tmp/config.h - fi -done - -{ (exit 0); exit 0; } Binary files openssh-3.7p1/linux/crc32.o and openssh-3.7.1p1/linux/crc32.o differ Binary files openssh-3.7p1/linux/deattack.o and openssh-3.7.1p1/linux/deattack.o differ Binary files openssh-3.7p1/linux/dh.o and openssh-3.7.1p1/linux/dh.o differ Binary files openssh-3.7p1/linux/dispatch.o and openssh-3.7.1p1/linux/dispatch.o differ Binary files openssh-3.7p1/linux/dns.o and openssh-3.7.1p1/linux/dns.o differ Binary files openssh-3.7p1/linux/entropy.o and openssh-3.7.1p1/linux/entropy.o differ Binary files openssh-3.7p1/linux/fatal.o and openssh-3.7.1p1/linux/fatal.o differ Binary files openssh-3.7p1/linux/groupaccess.o and openssh-3.7.1p1/linux/groupaccess.o differ Binary files openssh-3.7p1/linux/gss-genr.o and openssh-3.7.1p1/linux/gss-genr.o differ Binary files openssh-3.7p1/linux/gss-serv-krb5.o and openssh-3.7.1p1/linux/gss-serv-krb5.o differ Binary files openssh-3.7p1/linux/gss-serv.o and openssh-3.7.1p1/linux/gss-serv.o differ Binary files openssh-3.7p1/linux/hostfile.o and openssh-3.7.1p1/linux/hostfile.o differ Binary files openssh-3.7p1/linux/kex.o and openssh-3.7.1p1/linux/kex.o differ Binary files openssh-3.7p1/linux/kexdh.o and openssh-3.7.1p1/linux/kexdh.o differ Binary files openssh-3.7p1/linux/kexdhc.o and openssh-3.7.1p1/linux/kexdhc.o differ Binary files openssh-3.7p1/linux/kexdhs.o and openssh-3.7.1p1/linux/kexdhs.o differ Binary files openssh-3.7p1/linux/kexgex.o and openssh-3.7.1p1/linux/kexgex.o differ Binary files openssh-3.7p1/linux/kexgexc.o and openssh-3.7.1p1/linux/kexgexc.o differ Binary files openssh-3.7p1/linux/kexgexs.o and openssh-3.7.1p1/linux/kexgexs.o differ Binary files openssh-3.7p1/linux/key.o and openssh-3.7.1p1/linux/key.o differ Binary files openssh-3.7p1/linux/libssh.a and openssh-3.7.1p1/linux/libssh.a differ Binary files openssh-3.7p1/linux/log.o and openssh-3.7.1p1/linux/log.o differ Binary files openssh-3.7p1/linux/loginrec.o and openssh-3.7.1p1/linux/loginrec.o differ Binary files openssh-3.7p1/linux/mac.o and openssh-3.7.1p1/linux/mac.o differ Binary files openssh-3.7p1/linux/match.o and openssh-3.7.1p1/linux/match.o differ Binary files openssh-3.7p1/linux/md5crypt.o and openssh-3.7.1p1/linux/md5crypt.o differ Binary files openssh-3.7p1/linux/misc.o and openssh-3.7.1p1/linux/misc.o differ Binary files openssh-3.7p1/linux/moduli.o and openssh-3.7.1p1/linux/moduli.o differ diff -ru --new-file openssh-3.7p1/linux/moduli.out openssh-3.7.1p1/linux/moduli.out --- openssh-3.7p1/linux/moduli.out 2003-09-16 16:40:08.000000000 +1000 +++ openssh-3.7.1p1/linux/moduli.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,158 +0,0 @@ -# $OpenBSD: moduli,v 1.1 2001/06/22 22:07:54 provos Exp $ - -# Time Type Tests Tries Size Generator Modulus -20010328182134 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449C221CB -20010328182222 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449C95A43 -20010328182256 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449CC8CFB -20010328182409 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449D9BDB7 -20010328182628 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449FB6EF3 -20010328182708 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A000153 -20010328182758 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A06E9EB -20010328182946 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A1F2C93 -20010328183015 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A206ADB -20010328183112 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A2A109B -20010328183143 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A2BC1BB -20010328183301 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A3ADCEB -20010328183532 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A5E8BAF -20010328183646 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A6D54D7 -20010328183712 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A6EC46F -20010328184223 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AB8626F -20010328184337 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AC7DC73 -20010328184634 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AEFF073 -20010328184714 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AF594FF -20010328184807 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AFEEC53 -20010328184910 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B0B3513 -20010328185030 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B165707 -20010328185334 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B3A9673 -20010328185423 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B426623 -20010328185451 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B4427DB -20010328185637 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B5E3FC7 -20010328185720 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B65964B -20010328185757 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B6A9373 -20010328185844 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B7203B3 -20010328185933 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B7A9FFF -20010328190006 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B7DAAD3 -20010328190054 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B855C2F -20010328190139 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B8C53EB -20010328190304 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B9F26C3 -20010328190329 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544BA00697 -20010328190412 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544BA54313 -20010328190506 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544BAEEF27 -20010328190550 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544BB5CE0B -20010328200734 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC33395187 -20010328201124 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC334ED15B -20010328201358 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3359FC07 -20010328201537 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC335F7A83 -20010328201829 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC336D1433 -20010328202120 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC337B253B -20010328202848 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC33A3D43F -20010328203335 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC33BF24A3 -20010328204332 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC34011B8B -20010328204443 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3402A92F -20010328204617 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3406D343 -20010328205458 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3436FA2B -20010328210413 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3471CF1B -20010328213513 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC352AF5EF -20010328215014 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC358CC3CB -20010328215520 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35A9B7FF -20010328215733 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35B2927F -20010328220114 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35C47323 -20010328220334 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35CFA9C3 -20010328220653 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35E0BB37 -20010328220915 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35E9CC23 -20010328221256 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35FD7D67 -20010328221457 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC36052CCB -20010328222639 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC364A1E07 -20010328224126 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC36AD5557 -20010328225125 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC36EE57BF -20010328225751 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3716A70B -20010328225943 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC371D010B -20010328230054 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC371EB5C7 -20010328230301 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC37275F4B -20010328230628 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3738C3F3 -20010329000424 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853ACAACAB -20010329001637 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853AE5BE0F -20010329002229 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853AEDE2D3 -20010329003652 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853B0F32CB -20010329005040 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853B30E503 -20010329014643 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853BC9AF57 -20010329021950 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853C205263 -20010329023256 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853C3F2E53 -20010329031049 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853CA28BBF -20010329032045 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853CB81103 -20010329052113 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853DF13B47 -20010329052449 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853DF3ED53 -20010329060404 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853E5D25E7 -20010329062856 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853E9CF013 -20010329063152 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853E9E1CEB -20010329070601 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853EF58B7F -20010329071302 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F017697 -20010329072011 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F0E72D3 -20010329072445 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F14CE17 -20010329073641 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F2EEBA3 -20010329075209 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F52E927 -20010329080750 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F776F8B -20010329084002 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853FC98043 -20010329084744 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853FD7EAAF -20010329090209 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853FF9AF5F -20010329093527 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385404E330B -20010329094652 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938540672D1F -20010329103445 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938540E4B213 -20010329111418 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993854144947F -20010329112031 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385414F223B -20010329112413 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938541522073 -20010329114209 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385417C8E53 -20010329125026 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385422E41AB -20010329132045 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385427DD3FF -20010329134105 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938542AFA2D7 -20010329134914 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938542C04A37 -20010403222140 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0AB16DAF -20010403225231 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0AC56CFF -20010404053436 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0C2F4B7F -20010404092851 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0D04E7F7 -20010404093943 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0D07794B -20010404102659 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0D2BE8CF -20010404112553 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0D5D012B -20010404174625 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0EA59E17 -20010404184645 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0ED6DA4F -20010404193402 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0EFB39B3 -20010404230716 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0FB07C1B -20010405044433 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B10DD9FC3 -20010405053429 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B11038737 -20010405062826 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B112E24E7 -20010405092601 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B11C9E9FB -20010405113007 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B123803EB -20010405122212 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B12612ED3 -20010405182035 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B13A25087 -20010405210758 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B142C4E23 -20010405220222 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B145878F3 -20010406020130 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B152AF6AB -20010406053538 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B15E78C8B -20010406073014 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1649BFEF -20010406074100 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B164D4E3F -20010406103625 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B16E07B33 -20010406131946 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B17706243 -20010406170234 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B182FD957 -20010406182949 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B18768903 -20010406203157 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B18DCFC3B -20010407022825 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1A1AF797 -20010407071024 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1B1551E7 -20010407112402 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1BF78EC7 -20010407123215 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1C30021B -20010407161504 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1CF27743 -20010407171629 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1D25FAD7 -20010407191502 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1D8C2753 -20010420002705 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10C1E08F3 -20010420005243 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10C219FB3 -20010420035225 2 6 100 4094 5 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10C660B3F -20010420145749 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10D741313 -20010420205718 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10DD41193 -20010420232458 2 6 100 4094 5 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10E0AB4EF -20010421003952 2 6 100 4094 5 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10E22F857 -20010421013245 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10E31828B -20010421085157 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10EE28B2B -20010421092617 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10EE97A3B -20010421135621 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10F52C463 -20010422012438 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C110627AF3 -20010422042530 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C110A793B3 -20010422163438 2 6 100 4094 5 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C111D2A227 Binary files openssh-3.7p1/linux/monitor.o and openssh-3.7.1p1/linux/monitor.o differ Binary files openssh-3.7p1/linux/monitor_fdpass.o and openssh-3.7.1p1/linux/monitor_fdpass.o differ Binary files openssh-3.7p1/linux/monitor_mm.o and openssh-3.7.1p1/linux/monitor_mm.o differ Binary files openssh-3.7p1/linux/monitor_wrap.o and openssh-3.7.1p1/linux/monitor_wrap.o differ Binary files openssh-3.7p1/linux/mpaux.o and openssh-3.7.1p1/linux/mpaux.o differ Binary files openssh-3.7p1/linux/msg.o and openssh-3.7.1p1/linux/msg.o differ Binary files openssh-3.7p1/linux/nchan.o and openssh-3.7.1p1/linux/nchan.o differ diff -ru --new-file openssh-3.7p1/linux/openbsd-compat/Makefile openssh-3.7.1p1/linux/openbsd-compat/Makefile --- openssh-3.7p1/linux/openbsd-compat/Makefile 2003-09-16 16:40:06.000000000 +1000 +++ openssh-3.7.1p1/linux/openbsd-compat/Makefile 1970-01-01 10:00:00.000000000 +1000 @@ -1,42 +0,0 @@ -# $Id: Makefile.in,v 1.28 2003/07/24 06:52:14 mouring Exp $ - -sysconfdir=${prefix}/etc -piddir=/var/run -srcdir=../../openbsd-compat -top_srcdir=../.. - -VPATH=../../openbsd-compat -CC=gcc -LD=gcc -CFLAGS=-g -O2 -Wall -Wpointer-arith -Wno-uninitialized -CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. -DHAVE_CONFIG_H -LIBS=-lutil -lz -lnsl -lcrypto -lcrypt -AR=/usr/local/bin/ar -RANLIB=ranlib -INSTALL=/usr/bin/install -c -LDFLAGS=-L. - -OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o vis.o - -COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o xcrypt.o - -PORTS=port-irix.o port-aix.o - -.c.o: - $(CC) $(CFLAGS) $(CPPFLAGS) -c $< - -all: libopenbsd-compat.a - -$(COMPAT): ../config.h -$(OPENBSD): ../config.h -$(PORTS): ../config.h - -libopenbsd-compat.a: $(COMPAT) $(OPENBSD) $(PORTS) - $(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS) - $(RANLIB) $@ - -clean: - rm -f *.o *.a core - -distclean: clean - rm -f Makefile *~ Binary files openssh-3.7p1/linux/openbsd-compat/base64.o and openssh-3.7.1p1/linux/openbsd-compat/base64.o differ Binary files openssh-3.7p1/linux/openbsd-compat/basename.o and openssh-3.7.1p1/linux/openbsd-compat/basename.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bindresvport.o and openssh-3.7.1p1/linux/openbsd-compat/bindresvport.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bsd-arc4random.o and openssh-3.7.1p1/linux/openbsd-compat/bsd-arc4random.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bsd-cray.o and openssh-3.7.1p1/linux/openbsd-compat/bsd-cray.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bsd-cygwin_util.o and openssh-3.7.1p1/linux/openbsd-compat/bsd-cygwin_util.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bsd-getpeereid.o and openssh-3.7.1p1/linux/openbsd-compat/bsd-getpeereid.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bsd-misc.o and openssh-3.7.1p1/linux/openbsd-compat/bsd-misc.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bsd-nextstep.o and openssh-3.7.1p1/linux/openbsd-compat/bsd-nextstep.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bsd-snprintf.o and openssh-3.7.1p1/linux/openbsd-compat/bsd-snprintf.o differ Binary files openssh-3.7p1/linux/openbsd-compat/bsd-waitpid.o and openssh-3.7.1p1/linux/openbsd-compat/bsd-waitpid.o differ Binary files openssh-3.7p1/linux/openbsd-compat/daemon.o and openssh-3.7.1p1/linux/openbsd-compat/daemon.o differ Binary files openssh-3.7p1/linux/openbsd-compat/dirname.o and openssh-3.7.1p1/linux/openbsd-compat/dirname.o differ Binary files openssh-3.7p1/linux/openbsd-compat/fake-rfc2553.o and openssh-3.7.1p1/linux/openbsd-compat/fake-rfc2553.o differ Binary files openssh-3.7p1/linux/openbsd-compat/getcwd.o and openssh-3.7.1p1/linux/openbsd-compat/getcwd.o differ Binary files openssh-3.7p1/linux/openbsd-compat/getgrouplist.o and openssh-3.7.1p1/linux/openbsd-compat/getgrouplist.o differ Binary files openssh-3.7p1/linux/openbsd-compat/getopt.o and openssh-3.7.1p1/linux/openbsd-compat/getopt.o differ Binary files openssh-3.7p1/linux/openbsd-compat/getrrsetbyname.o and openssh-3.7.1p1/linux/openbsd-compat/getrrsetbyname.o differ Binary files openssh-3.7p1/linux/openbsd-compat/glob.o and openssh-3.7.1p1/linux/openbsd-compat/glob.o differ Binary files openssh-3.7p1/linux/openbsd-compat/inet_aton.o and openssh-3.7.1p1/linux/openbsd-compat/inet_aton.o differ Binary files openssh-3.7p1/linux/openbsd-compat/inet_ntoa.o and openssh-3.7.1p1/linux/openbsd-compat/inet_ntoa.o differ Binary files openssh-3.7p1/linux/openbsd-compat/inet_ntop.o and openssh-3.7.1p1/linux/openbsd-compat/inet_ntop.o differ Binary files openssh-3.7p1/linux/openbsd-compat/libopenbsd-compat.a and openssh-3.7.1p1/linux/openbsd-compat/libopenbsd-compat.a differ Binary files openssh-3.7p1/linux/openbsd-compat/mktemp.o and openssh-3.7.1p1/linux/openbsd-compat/mktemp.o differ Binary files openssh-3.7p1/linux/openbsd-compat/port-aix.o and openssh-3.7.1p1/linux/openbsd-compat/port-aix.o differ Binary files openssh-3.7p1/linux/openbsd-compat/port-irix.o and openssh-3.7.1p1/linux/openbsd-compat/port-irix.o differ Binary files openssh-3.7p1/linux/openbsd-compat/readpassphrase.o and openssh-3.7.1p1/linux/openbsd-compat/readpassphrase.o differ Binary files openssh-3.7p1/linux/openbsd-compat/realpath.o and openssh-3.7.1p1/linux/openbsd-compat/realpath.o differ Binary files openssh-3.7p1/linux/openbsd-compat/rresvport.o and openssh-3.7.1p1/linux/openbsd-compat/rresvport.o differ Binary files openssh-3.7p1/linux/openbsd-compat/setenv.o and openssh-3.7.1p1/linux/openbsd-compat/setenv.o differ Binary files openssh-3.7p1/linux/openbsd-compat/setproctitle.o and openssh-3.7.1p1/linux/openbsd-compat/setproctitle.o differ Binary files openssh-3.7p1/linux/openbsd-compat/sigact.o and openssh-3.7.1p1/linux/openbsd-compat/sigact.o differ Binary files openssh-3.7p1/linux/openbsd-compat/strlcat.o and openssh-3.7.1p1/linux/openbsd-compat/strlcat.o differ Binary files openssh-3.7p1/linux/openbsd-compat/strlcpy.o and openssh-3.7.1p1/linux/openbsd-compat/strlcpy.o differ Binary files openssh-3.7p1/linux/openbsd-compat/strmode.o and openssh-3.7.1p1/linux/openbsd-compat/strmode.o differ Binary files openssh-3.7p1/linux/openbsd-compat/strsep.o and openssh-3.7.1p1/linux/openbsd-compat/strsep.o differ Binary files openssh-3.7p1/linux/openbsd-compat/vis.o and openssh-3.7.1p1/linux/openbsd-compat/vis.o differ Binary files openssh-3.7p1/linux/openbsd-compat/xcrypt.o and openssh-3.7.1p1/linux/openbsd-compat/xcrypt.o differ Binary files openssh-3.7p1/linux/openbsd-compat/xmmap.o and openssh-3.7.1p1/linux/openbsd-compat/xmmap.o differ Binary files openssh-3.7p1/linux/packet.o and openssh-3.7.1p1/linux/packet.o differ Binary files openssh-3.7p1/linux/progressmeter.o and openssh-3.7.1p1/linux/progressmeter.o differ Binary files openssh-3.7p1/linux/readconf.o and openssh-3.7.1p1/linux/readconf.o differ Binary files openssh-3.7p1/linux/readpass.o and openssh-3.7.1p1/linux/readpass.o differ diff -ru --new-file openssh-3.7p1/linux/regress/authorized_keys_dtucker openssh-3.7.1p1/linux/regress/authorized_keys_dtucker --- openssh-3.7p1/linux/regress/authorized_keys_dtucker 2003-09-16 17:00:05.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/authorized_keys_dtucker 1970-01-01 10:00:00.000000000 +1000 @@ -1,2 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzq6mJuGEBO0JX8K9lE7DyFjSf0Ud9OF5SsK+8Q/vY5IalC8fVrDBaamdkh2yHGcQ3hEgVnQKKkbq0QiqbULHSxsz8YABI56WJ9mrizCQ4b8rQtZodjsNsxMZFtbE76zEXKMKx6F0rPPjxg/Xa62d7AYJilMvHF3c4mI+lclt/Nc= dtucker@gate -1024 35 140112285093415727898875267228443685357131748802612368591517544473663146108561416720091562364152454130236807741224097716690500525851781384412520546403681763017634648667108788011956522133146517709002068426248757945274736368202882268109030877869782899693108462420960063109643537059254727604704196911524482950987 dtucker@gate diff -ru --new-file openssh-3.7p1/linux/regress/host.rsa openssh-3.7.1p1/linux/regress/host.rsa --- openssh-3.7p1/linux/regress/host.rsa 2003-09-16 17:00:01.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/host.rsa 1970-01-01 10:00:00.000000000 +1000 @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQDOrqYm4YQE7Qlfwr2UTsPIWNJ/RR304XlKwr7xD+9jkhqULx9W -sMFpqZ2SHbIcZxDeESBWdAoqRurRCKptQsdLGzPxgAEjnpYn2auLMJDhvytC1mh2 -Ow2zExkW1sTvrMRcowrHoXSs8+PGD9drrZ3sBgmKUy8cXdziYj6VyW381wIBIwKB -gQDC3y7xdYsalllLqPvjmriYU78nik9x2+djvu6LhA2YZS8Avrcl2drumJvhibaP -zuQEk84IXsfBdhCZNA5nBHLBdfrIexGvwlp7P2d5Lu14C4OBcT9DVZvRAAkDkiEc -A/sJOvtmOzJAbLXHkt5yYN7U9dvvKPqYeiG/huFEMwdvMwJBAPHI8NTvlfTPjqVz -ofr41JgNz48RGYKBJ37oDS6gA1kTITSLdxaLXCb6RYnukPt5qQfcmPqbn+JYk5/4 -r/2rAyMCQQDa1WJXFhFQAcjpNsXFwvpwPKQsUlNdwH9d2ebW2wTqnzlmPmA8nL7l -P/puBK72ESMQsEkGU2ZmltEzN/LL8WS9AkAUuXO6eu+YpBOKhkEVgwrodjZcuFKk -yT3mTmeHp1C+ffuIKTYX4A82inr9MbSn1zpfwnODMekiB5ef/1+KxYPtAkEAlg6p -1VD17bgUvSzfYwlbRaXs6zEjOPkG4UT2D6wgoOI1/PeScrSgKCve7Fr7oWrWN1RP -VMt5ausTG86X3E3BawJAHwTbMyZEPdwH2p4Ime/8wO6M98THnXpIa//puQ8jzKqP -MNF/Q/IAevIYJQcu1gQ/x5d9p3Pijpkg8pEfDKjm4w== ------END RSA PRIVATE KEY----- Binary files openssh-3.7p1/linux/regress/host.rsa1 and openssh-3.7.1p1/linux/regress/host.rsa1 differ diff -ru --new-file openssh-3.7p1/linux/regress/known_hosts openssh-3.7.1p1/linux/regress/known_hosts --- openssh-3.7p1/linux/regress/known_hosts 2003-09-16 17:00:05.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/known_hosts 1970-01-01 10:00:00.000000000 +1000 @@ -1,2 +0,0 @@ -localhost-with-alias,127.0.0.1,::1 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzq6mJuGEBO0JX8K9lE7DyFjSf0Ud9OF5SsK+8Q/vY5IalC8fVrDBaamdkh2yHGcQ3hEgVnQKKkbq0QiqbULHSxsz8YABI56WJ9mrizCQ4b8rQtZodjsNsxMZFtbE76zEXKMKx6F0rPPjxg/Xa62d7AYJilMvHF3c4mI+lclt/Nc= dtucker@gate -localhost-with-alias,127.0.0.1,::1 1024 35 140112285093415727898875267228443685357131748802612368591517544473663146108561416720091562364152454130236807741224097716690500525851781384412520546403681763017634648667108788011956522133146517709002068426248757945274736368202882268109030877869782899693108462420960063109643537059254727604704196911524482950987 dtucker@gate Binary files openssh-3.7p1/linux/regress/ls.copy and openssh-3.7.1p1/linux/regress/ls.copy differ diff -ru --new-file openssh-3.7p1/linux/regress/remote_pid openssh-3.7.1p1/linux/regress/remote_pid --- openssh-3.7p1/linux/regress/remote_pid 2003-09-16 16:59:52.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/remote_pid 1970-01-01 10:00:00.000000000 +1000 @@ -1 +0,0 @@ -2996 diff -ru --new-file openssh-3.7p1/linux/regress/rsa openssh-3.7.1p1/linux/regress/rsa --- openssh-3.7p1/linux/regress/rsa 2003-09-16 17:00:01.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/rsa 1970-01-01 10:00:00.000000000 +1000 @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQDOrqYm4YQE7Qlfwr2UTsPIWNJ/RR304XlKwr7xD+9jkhqULx9W -sMFpqZ2SHbIcZxDeESBWdAoqRurRCKptQsdLGzPxgAEjnpYn2auLMJDhvytC1mh2 -Ow2zExkW1sTvrMRcowrHoXSs8+PGD9drrZ3sBgmKUy8cXdziYj6VyW381wIBIwKB -gQDC3y7xdYsalllLqPvjmriYU78nik9x2+djvu6LhA2YZS8Avrcl2drumJvhibaP -zuQEk84IXsfBdhCZNA5nBHLBdfrIexGvwlp7P2d5Lu14C4OBcT9DVZvRAAkDkiEc -A/sJOvtmOzJAbLXHkt5yYN7U9dvvKPqYeiG/huFEMwdvMwJBAPHI8NTvlfTPjqVz -ofr41JgNz48RGYKBJ37oDS6gA1kTITSLdxaLXCb6RYnukPt5qQfcmPqbn+JYk5/4 -r/2rAyMCQQDa1WJXFhFQAcjpNsXFwvpwPKQsUlNdwH9d2ebW2wTqnzlmPmA8nL7l -P/puBK72ESMQsEkGU2ZmltEzN/LL8WS9AkAUuXO6eu+YpBOKhkEVgwrodjZcuFKk -yT3mTmeHp1C+ffuIKTYX4A82inr9MbSn1zpfwnODMekiB5ef/1+KxYPtAkEAlg6p -1VD17bgUvSzfYwlbRaXs6zEjOPkG4UT2D6wgoOI1/PeScrSgKCve7Fr7oWrWN1RP -VMt5ausTG86X3E3BawJAHwTbMyZEPdwH2p4Ime/8wO6M98THnXpIa//puQ8jzKqP -MNF/Q/IAevIYJQcu1gQ/x5d9p3Pijpkg8pEfDKjm4w== ------END RSA PRIVATE KEY----- diff -ru --new-file openssh-3.7p1/linux/regress/rsa-agent openssh-3.7.1p1/linux/regress/rsa-agent --- openssh-3.7p1/linux/regress/rsa-agent 2003-09-16 16:58:02.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/rsa-agent 1970-01-01 10:00:00.000000000 +1000 @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDGnlWvuGo/5zfB6odZ/13Ypwdh7NDzSKAlK8j7lvZGZxU9FVKG -8/WPNT+yP4nViFMpsVcbF2w85G/zsnscMg6VX8FjKzhhapHyNEjUJJ+BiaPNmxss -QxhZkrr2rqVtSmszSMzCh0XkgrY5TOf/WDtdWPym+nEBk9lczVvgCWYoqwIBIwKB -gQCIMg7e5NskgUrOHSmczF2b4D+TmxLv90k+D2U+zeqz7un9//4TZXUu//EpxStQ -l/6C/UMLQ0Ln7RmRKe4EtJxH9NLe45KZXLJLBhkRwqDo3z+XFXQn3rCMrTXcqtnA -wyImE5nq6e6939lOm347S+2SW0eoQ175OcRakTaUo2oSCwJBAPoC+NAbzPjFWNZG -OVs0kQ9FTS9zgAdC+QTblaz2N1SDa2ixTfJCVFznSa1uQuyOTT1aBUJwh1iaMoc1 -u7PN1fMCQQDLYDqkkXTKnev1HguNlZzfdxlsXkdsaT4RRind3FIuq1BY2v3/3Ls/ -XLJSDFCc8pqr2iGrFflxq3uHtouR8vhpAkEAq2/AjrP6RC+NX7sgBAbJ3pXryMQ6 -iKLz5hLqSrd2ZdZ1iZ4m0gGY7z+C+pTALS5g2ZzQaBKl85zvcqiAtc75GwJBAMWQ -rf7zs0h8JwtfA+if93n+qvuOyQo6WY0flmJ+QTSma08AnviNSC7sVXRGejIQPnsO -adllzb7hGOo8TRFvr3sCQQDmIYObMi4m00pan6QsgXsxxoCN1lmDsCdAjasF/tuj -C5gEBj+Ml3qJpGeOGb796uTlBu4AvS811qTWnomSp6PT ------END RSA PRIVATE KEY----- diff -ru --new-file openssh-3.7p1/linux/regress/rsa-agent.pub openssh-3.7.1p1/linux/regress/rsa-agent.pub --- openssh-3.7p1/linux/regress/rsa-agent.pub 2003-09-16 16:58:02.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/rsa-agent.pub 1970-01-01 10:00:00.000000000 +1000 @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAxp5Vr7hqP+c3weqHWf9d2KcHYezQ80igJSvI+5b2RmcVPRVShvP1jzU/sj+J1YhTKbFXGxdsPORv87J7HDIOlV/BYys4YWqR8jRI1CSfgYmjzZsbLEMYWZK69q6lbUprM0jMwodF5IK2OUzn/1g7XVj8pvpxAZPZXM1b4AlmKKs= dtucker@gate diff -ru --new-file openssh-3.7p1/linux/regress/rsa.pub openssh-3.7.1p1/linux/regress/rsa.pub --- openssh-3.7p1/linux/regress/rsa.pub 2003-09-16 17:00:01.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/rsa.pub 1970-01-01 10:00:00.000000000 +1000 @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzq6mJuGEBO0JX8K9lE7DyFjSf0Ud9OF5SsK+8Q/vY5IalC8fVrDBaamdkh2yHGcQ3hEgVnQKKkbq0QiqbULHSxsz8YABI56WJ9mrizCQ4b8rQtZodjsNsxMZFtbE76zEXKMKx6F0rPPjxg/Xa62d7AYJilMvHF3c4mI+lclt/Nc= dtucker@gate Binary files openssh-3.7p1/linux/regress/rsa1 and openssh-3.7.1p1/linux/regress/rsa1 differ Binary files openssh-3.7p1/linux/regress/rsa1-agent and openssh-3.7.1p1/linux/regress/rsa1-agent differ diff -ru --new-file openssh-3.7p1/linux/regress/rsa1-agent.pub openssh-3.7.1p1/linux/regress/rsa1-agent.pub --- openssh-3.7p1/linux/regress/rsa1-agent.pub 2003-09-16 16:58:03.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/rsa1-agent.pub 1970-01-01 10:00:00.000000000 +1000 @@ -1 +0,0 @@ -1024 35 123445148597206338427759653691125698921372283115337419801846356388281649873044315534040529553127204905443777806217257508310234808271454901972134308522516961225734931049943576721589544256728071019710182864370039759765088558804364028749811422124653483276243654082385971411918980969148906018359275300526929929651 dtucker@gate diff -ru --new-file openssh-3.7p1/linux/regress/rsa1.pub openssh-3.7.1p1/linux/regress/rsa1.pub --- openssh-3.7p1/linux/regress/rsa1.pub 2003-09-16 17:00:05.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/rsa1.pub 1970-01-01 10:00:00.000000000 +1000 @@ -1 +0,0 @@ -1024 35 140112285093415727898875267228443685357131748802612368591517544473663146108561416720091562364152454130236807741224097716690500525851781384412520546403681763017634648667108788011956522133146517709002068426248757945274736368202882268109030877869782899693108462420960063109643537059254727604704196911524482950987 dtucker@gate diff -ru --new-file openssh-3.7p1/linux/regress/rsa_secsh.pub openssh-3.7.1p1/linux/regress/rsa_secsh.pub --- openssh-3.7p1/linux/regress/rsa_secsh.pub 2003-09-16 16:47:01.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/rsa_secsh.pub 1970-01-01 10:00:00.000000000 +1000 @@ -1,6 +0,0 @@ ----- BEGIN SSH2 PUBLIC KEY ---- -Comment: "1024-bit RSA, converted from OpenSSH by dtucker@gate" -AAAAB3NzaC1yc2EAAAADAQABAAAAgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazG -u0OhBU3Uko+dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/yS -ebS3xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQ== ----- END SSH2 PUBLIC KEY ---- diff -ru --new-file openssh-3.7p1/linux/regress/ssh_config openssh-3.7.1p1/linux/regress/ssh_config --- openssh-3.7p1/linux/regress/ssh_config 2003-09-16 17:00:05.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/ssh_config 1970-01-01 10:00:00.000000000 +1000 @@ -1,18 +0,0 @@ -Host * - Hostname 127.0.0.1 - HostKeyAlias localhost-with-alias - Port 4242 - User dtucker - GlobalKnownHostsFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/known_hosts - UserKnownHostsFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/known_hosts - RSAAuthentication yes - PubkeyAuthentication yes - ChallengeResponseAuthentication no - HostbasedAuthentication no - PasswordAuthentication no - RhostsAuthentication no - RhostsRSAAuthentication no - BatchMode yes - StrictHostKeyChecking yes -IdentityFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/rsa -IdentityFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/rsa1 diff -ru --new-file openssh-3.7p1/linux/regress/ssh_proxy openssh-3.7.1p1/linux/regress/ssh_proxy --- openssh-3.7p1/linux/regress/ssh_proxy 2003-09-16 17:00:05.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/ssh_proxy 1970-01-01 10:00:00.000000000 +1000 @@ -1,19 +0,0 @@ -Host * - Hostname 127.0.0.1 - HostKeyAlias localhost-with-alias - Port 4242 - User dtucker - GlobalKnownHostsFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/known_hosts - UserKnownHostsFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/known_hosts - RSAAuthentication yes - PubkeyAuthentication yes - ChallengeResponseAuthentication no - HostbasedAuthentication no - PasswordAuthentication no - RhostsAuthentication no - RhostsRSAAuthentication no - BatchMode yes - StrictHostKeyChecking yes -IdentityFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/rsa -IdentityFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/rsa1 -proxycommand /home/dtucker/openssh/portable/openssh-3.7p1/linux/sshd -i -f /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/sshd_proxy diff -ru --new-file openssh-3.7p1/linux/regress/sshd_config openssh-3.7.1p1/linux/regress/sshd_config --- openssh-3.7p1/linux/regress/sshd_config 2003-09-16 17:00:05.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/sshd_config 1970-01-01 10:00:00.000000000 +1000 @@ -1,9 +0,0 @@ - Port 4242 - ListenAddress 127.0.0.1 - #ListenAddress ::1 - PidFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/pidfile - AuthorizedKeysFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/authorized_keys_%u - LogLevel QUIET - StrictModes no -HostKey /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/host.rsa -HostKey /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/host.rsa1 diff -ru --new-file openssh-3.7p1/linux/regress/sshd_proxy openssh-3.7.1p1/linux/regress/sshd_proxy --- openssh-3.7p1/linux/regress/sshd_proxy 2003-09-16 17:00:05.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/sshd_proxy 1970-01-01 10:00:00.000000000 +1000 @@ -1,10 +0,0 @@ - Port 4242 - ListenAddress 127.0.0.1 - #ListenAddress ::1 - PidFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/pidfile - AuthorizedKeysFile /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/authorized_keys_%u - LogLevel QUIET - StrictModes no -StrictModes no -HostKey /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/rsa -HostKey /home/dtucker/openssh/portable/openssh-3.7p1/linux/regress/rsa1 diff -ru --new-file openssh-3.7p1/linux/regress/t2.out openssh-3.7.1p1/linux/regress/t2.out --- openssh-3.7p1/linux/regress/t2.out 2003-09-16 16:47:01.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/t2.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICWgIBAAKBgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko -+dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3 -xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQIDAQAB -An8nH5VzvHkMbSqJ6eOYDsVwomRvYbH5IEaYl1x6VATITNvAu9kUdQ4NsSpuMc+7 -Jj9gKZvmO1y2YCKc0P/iO+i/eV0L+yQh1Rw18jQZll+12T+LZrKRav03YNvMx0gN -wqWY48Kt6hv2/N/ebQzKRe79+D0t2cTh92hT7xENFLIBAkEBGnoGKFjAUkJCwO1V -mzpUqMHpRZVOrqP9hUmPjzNJ5oBPFGe4+h1hoSRFOAzaNuZt8ssbqaLCkzB8bfzj -qhZqAQJBANZekuUpp8iBLeLSagw5FkcPwPzq6zfExbhvsZXb8Bo/4SflNs4JHXwI -7SD9Z8aJLvM4uQ/5M70lblDMQ40i3o0CQQDIJvBYBFL5tlOgakq/O7yi+wt0L5BZ -9H79w5rCSAA0IHRoK/qI1urHiHC3f3vbbLk5UStfrqEaND/mm0shyNIBAkBLsYdC -/ctt5Bc0wUGK4Vl5bBmj9LtrrMJ4FpBpLwj/69BwCuKoK9XKZ0h73p6XHveCEGRg -PIlFX4MtaoLrwgU9AkBV2k4dgIws+X8YX65EsyyFjnlDqX4x0nSOjQB1msIKfHBr -dh5XLDBTTCxnKhMJ0Yx/opgOvf09XHBFwaQntR5i ------END RSA PRIVATE KEY----- diff -ru --new-file openssh-3.7p1/linux/regress/t6.out1 openssh-3.7.1p1/linux/regress/t6.out1 --- openssh-3.7p1/linux/regress/t6.out1 2003-09-16 16:47:01.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/t6.out1 1970-01-01 10:00:00.000000000 +1000 @@ -1,12 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBvAIBAAKBgQCwUfm3AxZTut3icBmwCcD48nY64HzuELlQ+vEqjIcRLo49es/D -QTeLNQ+kdKRCfouosGNv0WqxRtF0tUsWdXxS37oHGa4QPugBdHRd7YlZGZv8kgx7 -FsoepY7v7E683/97dv2zxL3AGagTEzWr7fl0yPexAaZoDvtQrrjX44BLmwIVAN4L -TjdhWj1mjTMAR4gDi5mHgsEJAoGBAJZCS+8zGcPx4WRLWSicV8wnUKS5F9M3fgIF -np1jtVNIZ6bLhDC0V0wqai58PR4qDLenlY55YJgq0XgWGMcpmT9prEWOMhu2SueW -9eDrhAjXV1JnIE3r9WJCQc9KRQMX4DoAASGs1tBsAVK9qjWRO8208K0vQCRQh24Q -zMZB8sJMAoGAWo+2OYpHocoCeKkw0pVcqbD7lfp+fbTEtHtqX60hvO8n+a/eACgZ -iXoaOTjusGGlwsbFQewBW0lA+u+QCvJhxeL9f/u0lipOX/MZTAjEj2fStPo/1tXf -6tqpIZ5w2aJThw6JiwPlNNIucmv4501c8gz1ixaVivLt8RgTwGF99uICFQDHFvoo -RnaXdZbeWGTTqmgHB1GU9A== ------END DSA PRIVATE KEY----- diff -ru --new-file openssh-3.7p1/linux/regress/t6.out2 openssh-3.7.1p1/linux/regress/t6.out2 --- openssh-3.7p1/linux/regress/t6.out2 2003-09-16 16:47:01.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/t6.out2 1970-01-01 10:00:00.000000000 +1000 @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBALBR+bcDFlO63eJwGbAJwPjydjrgfO4QuVD68SqMhxEujj16z8NBN4s1D6R0pEJ+i6iwY2/RarFG0XS1SxZ1fFLfugcZrhA+6AF0dF3tiVkZm/ySDHsWyh6lju/sTrzf/3t2/bPEvcAZqBMTNavt+XTI97EBpmgO+1CuuNfjgEubAAAAFQDeC043YVo9Zo0zAEeIA4uZh4LBCQAAAIEAlkJL7zMZw/HhZEtZKJxXzCdQpLkX0zd+AgWenWO1U0hnpsuEMLRXTCpqLnw9HioMt6eVjnlgmCrReBYYxymZP2msRY4yG7ZK55b14OuECNdXUmcgTev1YkJBz0pFAxfgOgABIazW0GwBUr2qNZE7zbTwrS9AJFCHbhDMxkHywkwAAACAWo+2OYpHocoCeKkw0pVcqbD7lfp+fbTEtHtqX60hvO8n+a/eACgZiXoaOTjusGGlwsbFQewBW0lA+u+QCvJhxeL9f/u0lipOX/MZTAjEj2fStPo/1tXf6tqpIZ5w2aJThw6JiwPlNNIucmv4501c8gz1ixaVivLt8RgTwGF99uI= diff -ru --new-file openssh-3.7p1/linux/regress/t7.out openssh-3.7.1p1/linux/regress/t7.out --- openssh-3.7p1/linux/regress/t7.out 2003-09-16 16:47:02.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/t7.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICWgIBAAKBgQDiU0yRC6eC7FIS6kjodib0hev5IgYsqiIBHtUEkU0fMySEQtzo -EMxZPU6yxZOA3CKJhh1QXAobTORPROggD9z/NRg/5CmiOfPMiYvRPUuKudgx9VwQ -rYAv4IcCBDf5GpPNc4DgVg3tL06zaT/ywZYGske23kyiHeHPf6bHPby1yQIBIwKB -gCbMc4aUSJoZ4i8g2UxsBq2TTQYjFwBXrg7SFeOGn4Gw/vIaFz25vKGVezSW5hYX -G90PrUD51djLWla7Wv4umumZP81t7Jd0R5XbqKGDtmZqyfNiDiuHxYAuFMvi/55O -/FUPfD+5lWPVn4hXKMvvyelvqa4tIKTDLXrPtPmHQImzAkEA+qrnP1iXT+0u7UcA -RRIKbGR5bRW3ehD3r9f/bua8bEme6Rtl8dWSBqJnL29Q84QGX9ht8NCFneCti9bZ -HywWHwJBAOcj1Pjs7MO6XhrtIs08Kt6EV3bzsJtvIc6LB+koy+GKPlq7W/77lMqJ -sOgNUYH4Lpxm0OY9sLgigDgwPomYJxcCQQDlLopIi4MHP0DY8HVGduT1Yy0wiOJD -t73imZkU8Dc+bzI0Nk6T9nbhfoo5/1/0lfczDwVudYF6ZwUSI4SuyTjLAkANNT9e -rnPt7WR2kTUwTJS8QhOgZbJSBlm0B/HSzyGX3AOQJ/ag2y0S40vwAMLUOhFKxAvv -5kSczsV/jbpuQzVvAkB0Lljekr3uEEZ55owsXn6XoZ7aLbbO0SZUie4KZ9fiJQBu -SJytNETvydg7C+9N0+Z+gQ112hrhaMyzfPwzKwlG ------END RSA PRIVATE KEY----- diff -ru --new-file openssh-3.7p1/linux/regress/t7.out.pub openssh-3.7.1p1/linux/regress/t7.out.pub --- openssh-3.7p1/linux/regress/t7.out.pub 2003-09-16 16:47:02.000000000 +1000 +++ openssh-3.7.1p1/linux/regress/t7.out.pub 1970-01-01 10:00:00.000000000 +1000 @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA4lNMkQunguxSEupI6HYm9IXr+SIGLKoiAR7VBJFNHzMkhELc6BDMWT1OssWTgNwiiYYdUFwKG0zkT0ToIA/c/zUYP+QpojnzzImL0T1LirnYMfVcEK2AL+CHAgQ3+RqTzXOA4FYN7S9Os2k/8sGWBrJHtt5Moh3hz3+mxz28tck= dtucker@gate Binary files openssh-3.7p1/linux/rijndael.o and openssh-3.7.1p1/linux/rijndael.o differ Binary files openssh-3.7p1/linux/rsa.o and openssh-3.7.1p1/linux/rsa.o differ diff -ru --new-file openssh-3.7p1/linux/scard/Makefile openssh-3.7.1p1/linux/scard/Makefile --- openssh-3.7p1/linux/scard/Makefile 2003-09-16 16:40:06.000000000 +1000 +++ openssh-3.7.1p1/linux/scard/Makefile 1970-01-01 10:00:00.000000000 +1000 @@ -1,28 +0,0 @@ -# $Id: Makefile.in,v 1.4 2002/04/26 01:25:41 djm Exp $ - -prefix=/usr/local -datadir=${prefix}/share -srcdir=../../scard -top_srcdir=../.. - -INSTALL=/usr/bin/install -c - -VPATH=../../scard - -all: - -#Ssh.bin: Ssh.bin.uu -# uudecode Ssh.bin.uu - -clean: -# rm -rf Ssh.bin - -distprep: - uudecode Ssh.bin.uu - -distclean: clean - rm -f Makefile *~ - -install: $(srcdir)/Ssh.bin - $(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir) - $(INSTALL) -m 0644 $(srcdir)/Ssh.bin $(DESTDIR)$(datadir)/Ssh.bin Binary files openssh-3.7p1/linux/scard-opensc.o and openssh-3.7.1p1/linux/scard-opensc.o differ Binary files openssh-3.7p1/linux/scard.o and openssh-3.7.1p1/linux/scard.o differ Binary files openssh-3.7p1/linux/scp and openssh-3.7.1p1/linux/scp differ diff -ru --new-file openssh-3.7p1/linux/scp.1.out openssh-3.7.1p1/linux/scp.1.out --- openssh-3.7p1/linux/scp.1.out 2003-09-16 16:40:08.000000000 +1000 +++ openssh-3.7.1p1/linux/scp.1.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,169 +0,0 @@ -.\" -*- nroff -*- -.\" -.\" scp.1 -.\" -.\" Author: Tatu Ylonen -.\" -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" Created: Sun May 7 00:14:37 1995 ylo -.\" -.\" $OpenBSD: scp.1,v 1.28 2003/06/10 09:12:11 jmc Exp $ -.\" -.Dd September 25, 1999 -.Dt SCP 1 -.Os -.Sh NAME -.Nm scp -.Nd secure copy (remote file copy program) -.Sh SYNOPSIS -.Nm scp -.Bk -words -.Op Fl pqrvBC1246 -.Op Fl F Ar ssh_config -.Op Fl S Ar program -.Op Fl P Ar port -.Op Fl c Ar cipher -.Op Fl i Ar identity_file -.Op Fl l Ar limit -.Op Fl o Ar ssh_option -.Sm off -.Oo -.Op Ar user@ -.Ar host1 No : -.Oc Ns Ar file1 -.Sm on -.Op Ar ... -.Sm off -.Oo -.Op Ar user@ -.Ar host2 No : -.Oc Ar file2 -.Sm on -.Ek -.Sh DESCRIPTION -.Nm -copies files between hosts on a network. -It uses -.Xr ssh 1 -for data transfer, and uses the same authentication and provides the -same security as -.Xr ssh 1 . -Unlike -.Xr rcp 1 , -.Nm -will ask for passwords or passphrases if they are needed for -authentication. -.Pp -Any file name may contain a host and user specification to indicate -that the file is to be copied to/from that host. -Copies between two remote hosts are permitted. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl c Ar cipher -Selects the cipher to use for encrypting the data transfer. -This option is directly passed to -.Xr ssh 1 . -.It Fl i Ar identity_file -Selects the file from which the identity (private key) for RSA -authentication is read. -This option is directly passed to -.Xr ssh 1 . -.It Fl l Ar limit -Limits the used bandwidth, specified in Kbit/s. -.It Fl p -Preserves modification times, access times, and modes from the -original file. -.It Fl r -Recursively copy entire directories. -.It Fl v -Verbose mode. -Causes -.Nm -and -.Xr ssh 1 -to print debugging messages about their progress. -This is helpful in -debugging connection, authentication, and configuration problems. -.It Fl B -Selects batch mode (prevents asking for passwords or passphrases). -.It Fl q -Disables the progress meter. -.It Fl C -Compression enable. -Passes the -.Fl C -flag to -.Xr ssh 1 -to enable compression. -.It Fl F Ar ssh_config -Specifies an alternative -per-user configuration file for -.Nm ssh . -This option is directly passed to -.Xr ssh 1 . -.It Fl P Ar port -Specifies the port to connect to on the remote host. -Note that this option is written with a capital -.Sq P , -because -.Fl p -is already reserved for preserving the times and modes of the file in -.Xr rcp 1 . -.It Fl S Ar program -Name of -.Ar program -to use for the encrypted connection. -The program must understand -.Xr ssh 1 -options. -.It Fl o Ar ssh_option -Can be used to pass options to -.Nm ssh -in the format used in -.Xr ssh_config 5 . -This is useful for specifying options -for which there is no separate -.Nm scp -command-line flag. -.It Fl 1 -Forces -.Nm -to use protocol 1. -.It Fl 2 -Forces -.Nm -to use protocol 2. -.It Fl 4 -Forces -.Nm -to use IPv4 addresses only. -.It Fl 6 -Forces -.Nm -to use IPv6 addresses only. -.El -.Sh DIAGNOSTICS -.Nm -exits with 0 on success or >0 if an error occurred. -.Sh SEE ALSO -.Xr rcp 1 , -.Xr sftp 1 , -.Xr ssh 1 , -.Xr ssh-add 1 , -.Xr ssh-agent 1 , -.Xr ssh-keygen 1 , -.Xr ssh_config 5 , -.Xr sshd 8 -.Sh HISTORY -.Nm -is based on the -.Xr rcp 1 -program in BSD source code from the Regents of the University of -California. -.Sh AUTHORS -.An Timo Rinne Aq tri@iki.fi -and -.An Tatu Ylonen Aq ylo@cs.hut.fi Binary files openssh-3.7p1/linux/scp.o and openssh-3.7.1p1/linux/scp.o differ Binary files openssh-3.7p1/linux/servconf.o and openssh-3.7.1p1/linux/servconf.o differ Binary files openssh-3.7p1/linux/serverloop.o and openssh-3.7.1p1/linux/serverloop.o differ Binary files openssh-3.7p1/linux/session.o and openssh-3.7.1p1/linux/session.o differ Binary files openssh-3.7p1/linux/sftp and openssh-3.7.1p1/linux/sftp differ Binary files openssh-3.7p1/linux/sftp-client.o and openssh-3.7.1p1/linux/sftp-client.o differ Binary files openssh-3.7p1/linux/sftp-common.o and openssh-3.7.1p1/linux/sftp-common.o differ Binary files openssh-3.7p1/linux/sftp-glob.o and openssh-3.7.1p1/linux/sftp-glob.o differ Binary files openssh-3.7p1/linux/sftp-int.o and openssh-3.7.1p1/linux/sftp-int.o differ Binary files openssh-3.7p1/linux/sftp-server and openssh-3.7.1p1/linux/sftp-server differ diff -ru --new-file openssh-3.7p1/linux/sftp-server.8.out openssh-3.7.1p1/linux/sftp-server.8.out --- openssh-3.7p1/linux/sftp-server.8.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/sftp-server.8.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,62 +0,0 @@ -.\" $OpenBSD: sftp-server.8,v 1.9 2003/06/10 09:12:11 jmc Exp $ -.\" -.\" Copyright (c) 2000 Markus Friedl. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd August 30, 2000 -.Dt SFTP-SERVER 8 -.Os -.Sh NAME -.Nm sftp-server -.Nd SFTP server subsystem -.Sh SYNOPSIS -.Nm sftp-server -.Sh DESCRIPTION -.Nm -is a program that speaks the server side of SFTP protocol -to stdout and expects client requests from stdin. -.Nm -is not intended to be called directly, but from -.Xr sshd 8 -using the -.Cm Subsystem -option. -See -.Xr sshd 8 -for more information. -.Sh SEE ALSO -.Xr sftp 1 , -.Xr ssh 1 , -.Xr sshd 8 -.Rs -.%A T. Ylonen -.%A S. Lehtinen -.%T "SSH File Transfer Protocol" -.%N draft-ietf-secsh-filexfer-00.txt -.%D January 2001 -.%O work in progress material -.Re -.Sh AUTHORS -.An Markus Friedl Aq markus@openbsd.org -.Sh HISTORY -.Nm -first appeared in OpenBSD 2.8 . Binary files openssh-3.7p1/linux/sftp-server.o and openssh-3.7.1p1/linux/sftp-server.o differ diff -ru --new-file openssh-3.7p1/linux/sftp.1.out openssh-3.7.1p1/linux/sftp.1.out --- openssh-3.7p1/linux/sftp.1.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/sftp.1.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,322 +0,0 @@ -.\" $OpenBSD: sftp.1,v 1.45 2003/09/02 18:50:06 jmc Exp $ -.\" -.\" Copyright (c) 2001 Damien Miller. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd February 4, 2001 -.Dt SFTP 1 -.Os -.Sh NAME -.Nm sftp -.Nd secure file transfer program -.Sh SYNOPSIS -.Nm sftp -.Bk -words -.Op Fl vC1 -.Op Fl b Ar batchfile -.Op Fl o Ar ssh_option -.Op Fl s Ar subsystem | sftp_server -.Op Fl B Ar buffer_size -.Op Fl F Ar ssh_config -.Op Fl P Ar sftp_server path -.Op Fl R Ar num_requests -.Op Fl S Ar program -.Ar host -.Ek -.Nm sftp -.Oo Oo Ar user Ns @ Oc Ns -.Ar host Ns Oo : Ns Ar file Oo -.Ar file Oc Oc Oc -.Nm sftp -.Oo Oo Ar user Ns @ Oc Ns -.Ar host Ns Oo : Ns Ar dir Ns -.Oo Ar / Oc Oc Oc -.Nm sftp -.Fl b Ar batchfile -.Oo Ar user Ns @ Oc Ns Ar host -.Sh DESCRIPTION -.Nm -is an interactive file transfer program, similar to -.Xr ftp 1 , -which performs all operations over an encrypted -.Xr ssh 1 -transport. -It may also use many features of ssh, such as public key authentication and -compression. -.Nm -connects and logs into the specified -.Ar host , -then enters an interactive command mode. -.Pp -The second usage format will retrieve files automatically if a non-interactive -authentication method is used; otherwise it will do so after -successful interactive authentication. -.Pp -The third usage format allows the sftp client to start in a remote directory. -.Pp -The final usage format allows for automated sessions using the -.Fl b -option. -In such cases, it is usually necessary to configure public key authentication -to obviate the need to enter a password at connection time (see -.Xr sshd 8 -and -.Xr ssh-keygen 1 -for details). -The options are as follows: -.Bl -tag -width Ds -.It Fl b Ar batchfile -Batch mode reads a series of commands from an input -.Ar batchfile -instead of -.Em stdin . -Since it lacks user interaction it should be used in conjunction with -non-interactive authentication. -.Nm -will abort if any of the following -commands fail: -.Ic get , put , rename , ln , -.Ic rm , mkdir , chdir , ls , -.Ic lchdir , chmod , chown , chgrp , lpwd -and -.Ic lmkdir . -Termination on error can be suppressed on a command by command basis by -prefixing the command with a -.Sq Ic \- -character (for example, -.Ic -rm /tmp/blah* ) . -.It Fl o Ar ssh_option -Can be used to pass options to -.Nm ssh -in the format used in -.Xr ssh_config 5 . -This is useful for specifying options -for which there is no separate -.Nm sftp -command-line flag. -For example, to specify an alternate port use: -.Ic sftp -oPort=24 . -.It Fl s Ar subsystem | sftp_server -Specifies the SSH2 subsystem or the path for an sftp server -on the remote host. -A path is useful for using -.Nm -over protocol version 1, or when the remote -.Xr sshd 8 -does not have an sftp subsystem configured. -.It Fl v -Raise logging level. -This option is also passed to ssh. -.It Fl B Ar buffer_size -Specify the size of the buffer that -.Nm -uses when transferring files. -Larger buffers require fewer round trips at the cost of higher -memory consumption. -The default is 32768 bytes. -.It Fl C -Enables compression (via ssh's -.Fl C -flag). -.It Fl F Ar ssh_config -Specifies an alternative -per-user configuration file for -.Xr ssh 1 . -This option is directly passed to -.Xr ssh 1 . -.It Fl P Ar sftp_server path -Connect directly to a local sftp server -(rather than via -.Xr ssh 1 ) -This option may be useful in debugging the client and server. -.It Fl R Ar num_requests -Specify how many requests may be outstanding at any one time. -Increasing this may slightly improve file transfer speed -but will increase memory usage. -The default is 16 outstanding requests. -.It Fl S Ar program -Name of the -.Ar program -to use for the encrypted connection. -The program must understand -.Xr ssh 1 -options. -.It Fl 1 -Specify the use of protocol version 1. -.El -.Sh INTERACTIVE COMMANDS -Once in interactive mode, -.Nm -understands a set of commands similar to those of -.Xr ftp 1 . -Commands are case insensitive and pathnames may be enclosed in quotes if they -contain spaces. -.Bl -tag -width Ds -.It Ic bye -Quit -.Nm sftp . -.It Ic cd Ar path -Change remote directory to -.Ar path . -.It Ic lcd Ar path -Change local directory to -.Ar path . -.It Ic chgrp Ar grp Ar path -Change group of file -.Ar path -to -.Ar grp . -.Ar grp -must be a numeric GID. -.It Ic chmod Ar mode Ar path -Change permissions of file -.Ar path -to -.Ar mode . -.It Ic chown Ar own Ar path -Change owner of file -.Ar path -to -.Ar own . -.Ar own -must be a numeric UID. -.It Ic exit -Quit -.Nm sftp . -.It Xo Ic get -.Op Ar flags -.Ar remote-path -.Op Ar local-path -.Xc -Retrieve the -.Ar remote-path -and store it on the local machine. -If the local -path name is not specified, it is given the same name it has on the -remote machine. -If the -.Fl P -flag is specified, then the file's full permission and access time are -copied too. -.It Ic help -Display help text. -.It Ic lls Op Ar ls-options Op Ar path -Display local directory listing of either -.Ar path -or current directory if -.Ar path -is not specified. -.It Ic lmkdir Ar path -Create local directory specified by -.Ar path . -.It Ic ln Ar oldpath Ar newpath -Create a symbolic link from -.Ar oldpath -to -.Ar newpath . -.It Ic lpwd -Print local working directory. -.It Xo Ic ls -.Op Ar flags -.Op Ar path -.Xc -Display remote directory listing of either -.Ar path -or current directory if -.Ar path -is not specified. -If the -.Fl l -flag is specified, then display additional details including permissions -and ownership information. -.It Ic lumask Ar umask -Set local umask to -.Ar umask . -.It Ic mkdir Ar path -Create remote directory specified by -.Ar path . -.It Ic progress -Toggle display of progress meter. -.It Xo Ic put -.Op Ar flags -.Ar local-path -.Op Ar remote-path -.Xc -Upload -.Ar local-path -and store it on the remote machine. -If the remote path name is not specified, it is given the same name it has -on the local machine. -If the -.Fl P -flag is specified, then the file's full permission and access time are -copied too. -.It Ic pwd -Display remote working directory. -.It Ic quit -Quit -.Nm sftp . -.It Ic rename Ar oldpath Ar newpath -Rename remote file from -.Ar oldpath -to -.Ar newpath . -.It Ic rmdir Ar path -Remove remote directory specified by -.Ar path . -.It Ic rm Ar path -Delete remote file specified by -.Ar path . -.It Ic symlink Ar oldpath Ar newpath -Create a symbolic link from -.Ar oldpath -to -.Ar newpath . -.It Ic version -Display the -.Nm -protocol version. -.It Ic \&! Ar command -Execute -.Ar command -in local shell. -.It Ic \&! -Escape to local shell. -.It Ic \&? -Synonym for help. -.El -.Sh SEE ALSO -.Xr scp 1 , -.Xr ssh 1 , -.Xr ssh-add 1 , -.Xr ssh-keygen 1 , -.Xr ssh_config 5 , -.Xr sftp-server 8 , -.Xr sshd 8 -.Rs -.%A T. Ylonen -.%A S. Lehtinen -.%T "SSH File Transfer Protocol" -.%N draft-ietf-secsh-filexfer-00.txt -.%D January 2001 -.%O work in progress material -.Re Binary files openssh-3.7p1/linux/sftp.o and openssh-3.7.1p1/linux/sftp.o differ Binary files openssh-3.7p1/linux/ssh and openssh-3.7.1p1/linux/ssh differ Binary files openssh-3.7p1/linux/ssh-add and openssh-3.7.1p1/linux/ssh-add differ diff -ru --new-file openssh-3.7p1/linux/ssh-add.1.out openssh-3.7.1p1/linux/ssh-add.1.out --- openssh-3.7p1/linux/ssh-add.1.out 2003-09-16 16:40:08.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh-add.1.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,173 +0,0 @@ -.\" $OpenBSD: ssh-add.1,v 1.39 2003/06/10 09:12:11 jmc Exp $ -.\" -.\" -*- nroff -*- -.\" -.\" Author: Tatu Ylonen -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" As far as I am concerned, the code I have written for this software -.\" can be used freely for any purpose. Any derived versions of this -.\" software must be clearly marked as such, and if the derived work is -.\" incompatible with the protocol description in the RFC file, it must be -.\" called by a name other than "ssh" or "Secure Shell". -.\" -.\" -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd September 25, 1999 -.Dt SSH-ADD 1 -.Os -.Sh NAME -.Nm ssh-add -.Nd adds RSA or DSA identities to the authentication agent -.Sh SYNOPSIS -.Nm ssh-add -.Op Fl lLdDxXc -.Op Fl t Ar life -.Op Ar -.Nm ssh-add -.Fl s Ar reader -.Nm ssh-add -.Fl e Ar reader -.Sh DESCRIPTION -.Nm -adds RSA or DSA identities to the authentication agent, -.Xr ssh-agent 1 . -When run without arguments, it adds the files -.Pa $HOME/.ssh/id_rsa , -.Pa $HOME/.ssh/id_dsa -and -.Pa $HOME/.ssh/identity . -Alternative file names can be given on the command line. -If any file requires a passphrase, -.Nm -asks for the passphrase from the user. -The passphrase is read from the user's tty. -.Nm -retries the last passphrase if multiple identity files are given. -.Pp -The authentication agent must be running and must be an ancestor of -the current process for -.Nm -to work. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl l -Lists fingerprints of all identities currently represented by the agent. -.It Fl L -Lists public key parameters of all identities currently represented by the agent. -.It Fl d -Instead of adding the identity, removes the identity from the agent. -.It Fl D -Deletes all identities from the agent. -.It Fl x -Lock the agent with a password. -.It Fl X -Unlock the agent. -.It Fl t Ar life -Set a maximum lifetime when adding identities to an agent. -The lifetime may be specified in seconds or in a time format -specified in -.Xr sshd_config 5 . -.It Fl c -Indicates that added identities should be subject to confirmation before -being used for authentication. -Confirmation is performed by the -.Ev SSH_ASKPASS -program mentioned below. -Successful confirmation is signaled by a zero exit status from the -.Ev SSH_ASKPASS -program, rather than text entered into the requester. -.It Fl s Ar reader -Add key in smartcard -.Ar reader . -.It Fl e Ar reader -Remove key in smartcard -.Ar reader . -.El -.Sh ENVIRONMENT -.Bl -tag -width Ds -.It Ev "DISPLAY" and "SSH_ASKPASS" -If -.Nm -needs a passphrase, it will read the passphrase from the current -terminal if it was run from a terminal. -If -.Nm -does not have a terminal associated with it but -.Ev DISPLAY -and -.Ev SSH_ASKPASS -are set, it will execute the program specified by -.Ev SSH_ASKPASS -and open an X11 window to read the passphrase. -This is particularly useful when calling -.Nm -from a -.Pa .Xsession -or related script. -(Note that on some machines it -may be necessary to redirect the input from -.Pa /dev/null -to make this work.) -.It Ev SSH_AUTH_SOCK -Identifies the path of a unix-domain socket used to communicate with the -agent. -.El -.Sh FILES -.Bl -tag -width Ds -.It Pa $HOME/.ssh/identity -Contains the protocol version 1 RSA authentication identity of the user. -.It Pa $HOME/.ssh/id_dsa -Contains the protocol version 2 DSA authentication identity of the user. -.It Pa $HOME/.ssh/id_rsa -Contains the protocol version 2 RSA authentication identity of the user. -.El -.Pp -Identity files should not be readable by anyone but the user. -Note that -.Nm -ignores identity files if they are accessible by others. -.Sh DIAGNOSTICS -Exit status is 0 on success, 1 if the specified command fails, -and 2 if -.Nm -is unable to contact the authentication agent. -.Sh SEE ALSO -.Xr ssh 1 , -.Xr ssh-agent 1 , -.Xr ssh-keygen 1 , -.Xr sshd 8 -.Sh AUTHORS -OpenSSH is a derivative of the original and free -ssh 1.2.12 release by Tatu Ylonen. -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, -Theo de Raadt and Dug Song -removed many bugs, re-added newer features and -created OpenSSH. -Markus Friedl contributed the support for SSH -protocol versions 1.5 and 2.0. Binary files openssh-3.7p1/linux/ssh-add.o and openssh-3.7.1p1/linux/ssh-add.o differ Binary files openssh-3.7p1/linux/ssh-agent and openssh-3.7.1p1/linux/ssh-agent differ diff -ru --new-file openssh-3.7p1/linux/ssh-agent.1.out openssh-3.7.1p1/linux/ssh-agent.1.out --- openssh-3.7p1/linux/ssh-agent.1.out 2003-09-16 16:40:08.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh-agent.1.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,195 +0,0 @@ -.\" $OpenBSD: ssh-agent.1,v 1.39 2003/06/10 09:12:11 jmc Exp $ -.\" -.\" Author: Tatu Ylonen -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" As far as I am concerned, the code I have written for this software -.\" can be used freely for any purpose. Any derived versions of this -.\" software must be clearly marked as such, and if the derived work is -.\" incompatible with the protocol description in the RFC file, it must be -.\" called by a name other than "ssh" or "Secure Shell". -.\" -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd September 25, 1999 -.Dt SSH-AGENT 1 -.Os -.Sh NAME -.Nm ssh-agent -.Nd authentication agent -.Sh SYNOPSIS -.Nm ssh-agent -.Op Fl a Ar bind_address -.Op Fl c Li | Fl s -.Op Fl t Ar life -.Op Fl d -.Op Ar command Op Ar args ... -.Nm ssh-agent -.Op Fl c Li | Fl s -.Fl k -.Sh DESCRIPTION -.Nm -is a program to hold private keys used for public key authentication -(RSA, DSA). -The idea is that -.Nm -is started in the beginning of an X-session or a login session, and -all other windows or programs are started as clients to the ssh-agent -program. -Through use of environment variables the agent can be located -and automatically used for authentication when logging in to other -machines using -.Xr ssh 1 . -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl a Ar bind_address -Bind the agent to the unix-domain socket -.Ar bind_address . -The default is -.Pa /tmp/ssh-XXXXXXXX/agent. . -.It Fl c -Generate C-shell commands on -.Dv stdout . -This is the default if -.Ev SHELL -looks like it's a csh style of shell. -.It Fl s -Generate Bourne shell commands on -.Dv stdout . -This is the default if -.Ev SHELL -does not look like it's a csh style of shell. -.It Fl k -Kill the current agent (given by the -.Ev SSH_AGENT_PID -environment variable). -.It Fl t Ar life -Set a default value for the maximum lifetime of identities added to the agent. -The lifetime may be specified in seconds or in a time format specified in -.Xr sshd 8 . -A lifetime specified for an identity with -.Xr ssh-add 1 -overrides this value. -Without this option the default maximum lifetime is forever. -.It Fl d -Debug mode. -When this option is specified -.Nm -will not fork. -.El -.Pp -If a commandline is given, this is executed as a subprocess of the agent. -When the command dies, so does the agent. -.Pp -The agent initially does not have any private keys. -Keys are added using -.Xr ssh-add 1 . -When executed without arguments, -.Xr ssh-add 1 -adds the files -.Pa $HOME/.ssh/id_rsa , -.Pa $HOME/.ssh/id_dsa -and -.Pa $HOME/.ssh/identity . -If the identity has a passphrase, -.Xr ssh-add 1 -asks for the passphrase (using a small X11 application if running -under X11, or from the terminal if running without X). -It then sends the identity to the agent. -Several identities can be stored in the -agent; the agent can automatically use any of these identities. -.Ic ssh-add -l -displays the identities currently held by the agent. -.Pp -The idea is that the agent is run in the user's local PC, laptop, or -terminal. -Authentication data need not be stored on any other -machine, and authentication passphrases never go over the network. -However, the connection to the agent is forwarded over SSH -remote logins, and the user can thus use the privileges given by the -identities anywhere in the network in a secure way. -.Pp -There are two main ways to get an agent set up: -Either the agent starts a new subcommand into which some environment -variables are exported, or the agent prints the needed shell commands -(either -.Xr sh 1 -or -.Xr csh 1 -syntax can be generated) which can be evalled in the calling shell. -Later -.Xr ssh 1 -looks at these variables and uses them to establish a connection to the agent. -.Pp -The agent will never send a private key over its request channel. -Instead, operations that require a private key will be performed -by the agent, and the result will be returned to the requester. -This way, private keys are not exposed to clients using the agent. -.Pp -A unix-domain socket is created -and the name of this socket is stored in the -.Ev SSH_AUTH_SOCK -environment -variable. -The socket is made accessible only to the current user. -This method is easily abused by root or another instance of the same -user. -.Pp -The -.Ev SSH_AGENT_PID -environment variable holds the agent's process ID. -.Pp -The agent exits automatically when the command given on the command -line terminates. -.Sh FILES -.Bl -tag -width Ds -.It Pa $HOME/.ssh/identity -Contains the protocol version 1 RSA authentication identity of the user. -.It Pa $HOME/.ssh/id_dsa -Contains the protocol version 2 DSA authentication identity of the user. -.It Pa $HOME/.ssh/id_rsa -Contains the protocol version 2 RSA authentication identity of the user. -.It Pa /tmp/ssh-XXXXXXXX/agent. -Unix-domain sockets used to contain the connection to the -authentication agent. -These sockets should only be readable by the owner. -The sockets should get automatically removed when the agent exits. -.El -.Sh SEE ALSO -.Xr ssh 1 , -.Xr ssh-add 1 , -.Xr ssh-keygen 1 , -.Xr sshd 8 -.Sh AUTHORS -OpenSSH is a derivative of the original and free -ssh 1.2.12 release by Tatu Ylonen. -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, -Theo de Raadt and Dug Song -removed many bugs, re-added newer features and -created OpenSSH. -Markus Friedl contributed the support for SSH -protocol versions 1.5 and 2.0. Binary files openssh-3.7p1/linux/ssh-agent.o and openssh-3.7.1p1/linux/ssh-agent.o differ Binary files openssh-3.7p1/linux/ssh-dss.o and openssh-3.7.1p1/linux/ssh-dss.o differ Binary files openssh-3.7p1/linux/ssh-keygen and openssh-3.7.1p1/linux/ssh-keygen differ diff -ru --new-file openssh-3.7p1/linux/ssh-keygen.1.out openssh-3.7.1p1/linux/ssh-keygen.1.out --- openssh-3.7p1/linux/ssh-keygen.1.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh-keygen.1.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,407 +0,0 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.60 2003/07/28 09:49:56 djm Exp $ -.\" -.\" -*- nroff -*- -.\" -.\" Author: Tatu Ylonen -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" As far as I am concerned, the code I have written for this software -.\" can be used freely for any purpose. Any derived versions of this -.\" software must be clearly marked as such, and if the derived work is -.\" incompatible with the protocol description in the RFC file, it must be -.\" called by a name other than "ssh" or "Secure Shell". -.\" -.\" -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd September 25, 1999 -.Dt SSH-KEYGEN 1 -.Os -.Sh NAME -.Nm ssh-keygen -.Nd authentication key generation, management and conversion -.Sh SYNOPSIS -.Nm ssh-keygen -.Bk -words -.Op Fl q -.Op Fl b Ar bits -.Fl t Ar type -.Op Fl N Ar new_passphrase -.Op Fl C Ar comment -.Op Fl f Ar output_keyfile -.Ek -.Nm ssh-keygen -.Fl p -.Op Fl P Ar old_passphrase -.Op Fl N Ar new_passphrase -.Op Fl f Ar keyfile -.Nm ssh-keygen -.Fl i -.Op Fl f Ar input_keyfile -.Nm ssh-keygen -.Fl e -.Op Fl f Ar input_keyfile -.Nm ssh-keygen -.Fl y -.Op Fl f Ar input_keyfile -.Nm ssh-keygen -.Fl c -.Op Fl P Ar passphrase -.Op Fl C Ar comment -.Op Fl f Ar keyfile -.Nm ssh-keygen -.Fl l -.Op Fl f Ar input_keyfile -.Nm ssh-keygen -.Fl B -.Op Fl f Ar input_keyfile -.Nm ssh-keygen -.Fl D Ar reader -.Nm ssh-keygen -.Fl U Ar reader -.Op Fl f Ar input_keyfile -.Nm ssh-keygen -.Fl r Ar hostname -.Op Fl f Ar input_keyfile -.Op Fl g -.Nm ssh-keygen -.Fl G Ar output_file -.Op Fl b Ar bits -.Op Fl M Ar memory -.Op Fl S Ar start_point -.Nm ssh-keygen -.Fl T Ar output_file -.Fl f Ar input_file -.Op Fl a Ar num_trials -.Op Fl W Ar generator -.Sh DESCRIPTION -.Nm -generates, manages and converts authentication keys for -.Xr ssh 1 . -.Nm -can create RSA keys for use by SSH protocol version 1 and RSA or DSA -keys for use by SSH protocol version 2. -The type of key to be generated is specified with the -.Fl t -option. -.Pp -.Nm -is also used to generate groups for use in Diffie-Hellman group -exchange (DH-GEX). -See the -.Sx MODULI GENERATION -section for details. -.Pp -Normally each user wishing to use SSH -with RSA or DSA authentication runs this once to create the authentication -key in -.Pa $HOME/.ssh/identity , -.Pa $HOME/.ssh/id_dsa -or -.Pa $HOME/.ssh/id_rsa . -Additionally, the system administrator may use this to generate host keys, -as seen in -.Pa /etc/rc . -.Pp -Normally this program generates the key and asks for a file in which -to store the private key. -The public key is stored in a file with the same name but -.Dq .pub -appended. -The program also asks for a passphrase. -The passphrase may be empty to indicate no passphrase -(host keys must have an empty passphrase), or it may be a string of -arbitrary length. -A passphrase is similar to a password, except it can be a phrase with a -series of words, punctuation, numbers, whitespace, or any string of -characters you want. -Good passphrases are 10-30 characters long, are -not simple sentences or otherwise easily guessable (English -prose has only 1-2 bits of entropy per character, and provides very bad -passphrases), and contain a mix of upper and lowercase letters, -numbers, and non-alphanumeric characters. -The passphrase can be changed later by using the -.Fl p -option. -.Pp -There is no way to recover a lost passphrase. -If the passphrase is -lost or forgotten, a new key must be generated and copied to the -corresponding public key to other machines. -.Pp -For RSA1 keys, -there is also a comment field in the key file that is only for -convenience to the user to help identify the key. -The comment can tell what the key is for, or whatever is useful. -The comment is initialized to -.Dq user@host -when the key is created, but can be changed using the -.Fl c -option. -.Pp -After a key is generated, instructions below detail where the keys -should be placed to be activated. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl a Ar trials -Specifies the number of primality tests to perform when screening DH-GEX -candidates using the -.Fl T -command. -.It Fl b Ar bits -Specifies the number of bits in the key to create. -Minimum is 512 bits. -Generally, 1024 bits is considered sufficient. -The default is 1024 bits. -.It Fl c -Requests changing the comment in the private and public key files. -This operation is only supported for RSA1 keys. -The program will prompt for the file containing the private keys, for -the passphrase if the key has one, and for the new comment. -.It Fl e -This option will read a private or public OpenSSH key file and -print the key in a -.Sq SECSH Public Key File Format -to stdout. -This option allows exporting keys for use by several commercial -SSH implementations. -.It Fl g -Use generic DNS resource record format. -.It Fl f Ar filename -Specifies the filename of the key file. -.It Fl i -This option will read an unencrypted private (or public) key file -in SSH2-compatible format and print an OpenSSH compatible private -(or public) key to stdout. -.Nm -also reads the -.Sq SECSH Public Key File Format . -This option allows importing keys from several commercial -SSH implementations. -.It Fl l -Show fingerprint of specified public key file. -Private RSA1 keys are also supported. -For RSA and DSA keys -.Nm -tries to find the matching public key file and prints its fingerprint. -.It Fl p -Requests changing the passphrase of a private key file instead of -creating a new private key. -The program will prompt for the file -containing the private key, for the old passphrase, and twice for the -new passphrase. -.It Fl q -Silence -.Nm ssh-keygen . -Used by -.Pa /etc/rc -when creating a new key. -.It Fl y -This option will read a private -OpenSSH format file and print an OpenSSH public key to stdout. -.It Fl t Ar type -Specifies the type of the key to create. -The possible values are -.Dq rsa1 -for protocol version 1 and -.Dq rsa -or -.Dq dsa -for protocol version 2. -.It Fl B -Show the bubblebabble digest of specified private or public key file. -.It Fl C Ar comment -Provides the new comment. -.It Fl D Ar reader -Download the RSA public key stored in the smartcard in -.Ar reader . -.It Fl G Ar output_file -Generate candidate primes for DH-GEX. -These primes must be screened for -safety (using the -.Fl T -option) before use. -.It Fl M Ar memory -Specify the amount of memory to use (in megabytes) when generating -candidate moduli for DH-GEX. -.It Fl N Ar new_passphrase -Provides the new passphrase. -.It Fl P Ar passphrase -Provides the (old) passphrase. -.It Fl S Ar start -Specify start point (in hex) when generating candidate moduli for DH-GEX. -.It Fl T Ar output_file -Test DH group exchange candidate primes (generated using the -.Fl G -option) for safety. -.It Fl W Ar generator -Specify desired generator when testing candidate moduli for DH-GEX. -.It Fl U Ar reader -Upload an existing RSA private key into the smartcard in -.Ar reader . -.It Fl r Ar hostname -Print DNS resource record with the specified -.Ar hostname . -.El -.Sh MODULI GENERATION -.Nm -may be used to generate groups for the Diffie-Hellman Group Exchange -(DH-GEX) protocol. -Generating these groups is a two-step process: first, candidate -primes are generated using a fast, but memory intensive process. -These candidate primes are then tested for suitability (a CPU-intensive -process). -.Pp -Generation of primes is performed using the -.Fl G -option. -The desired length of the primes may be specified by the -.Fl b -option. -For example: -.Pp -.Dl ssh-keygen -G moduli-2048.candidates -b 2048 -.Pp -By default, the search for primes begins at a random point in the -desired length range. -This may be overridden using the -.Fl S -option, which specifies a different start point (in hex). -.Pp -Once a set of candidates have been generated, they must be tested for -suitability. -This may be performed using the -.Fl T -option. -In this mode -.Nm -will read candidates from standard input (or a file specified using the -.Fl f -option). -For example: -.Pp -.Dl ssh-keygen -T moduli-2048 -f moduli-2048.candidates -.Pp -By default, each candidate will be subjected to 100 primality tests. -This may be overridden using the -.Fl a -option. -The DH generator value will be chosen automatically for the -prime under consideration. -If a specific generator is desired, it may be requested using the -.Fl W -option. -Valid generator values are 2, 3 and 5. -.Pp -Screened DH groups may be installed in -.Pa /etc/moduli . -It is important that this file contains moduli of a range of bit lengths and -that both ends of a connection share common moduli. -.Sh FILES -.Bl -tag -width Ds -.It Pa $HOME/.ssh/identity -Contains the protocol version 1 RSA authentication identity of the user. -This file should not be readable by anyone but the user. -It is possible to -specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file using 3DES. -This file is not automatically accessed by -.Nm -but it is offered as the default file for the private key. -.Xr ssh 1 -will read this file when a login attempt is made. -.It Pa $HOME/.ssh/identity.pub -Contains the protocol version 1 RSA public key for authentication. -The contents of this file should be added to -.Pa $HOME/.ssh/authorized_keys -on all machines -where the user wishes to log in using RSA authentication. -There is no need to keep the contents of this file secret. -.It Pa $HOME/.ssh/id_dsa -Contains the protocol version 2 DSA authentication identity of the user. -This file should not be readable by anyone but the user. -It is possible to -specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file using 3DES. -This file is not automatically accessed by -.Nm -but it is offered as the default file for the private key. -.Xr ssh 1 -will read this file when a login attempt is made. -.It Pa $HOME/.ssh/id_dsa.pub -Contains the protocol version 2 DSA public key for authentication. -The contents of this file should be added to -.Pa $HOME/.ssh/authorized_keys -on all machines -where the user wishes to log in using public key authentication. -There is no need to keep the contents of this file secret. -.It Pa $HOME/.ssh/id_rsa -Contains the protocol version 2 RSA authentication identity of the user. -This file should not be readable by anyone but the user. -It is possible to -specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file using 3DES. -This file is not automatically accessed by -.Nm -but it is offered as the default file for the private key. -.Xr ssh 1 -will read this file when a login attempt is made. -.It Pa $HOME/.ssh/id_rsa.pub -Contains the protocol version 2 RSA public key for authentication. -The contents of this file should be added to -.Pa $HOME/.ssh/authorized_keys -on all machines -where the user wishes to log in using public key authentication. -There is no need to keep the contents of this file secret. -.It Pa /etc/moduli -Contains Diffie-Hellman groups used for DH-GEX. -The file format is described in -.Xr moduli 5 . -.El -.Sh SEE ALSO -.Xr ssh 1 , -.Xr ssh-add 1 , -.Xr ssh-agent 1 , -.Xr moduli 5 , -.Xr sshd 8 -.Rs -.%A J. Galbraith -.%A R. Thayer -.%T "SECSH Public Key File Format" -.%N draft-ietf-secsh-publickeyfile-01.txt -.%D March 2001 -.%O work in progress material -.Re -.Sh AUTHORS -OpenSSH is a derivative of the original and free -ssh 1.2.12 release by Tatu Ylonen. -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, -Theo de Raadt and Dug Song -removed many bugs, re-added newer features and -created OpenSSH. -Markus Friedl contributed the support for SSH -protocol versions 1.5 and 2.0. Binary files openssh-3.7p1/linux/ssh-keygen.o and openssh-3.7.1p1/linux/ssh-keygen.o differ Binary files openssh-3.7p1/linux/ssh-keyscan and openssh-3.7.1p1/linux/ssh-keyscan differ diff -ru --new-file openssh-3.7p1/linux/ssh-keyscan.1.out openssh-3.7.1p1/linux/ssh-keyscan.1.out --- openssh-3.7p1/linux/ssh-keyscan.1.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh-keyscan.1.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,159 +0,0 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.17 2003/06/10 09:12:11 jmc Exp $ -.\" -.\" Copyright 1995, 1996 by David Mazieres . -.\" -.\" Modification and redistribution in source and binary forms is -.\" permitted provided that due credit is given to the author and the -.\" OpenBSD project by leaving this copyright notice intact. -.\" -.Dd January 1, 1996 -.Dt SSH-KEYSCAN 1 -.Os -.Sh NAME -.Nm ssh-keyscan -.Nd gather ssh public keys -.Sh SYNOPSIS -.Nm ssh-keyscan -.Bk -words -.Op Fl v46 -.Op Fl p Ar port -.Op Fl T Ar timeout -.Op Fl t Ar type -.Op Fl f Ar file -.Op Ar host | addrlist namelist -.Op Ar ... -.Ek -.Sh DESCRIPTION -.Nm -is a utility for gathering the public ssh host keys of a number of -hosts. -It was designed to aid in building and verifying -.Pa ssh_known_hosts -files. -.Nm -provides a minimal interface suitable for use by shell and perl -scripts. -.Pp -.Nm -uses non-blocking socket I/O to contact as many hosts as possible in -parallel, so it is very efficient. -The keys from a domain of 1,000 -hosts can be collected in tens of seconds, even when some of those -hosts are down or do not run ssh. -For scanning, one does not need -login access to the machines that are being scanned, nor does the -scanning process involve any encryption. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl p Ar port -Port to connect to on the remote host. -.It Fl T Ar timeout -Set the timeout for connection attempts. -If -.Pa timeout -seconds have elapsed since a connection was initiated to a host or since the -last time anything was read from that host, then the connection is -closed and the host in question considered unavailable. -Default is 5 seconds. -.It Fl t Ar type -Specifies the type of the key to fetch from the scanned hosts. -The possible values are -.Dq rsa1 -for protocol version 1 and -.Dq rsa -or -.Dq dsa -for protocol version 2. -Multiple values may be specified by separating them with commas. -The default is -.Dq rsa1 . -.It Fl f Ar filename -Read hosts or -.Pa addrlist namelist -pairs from this file, one per line. -If -.Pa - -is supplied instead of a filename, -.Nm -will read hosts or -.Pa addrlist namelist -pairs from the standard input. -.It Fl v -Verbose mode. -Causes -.Nm -to print debugging messages about its progress. -.It Fl 4 -Forces -.Nm -to use IPv4 addresses only. -.It Fl 6 -Forces -.Nm -to use IPv6 addresses only. -.El -.Sh SECURITY -If a ssh_known_hosts file is constructed using -.Nm -without verifying the keys, users will be vulnerable to -.I man in the middle -attacks. -On the other hand, if the security model allows such a risk, -.Nm -can help in the detection of tampered keyfiles or man in the middle -attacks which have begun after the ssh_known_hosts file was created. -.Sh FILES -.Pa Input format: -.Bd -literal -1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 -.Ed -.Pp -.Pa Output format for rsa1 keys: -.Bd -literal -host-or-namelist bits exponent modulus -.Ed -.Pp -.Pa Output format for rsa and dsa keys: -.Bd -literal -host-or-namelist keytype base64-encoded-key -.Ed -.Pp -Where -.Pa keytype -is either -.Dq ssh-rsa -or -.Dq ssh-dss . -.Pp -.Pa /usr/local/etc/ssh_known_hosts -.Sh EXAMPLES -Print the -.Pa rsa1 -host key for machine -.Pa hostname : -.Bd -literal -$ ssh-keyscan hostname -.Ed -.Pp -Find all hosts from the file -.Pa ssh_hosts -which have new or different keys from those in the sorted file -.Pa ssh_known_hosts : -.Bd -literal -$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e - sort -u - ssh_known_hosts | diff ssh_known_hosts - -.Ed -.Sh SEE ALSO -.Xr ssh 1 , -.Xr sshd 8 -.Sh AUTHORS -.An David Mazieres Aq dm@lcs.mit.edu -wrote the initial version, and -.An Wayne Davison Aq wayned@users.sourceforge.net -added support for protocol version 2. -.Sh BUGS -It generates "Connection closed by remote host" messages on the consoles -of all the machines it scans if the server is older than version 2.9. -This is because it opens a connection to the ssh port, reads the public -key, and drops the connection as soon as it gets the key. Binary files openssh-3.7p1/linux/ssh-keyscan.o and openssh-3.7.1p1/linux/ssh-keyscan.o differ Binary files openssh-3.7p1/linux/ssh-keysign and openssh-3.7.1p1/linux/ssh-keysign differ diff -ru --new-file openssh-3.7p1/linux/ssh-keysign.8.out openssh-3.7.1p1/linux/ssh-keysign.8.out --- openssh-3.7p1/linux/ssh-keysign.8.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh-keysign.8.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,82 +0,0 @@ -.\" $OpenBSD: ssh-keysign.8,v 1.7 2003/06/10 09:12:11 jmc Exp $ -.\" -.\" Copyright (c) 2002 Markus Friedl. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd May 24, 2002 -.Dt SSH-KEYSIGN 8 -.Os -.Sh NAME -.Nm ssh-keysign -.Nd ssh helper program for hostbased authentication -.Sh SYNOPSIS -.Nm -.Sh DESCRIPTION -.Nm -is used by -.Xr ssh 1 -to access the local host keys and generate the digital signature -required during hostbased authentication with SSH protocol version 2. -.Pp -.Nm -is disabled by default and can only be enabled in the -global client configuration file -.Pa /usr/local/etc/ssh_config -by setting -.Cm EnableSSHKeysign -to -.Dq yes . -.Pp -.Nm -is not intended to be invoked by the user, but from -.Xr ssh 1 . -See -.Xr ssh 1 -and -.Xr sshd 8 -for more information about hostbased authentication. -.Sh FILES -.Bl -tag -width Ds -.It Pa /usr/local/etc/ssh_config -Controls whether -.Nm -is enabled. -.It Pa /usr/local/etc/ssh_host_dsa_key, /usr/local/etc/ssh_host_rsa_key -These files contain the private parts of the host keys used to -generate the digital signature. -They should be owned by root, readable only by root, and not -accessible to others. -Since they are readable only by root, -.Nm -must be set-uid root if hostbased authentication is used. -.El -.Sh SEE ALSO -.Xr ssh 1 , -.Xr ssh-keygen 1 , -.Xr ssh_config 5 , -.Xr sshd 8 -.Sh HISTORY -.Nm -first appeared in -.Ox 3.2 . -.Sh AUTHORS -.An Markus Friedl Aq markus@openbsd.org Binary files openssh-3.7p1/linux/ssh-keysign.o and openssh-3.7.1p1/linux/ssh-keysign.o differ Binary files openssh-3.7p1/linux/ssh-rand-helper and openssh-3.7.1p1/linux/ssh-rand-helper differ diff -ru --new-file openssh-3.7p1/linux/ssh-rand-helper.8.out openssh-3.7.1p1/linux/ssh-rand-helper.8.out --- openssh-3.7p1/linux/ssh-rand-helper.8.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh-rand-helper.8.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,94 +0,0 @@ -.\" $Id: ssh-rand-helper.8,v 1.1 2002/04/14 09:27:13 djm Exp $ -.\" -.\" Copyright (c) 2002 Damien Miller. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd April 14, 2002 -.Dt SSH-RAND-HELPER 8 -.Os -.Sh NAME -.Nm ssh-rand-helper -.Nd Random number gatherer for OpenSSH -.Sh SYNOPSIS -.Nm ssh-rand-hlper -.Op Fl vxXh -.Op Fl b Ar bytes -.Sh DESCRIPTION -.Nm -is a small helper program used by -.Xr ssh 1 , -.Xr ssh-add 1 , -.Xr ssh-agent 1 , -.Xr ssh-keygen 1 , -.Xr ssh-keyscan 1 -and -.Xr sshd 8 -to gather random numbers of cryptographic quality if the -.Xr openssl 4 -library has not been configured to provide them itself. -.Pp -Normally -.Nm -will generate a strong random seed and provide it to the calling -program via standard output. If standard output is a tty, -.Nm -will instead print the seed in hexidecimal format unless told otherwise. -.Pp -.Nm -will by default gather random numbers from the system commands listed -in -.Pa /usr/local/etc/ssh_prng_cmds . -The output of each of the commands listed will be hashed and used to -generate a random seed for the calling program. -.Nm -will also store seed files in -.Pa ~/.ssh/prng_seed -between executions. -.Pp -Alternately, -.Nm -may be configured at build time to collect random numbers from a -EGD/PRNGd server via a unix domain or localhost tcp socket. -.Pp -This program is not intended to be run by the end-user, so the few -commandline options are for debugging purposes only. -.Bl -tag -width Ds -.It Fl b Ar bytes -Specify the number of random bytes to include in the output. -.It Fl x -Output a hexidecimal instead of a binary seed. -.It Fl X -Force output of a binary seed, even if standard output is a tty -.It Fl v -Turn on debugging message. Multiple -.Fl v -options will increase the debugging level. -.Fl h -Display a summary of options. -.El -.Sh AUTHORS -Damien Miller -.Sh SEE ALSO -.Xr ssh 1 , -.Xr ssh-add 1 , -.Xr ssh-keygen 1 , -.Xr sshd 8 Binary files openssh-3.7p1/linux/ssh-rand-helper.o and openssh-3.7.1p1/linux/ssh-rand-helper.o differ Binary files openssh-3.7p1/linux/ssh-rsa.o and openssh-3.7.1p1/linux/ssh-rsa.o differ diff -ru --new-file openssh-3.7p1/linux/ssh.1.out openssh-3.7.1p1/linux/ssh.1.out --- openssh-3.7p1/linux/ssh.1.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh.1.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,998 +0,0 @@ -.\" -*- nroff -*- -.\" -.\" Author: Tatu Ylonen -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" As far as I am concerned, the code I have written for this software -.\" can be used freely for any purpose. Any derived versions of this -.\" software must be clearly marked as such, and if the derived work is -.\" incompatible with the protocol description in the RFC file, it must be -.\" called by a name other than "ssh" or "Secure Shell". -.\" -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $OpenBSD: ssh.1,v 1.175 2003/07/22 13:35:22 markus Exp $ -.Dd September 25, 1999 -.Dt SSH 1 -.Os -.Sh NAME -.Nm ssh -.Nd OpenSSH SSH client (remote login program) -.Sh SYNOPSIS -.Nm ssh -.Op Fl l Ar login_name -.Ar hostname | user@hostname -.Op Ar command -.Pp -.Nm ssh -.Bk -words -.Op Fl afgknqstvxACNTVX1246 -.Op Fl b Ar bind_address -.Op Fl c Ar cipher_spec -.Op Fl e Ar escape_char -.Op Fl i Ar identity_file -.Op Fl l Ar login_name -.Op Fl m Ar mac_spec -.Op Fl o Ar option -.Op Fl p Ar port -.Op Fl F Ar configfile -.Oo Fl L Xo -.Sm off -.Ar port : -.Ar host : -.Ar hostport -.Sm on -.Xc -.Oc -.Ek -.Bk -words -.Oo Fl R Xo -.Sm off -.Ar port : -.Ar host : -.Ar hostport -.Sm on -.Xc -.Oc -.Op Fl D Ar port -.Ar hostname | user@hostname -.Op Ar command -.Ek -.Sh DESCRIPTION -.Nm -(SSH client) is a program for logging into a remote machine and for -executing commands on a remote machine. -It is intended to replace -rlogin and rsh, and provide secure encrypted communications between -two untrusted hosts over an insecure network. -X11 connections and -arbitrary TCP/IP ports can also be forwarded over the secure channel. -.Pp -.Nm -connects and logs into the specified -.Ar hostname . -The user must prove -his/her identity to the remote machine using one of several methods -depending on the protocol version used: -.Pp -.Ss SSH protocol version 1 -.Pp -First, if the machine the user logs in from is listed in -.Pa /etc/hosts.equiv -or -.Pa /usr/local/etc/shosts.equiv -on the remote machine, and the user names are -the same on both sides, the user is immediately permitted to log in. -Second, if -.Pa \&.rhosts -or -.Pa \&.shosts -exists in the user's home directory on the -remote machine and contains a line containing the name of the client -machine and the name of the user on that machine, the user is -permitted to log in. -This form of authentication alone is normally not -allowed by the server because it is not secure. -.Pp -The second authentication method is the -.Pa rhosts -or -.Pa hosts.equiv -method combined with RSA-based host authentication. -It means that if the login would be permitted by -.Pa $HOME/.rhosts , -.Pa $HOME/.shosts , -.Pa /etc/hosts.equiv , -or -.Pa /usr/local/etc/shosts.equiv , -and if additionally the server can verify the client's -host key (see -.Pa /usr/local/etc/ssh_known_hosts -and -.Pa $HOME/.ssh/known_hosts -in the -.Sx FILES -section), only then login is permitted. -This authentication method closes security holes due to IP -spoofing, DNS spoofing and routing spoofing. -[Note to the administrator: -.Pa /etc/hosts.equiv , -.Pa $HOME/.rhosts , -and the rlogin/rsh protocol in general, are inherently insecure and should be -disabled if security is desired.] -.Pp -As a third authentication method, -.Nm -supports RSA based authentication. -The scheme is based on public-key cryptography: there are cryptosystems -where encryption and decryption are done using separate keys, and it -is not possible to derive the decryption key from the encryption key. -RSA is one such system. -The idea is that each user creates a public/private -key pair for authentication purposes. -The server knows the public key, and only the user knows the private key. -The file -.Pa $HOME/.ssh/authorized_keys -lists the public keys that are permitted for logging -in. -When the user logs in, the -.Nm -program tells the server which key pair it would like to use for -authentication. -The server checks if this key is permitted, and if -so, sends the user (actually the -.Nm -program running on behalf of the user) a challenge, a random number, -encrypted by the user's public key. -The challenge can only be -decrypted using the proper private key. -The user's client then decrypts the -challenge using the private key, proving that he/she knows the private -key but without disclosing it to the server. -.Pp -.Nm -implements the RSA authentication protocol automatically. -The user creates his/her RSA key pair by running -.Xr ssh-keygen 1 . -This stores the private key in -.Pa $HOME/.ssh/identity -and the public key in -.Pa $HOME/.ssh/identity.pub -in the user's home directory. -The user should then copy the -.Pa identity.pub -to -.Pa $HOME/.ssh/authorized_keys -in his/her home directory on the remote machine (the -.Pa authorized_keys -file corresponds to the conventional -.Pa $HOME/.rhosts -file, and has one key -per line, though the lines can be very long). -After this, the user can log in without giving the password. -RSA authentication is much -more secure than rhosts authentication. -.Pp -The most convenient way to use RSA authentication may be with an -authentication agent. -See -.Xr ssh-agent 1 -for more information. -.Pp -If other authentication methods fail, -.Nm -prompts the user for a password. -The password is sent to the remote -host for checking; however, since all communications are encrypted, -the password cannot be seen by someone listening on the network. -.Pp -.Ss SSH protocol version 2 -.Pp -When a user connects using protocol version 2 -similar authentication methods are available. -Using the default values for -.Cm PreferredAuthentications , -the client will try to authenticate first using the hostbased method; -if this method fails public key authentication is attempted, -and finally if this method fails keyboard-interactive and -password authentication are tried. -.Pp -The public key method is similar to RSA authentication described -in the previous section and allows the RSA or DSA algorithm to be used: -The client uses his private key, -.Pa $HOME/.ssh/id_dsa -or -.Pa $HOME/.ssh/id_rsa , -to sign the session identifier and sends the result to the server. -The server checks whether the matching public key is listed in -.Pa $HOME/.ssh/authorized_keys -and grants access if both the key is found and the signature is correct. -The session identifier is derived from a shared Diffie-Hellman value -and is only known to the client and the server. -.Pp -If public key authentication fails or is not available a password -can be sent encrypted to the remote host for proving the user's identity. -.Pp -Additionally, -.Nm -supports hostbased or challenge response authentication. -.Pp -Protocol 2 provides additional mechanisms for confidentiality -(the traffic is encrypted using 3DES, Blowfish, CAST128 or Arcfour) -and integrity (hmac-md5, hmac-sha1). -Note that protocol 1 lacks a strong mechanism for ensuring the -integrity of the connection. -.Pp -.Ss Login session and remote execution -.Pp -When the user's identity has been accepted by the server, the server -either executes the given command, or logs into the machine and gives -the user a normal shell on the remote machine. -All communication with -the remote command or shell will be automatically encrypted. -.Pp -If a pseudo-terminal has been allocated (normal login session), the -user may use the escape characters noted below. -.Pp -If no pseudo tty has been allocated, the -session is transparent and can be used to reliably transfer binary -data. -On most systems, setting the escape character to -.Dq none -will also make the session transparent even if a tty is used. -.Pp -The session terminates when the command or shell on the remote -machine exits and all X11 and TCP/IP connections have been closed. -The exit status of the remote program is returned as the exit status -of -.Nm ssh . -.Pp -.Ss Escape Characters -.Pp -When a pseudo terminal has been requested, ssh supports a number of functions -through the use of an escape character. -.Pp -A single tilde character can be sent as -.Ic ~~ -or by following the tilde by a character other than those described below. -The escape character must always follow a newline to be interpreted as -special. -The escape character can be changed in configuration files using the -.Cm EscapeChar -configuration directive or on the command line by the -.Fl e -option. -.Pp -The supported escapes (assuming the default -.Ql ~ ) -are: -.Bl -tag -width Ds -.It Cm ~. -Disconnect -.It Cm ~^Z -Background ssh -.It Cm ~# -List forwarded connections -.It Cm ~& -Background ssh at logout when waiting for forwarded connection / X11 sessions -to terminate -.It Cm ~? -Display a list of escape characters -.It Cm ~B -Send a BREAK to the remote system (only useful for SSH protocol version 2 -and if the peer supports it) -.It Cm ~C -Open command line (only useful for adding port forwardings using the -.Fl L -and -.Fl R -options) -.It Cm ~R -Request rekeying of the connection (only useful for SSH protocol version 2 -and if the peer supports it) -.El -.Pp -.Ss X11 and TCP forwarding -.Pp -If the -.Cm ForwardX11 -variable is set to -.Dq yes -(or, see the description of the -.Fl X -and -.Fl x -options described later) -and the user is using X11 (the -.Ev DISPLAY -environment variable is set), the connection to the X11 display is -automatically forwarded to the remote side in such a way that any X11 -programs started from the shell (or command) will go through the -encrypted channel, and the connection to the real X server will be made -from the local machine. -The user should not manually set -.Ev DISPLAY . -Forwarding of X11 connections can be -configured on the command line or in configuration files. -.Pp -The -.Ev DISPLAY -value set by -.Nm -will point to the server machine, but with a display number greater -than zero. -This is normal, and happens because -.Nm -creates a -.Dq proxy -X server on the server machine for forwarding the -connections over the encrypted channel. -.Pp -.Nm -will also automatically set up Xauthority data on the server machine. -For this purpose, it will generate a random authorization cookie, -store it in Xauthority on the server, and verify that any forwarded -connections carry this cookie and replace it by the real cookie when -the connection is opened. -The real authentication cookie is never -sent to the server machine (and no cookies are sent in the plain). -.Pp -If the -.Cm ForwardAgent -variable is set to -.Dq yes -(or, see the description of the -.Fl A -and -.Fl a -options described later) and -the user is using an authentication agent, the connection to the agent -is automatically forwarded to the remote side. -.Pp -Forwarding of arbitrary TCP/IP connections over the secure channel can -be specified either on the command line or in a configuration file. -One possible application of TCP/IP forwarding is a secure connection to an -electronic purse; another is going through firewalls. -.Pp -.Ss Server authentication -.Pp -.Nm -automatically maintains and checks a database containing -identifications for all hosts it has ever been used with. -Host keys are stored in -.Pa $HOME/.ssh/known_hosts -in the user's home directory. -Additionally, the file -.Pa /usr/local/etc/ssh_known_hosts -is automatically checked for known hosts. -Any new hosts are automatically added to the user's file. -If a host's identification -ever changes, -.Nm -warns about this and disables password authentication to prevent a -trojan horse from getting the user's password. -Another purpose of -this mechanism is to prevent man-in-the-middle attacks which could -otherwise be used to circumvent the encryption. -The -.Cm StrictHostKeyChecking -option can be used to prevent logins to machines whose -host key is not known or has changed. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl a -Disables forwarding of the authentication agent connection. -.It Fl A -Enables forwarding of the authentication agent connection. -This can also be specified on a per-host basis in a configuration file. -.Pp -Agent forwarding should be enabled with caution. -Users with the ability to bypass file permissions on the remote host -(for the agent's Unix-domain socket) -can access the local agent through the forwarded connection. -An attacker cannot obtain key material from the agent, -however they can perform operations on the keys that enable them to -authenticate using the identities loaded into the agent. -.It Fl b Ar bind_address -Specify the interface to transmit from on machines with multiple -interfaces or aliased addresses. -.It Fl c Ar blowfish|3des|des -Selects the cipher to use for encrypting the session. -.Ar 3des -is used by default. -It is believed to be secure. -.Ar 3des -(triple-des) is an encrypt-decrypt-encrypt triple with three different keys. -.Ar blowfish -is a fast block cipher, it appears very secure and is much faster than -.Ar 3des . -.Ar des -is only supported in the -.Nm -client for interoperability with legacy protocol 1 implementations -that do not support the -.Ar 3des -cipher. -Its use is strongly discouraged due to cryptographic weaknesses. -.It Fl c Ar cipher_spec -Additionally, for protocol version 2 a comma-separated list of ciphers can -be specified in order of preference. -See -.Cm Ciphers -for more information. -.It Fl e Ar ch|^ch|none -Sets the escape character for sessions with a pty (default: -.Ql ~ ) . -The escape character is only recognized at the beginning of a line. -The escape character followed by a dot -.Pq Ql \&. -closes the connection, followed -by control-Z suspends the connection, and followed by itself sends the -escape character once. -Setting the character to -.Dq none -disables any escapes and makes the session fully transparent. -.It Fl f -Requests -.Nm -to go to background just before command execution. -This is useful if -.Nm -is going to ask for passwords or passphrases, but the user -wants it in the background. -This implies -.Fl n . -The recommended way to start X11 programs at a remote site is with -something like -.Ic ssh -f host xterm . -.It Fl g -Allows remote hosts to connect to local forwarded ports. -.It Fl i Ar identity_file -Selects a file from which the identity (private key) for -RSA or DSA authentication is read. -The default is -.Pa $HOME/.ssh/identity -for protocol version 1, and -.Pa $HOME/.ssh/id_rsa -and -.Pa $HOME/.ssh/id_dsa -for protocol version 2. -Identity files may also be specified on -a per-host basis in the configuration file. -It is possible to have multiple -.Fl i -options (and multiple identities specified in -configuration files). -.It Fl I Ar smartcard_device -Specifies which smartcard device to use. -The argument is the device -.Nm -should use to communicate with a smartcard used for storing the user's -private RSA key. -.It Fl k -Disables forwarding of Kerberos tickets. -This may also be specified on a per-host basis in the configuration file. -.It Fl l Ar login_name -Specifies the user to log in as on the remote machine. -This also may be specified on a per-host basis in the configuration file. -.It Fl m Ar mac_spec -Additionally, for protocol version 2 a comma-separated list of MAC -(message authentication code) algorithms can -be specified in order of preference. -See the -.Cm MACs -keyword for more information. -.It Fl n -Redirects stdin from -.Pa /dev/null -(actually, prevents reading from stdin). -This must be used when -.Nm -is run in the background. -A common trick is to use this to run X11 programs on a remote machine. -For example, -.Ic ssh -n shadows.cs.hut.fi emacs & -will start an emacs on shadows.cs.hut.fi, and the X11 -connection will be automatically forwarded over an encrypted channel. -The -.Nm -program will be put in the background. -(This does not work if -.Nm -needs to ask for a password or passphrase; see also the -.Fl f -option.) -.It Fl N -Do not execute a remote command. -This is useful for just forwarding ports -(protocol version 2 only). -.It Fl o Ar option -Can be used to give options in the format used in the configuration file. -This is useful for specifying options for which there is no separate -command-line flag. -.It Fl p Ar port -Port to connect to on the remote host. -This can be specified on a -per-host basis in the configuration file. -.It Fl q -Quiet mode. -Causes all warning and diagnostic messages to be suppressed. -.It Fl s -May be used to request invocation of a subsystem on the remote system. -Subsystems are a feature of the SSH2 protocol which facilitate the use -of SSH as a secure transport for other applications (eg. sftp). -The subsystem is specified as the remote command. -.It Fl t -Force pseudo-tty allocation. -This can be used to execute arbitrary -screen-based programs on a remote machine, which can be very useful, -e.g., when implementing menu services. -Multiple -.Fl t -options force tty allocation, even if -.Nm -has no local tty. -.It Fl T -Disable pseudo-tty allocation. -.It Fl v -Verbose mode. -Causes -.Nm -to print debugging messages about its progress. -This is helpful in -debugging connection, authentication, and configuration problems. -Multiple -.Fl v -options increase the verbosity. -The maximum is 3. -.It Fl V -Display the version number and exit. -.It Fl x -Disables X11 forwarding. -.It Fl X -Enables X11 forwarding. -This can also be specified on a per-host basis in a configuration file. -.Pp -X11 forwarding should be enabled with caution. -Users with the ability to bypass file permissions on the remote host -(for the user's X authorization database) -can access the local X11 display through the forwarded connection. -An attacker may then be able to perform activities such as keystroke monitoring. -.It Fl C -Requests compression of all data (including stdin, stdout, stderr, and -data for forwarded X11 and TCP/IP connections). -The compression algorithm is the same used by -.Xr gzip 1 , -and the -.Dq level -can be controlled by the -.Cm CompressionLevel -option for protocol version 1. -Compression is desirable on modem lines and other -slow connections, but will only slow down things on fast networks. -The default value can be set on a host-by-host basis in the -configuration files; see the -.Cm Compression -option. -.It Fl F Ar configfile -Specifies an alternative per-user configuration file. -If a configuration file is given on the command line, -the system-wide configuration file -.Pq Pa /usr/local/etc/ssh_config -will be ignored. -The default for the per-user configuration file is -.Pa $HOME/.ssh/config . -.It Fl L Ar port:host:hostport -Specifies that the given port on the local (client) host is to be -forwarded to the given host and port on the remote side. -This works by allocating a socket to listen to -.Ar port -on the local side, and whenever a connection is made to this port, the -connection is forwarded over the secure channel, and a connection is -made to -.Ar host -port -.Ar hostport -from the remote machine. -Port forwardings can also be specified in the configuration file. -Only root can forward privileged ports. -IPv6 addresses can be specified with an alternative syntax: -.Ar port/host/hostport -.It Fl R Ar port:host:hostport -Specifies that the given port on the remote (server) host is to be -forwarded to the given host and port on the local side. -This works by allocating a socket to listen to -.Ar port -on the remote side, and whenever a connection is made to this port, the -connection is forwarded over the secure channel, and a connection is -made to -.Ar host -port -.Ar hostport -from the local machine. -Port forwardings can also be specified in the configuration file. -Privileged ports can be forwarded only when -logging in as root on the remote machine. -IPv6 addresses can be specified with an alternative syntax: -.Ar port/host/hostport -.It Fl D Ar port -Specifies a local -.Dq dynamic -application-level port forwarding. -This works by allocating a socket to listen to -.Ar port -on the local side, and whenever a connection is made to this port, the -connection is forwarded over the secure channel, and the application -protocol is then used to determine where to connect to from the -remote machine. -Currently the SOCKS4 and SOCKS5 protocols are supported, and -.Nm -will act as a SOCKS server. -Only root can forward privileged ports. -Dynamic port forwardings can also be specified in the configuration file. -.It Fl 1 -Forces -.Nm -to try protocol version 1 only. -.It Fl 2 -Forces -.Nm -to try protocol version 2 only. -.It Fl 4 -Forces -.Nm -to use IPv4 addresses only. -.It Fl 6 -Forces -.Nm -to use IPv6 addresses only. -.El -.Sh CONFIGURATION FILES -.Nm -may additionally obtain configuration data from -a per-user configuration file and a system-wide configuration file. -The file format and configuration options are described in -.Xr ssh_config 5 . -.Sh ENVIRONMENT -.Nm -will normally set the following environment variables: -.Bl -tag -width Ds -.It Ev DISPLAY -The -.Ev DISPLAY -variable indicates the location of the X11 server. -It is automatically set by -.Nm -to point to a value of the form -.Dq hostname:n -where hostname indicates -the host where the shell runs, and n is an integer >= 1. -.Nm -uses this special value to forward X11 connections over the secure -channel. -The user should normally not set -.Ev DISPLAY -explicitly, as that -will render the X11 connection insecure (and will require the user to -manually copy any required authorization cookies). -.It Ev HOME -Set to the path of the user's home directory. -.It Ev LOGNAME -Synonym for -.Ev USER ; -set for compatibility with systems that use this variable. -.It Ev MAIL -Set to the path of the user's mailbox. -.It Ev PATH -Set to the default -.Ev PATH , -as specified when compiling -.Nm ssh . -.It Ev SSH_ASKPASS -If -.Nm -needs a passphrase, it will read the passphrase from the current -terminal if it was run from a terminal. -If -.Nm -does not have a terminal associated with it but -.Ev DISPLAY -and -.Ev SSH_ASKPASS -are set, it will execute the program specified by -.Ev SSH_ASKPASS -and open an X11 window to read the passphrase. -This is particularly useful when calling -.Nm -from a -.Pa .Xsession -or related script. -(Note that on some machines it -may be necessary to redirect the input from -.Pa /dev/null -to make this work.) -.It Ev SSH_AUTH_SOCK -Identifies the path of a unix-domain socket used to communicate with the -agent. -.It Ev SSH_CONNECTION -Identifies the client and server ends of the connection. -The variable contains -four space-separated values: client ip-address, client port number, -server ip-address and server port number. -.It Ev SSH_ORIGINAL_COMMAND -The variable contains the original command line if a forced command -is executed. -It can be used to extract the original arguments. -.It Ev SSH_TTY -This is set to the name of the tty (path to the device) associated -with the current shell or command. -If the current session has no tty, -this variable is not set. -.It Ev TZ -The timezone variable is set to indicate the present timezone if it -was set when the daemon was started (i.e., the daemon passes the value -on to new connections). -.It Ev USER -Set to the name of the user logging in. -.El -.Pp -Additionally, -.Nm -reads -.Pa $HOME/.ssh/environment , -and adds lines of the format -.Dq VARNAME=value -to the environment if the file exists and if users are allowed to -change their environment. -See the -.Cm PermitUserEnvironment -option in -.Xr sshd_config 5 . -.Sh FILES -.Bl -tag -width Ds -.It Pa $HOME/.ssh/known_hosts -Records host keys for all hosts the user has logged into that are not -in -.Pa /usr/local/etc/ssh_known_hosts . -See -.Xr sshd 8 . -.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa -Contains the authentication identity of the user. -They are for protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively. -These files -contain sensitive data and should be readable by the user but not -accessible by others (read/write/execute). -Note that -.Nm -ignores a private key file if it is accessible by others. -It is possible to specify a passphrase when -generating the key; the passphrase will be used to encrypt the -sensitive part of this file using 3DES. -.It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub -Contains the public key for authentication (public part of the -identity file in human-readable form). -The contents of the -.Pa $HOME/.ssh/identity.pub -file should be added to -.Pa $HOME/.ssh/authorized_keys -on all machines -where the user wishes to log in using protocol version 1 RSA authentication. -The contents of the -.Pa $HOME/.ssh/id_dsa.pub -and -.Pa $HOME/.ssh/id_rsa.pub -file should be added to -.Pa $HOME/.ssh/authorized_keys -on all machines -where the user wishes to log in using protocol version 2 DSA/RSA authentication. -These files are not -sensitive and can (but need not) be readable by anyone. -These files are -never used automatically and are not necessary; they are only provided for -the convenience of the user. -.It Pa $HOME/.ssh/config -This is the per-user configuration file. -The file format and configuration options are described in -.Xr ssh_config 5 . -.It Pa $HOME/.ssh/authorized_keys -Lists the public keys (RSA/DSA) that can be used for logging in as this user. -The format of this file is described in the -.Xr sshd 8 -manual page. -In the simplest form the format is the same as the .pub -identity files. -This file is not highly sensitive, but the recommended -permissions are read/write for the user, and not accessible by others. -.It Pa /usr/local/etc/ssh_known_hosts -Systemwide list of known host keys. -This file should be prepared by the -system administrator to contain the public host keys of all machines in the -organization. -This file should be world-readable. -This file contains -public keys, one per line, in the following format (fields separated -by spaces): system name, public key and optional comment field. -When different names are used -for the same machine, all such names should be listed, separated by -commas. -The format is described on the -.Xr sshd 8 -manual page. -.Pp -The canonical system name (as returned by name servers) is used by -.Xr sshd 8 -to verify the client host when logging in; other names are needed because -.Nm -does not convert the user-supplied name to a canonical name before -checking the key, because someone with access to the name servers -would then be able to fool host authentication. -.It Pa /usr/local/etc/ssh_config -Systemwide configuration file. -The file format and configuration options are described in -.Xr ssh_config 5 . -.It Pa /usr/local/etc/ssh_host_key, /usr/local/etc/ssh_host_dsa_key, /usr/local/etc/ssh_host_rsa_key -These three files contain the private parts of the host keys -and are used for -.Cm RhostsRSAAuthentication -and -.Cm HostbasedAuthentication . -If the protocol version 1 -.Cm RhostsRSAAuthentication -method is used, -.Nm -must be setuid root, since the host key is readable only by root. -For protocol version 2, -.Nm -uses -.Xr ssh-keysign 8 -to access the host keys for -.Cm HostbasedAuthentication . -This eliminates the requirement that -.Nm -be setuid root when that authentication method is used. -By default -.Nm -is not setuid root. -.It Pa $HOME/.rhosts -This file is used in -.Pa \&.rhosts -authentication to list the -host/user pairs that are permitted to log in. -(Note that this file is -also used by rlogin and rsh, which makes using this file insecure.) -Each line of the file contains a host name (in the canonical form -returned by name servers), and then a user name on that host, -separated by a space. -On some machines this file may need to be -world-readable if the user's home directory is on a NFS partition, -because -.Xr sshd 8 -reads it as root. -Additionally, this file must be owned by the user, -and must not have write permissions for anyone else. -The recommended -permission for most machines is read/write for the user, and not -accessible by others. -.Pp -Note that by default -.Xr sshd 8 -will be installed so that it requires successful RSA host -authentication before permitting \s+2.\s0rhosts authentication. -If the server machine does not have the client's host key in -.Pa /usr/local/etc/ssh_known_hosts , -it can be stored in -.Pa $HOME/.ssh/known_hosts . -The easiest way to do this is to -connect back to the client from the server machine using ssh; this -will automatically add the host key to -.Pa $HOME/.ssh/known_hosts . -.It Pa $HOME/.shosts -This file is used exactly the same way as -.Pa \&.rhosts . -The purpose for -having this file is to be able to use rhosts authentication with -.Nm -without permitting login with -.Nm rlogin -or -.Xr rsh 1 . -.It Pa /etc/hosts.equiv -This file is used during -.Pa \&.rhosts -authentication. -It contains -canonical hosts names, one per line (the full format is described on -the -.Xr sshd 8 -manual page). -If the client host is found in this file, login is -automatically permitted provided client and server user names are the -same. -Additionally, successful RSA host authentication is normally -required. -This file should only be writable by root. -.It Pa /usr/local/etc/shosts.equiv -This file is processed exactly as -.Pa /etc/hosts.equiv . -This file may be useful to permit logins using -.Nm -but not using rsh/rlogin. -.It Pa /etc/ssh/sshrc -Commands in this file are executed by -.Nm -when the user logs in just before the user's shell (or command) is started. -See the -.Xr sshd 8 -manual page for more information. -.It Pa $HOME/.ssh/rc -Commands in this file are executed by -.Nm -when the user logs in just before the user's shell (or command) is -started. -See the -.Xr sshd 8 -manual page for more information. -.It Pa $HOME/.ssh/environment -Contains additional definitions for environment variables, see section -.Sx ENVIRONMENT -above. -.El -.Sh DIAGNOSTICS -.Nm -exits with the exit status of the remote command or with 255 -if an error occurred. -.Sh SEE ALSO -.Xr rsh 1 , -.Xr scp 1 , -.Xr sftp 1 , -.Xr ssh-add 1 , -.Xr ssh-agent 1 , -.Xr ssh-keygen 1 , -.Xr telnet 1 , -.Xr ssh_config 5 , -.Xr ssh-keysign 8 , -.Xr sshd 8 -.Rs -.%A T. Ylonen -.%A T. Kivinen -.%A M. Saarinen -.%A T. Rinne -.%A S. Lehtinen -.%T "SSH Protocol Architecture" -.%N draft-ietf-secsh-architecture-12.txt -.%D January 2002 -.%O work in progress material -.Re -.Sh AUTHORS -OpenSSH is a derivative of the original and free -ssh 1.2.12 release by Tatu Ylonen. -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, -Theo de Raadt and Dug Song -removed many bugs, re-added newer features and -created OpenSSH. -Markus Friedl contributed the support for SSH -protocol versions 1.5 and 2.0. Binary files openssh-3.7p1/linux/ssh.o and openssh-3.7.1p1/linux/ssh.o differ diff -ru --new-file openssh-3.7p1/linux/ssh_config.5.out openssh-3.7.1p1/linux/ssh_config.5.out --- openssh-3.7p1/linux/ssh_config.5.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh_config.5.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,665 +0,0 @@ -.\" -*- nroff -*- -.\" -.\" Author: Tatu Ylonen -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" As far as I am concerned, the code I have written for this software -.\" can be used freely for any purpose. Any derived versions of this -.\" software must be clearly marked as such, and if the derived work is -.\" incompatible with the protocol description in the RFC file, it must be -.\" called by a name other than "ssh" or "Secure Shell". -.\" -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $OpenBSD: ssh_config.5,v 1.20 2003/09/02 18:50:06 jmc Exp $ -.Dd September 25, 1999 -.Dt SSH_CONFIG 5 -.Os -.Sh NAME -.Nm ssh_config -.Nd OpenSSH SSH client configuration files -.Sh SYNOPSIS -.Bl -tag -width Ds -compact -.It Pa $HOME/.ssh/config -.It Pa /usr/local/etc/ssh_config -.El -.Sh DESCRIPTION -.Nm ssh -obtains configuration data from the following sources in -the following order: -.Bl -enum -offset indent -compact -.It -command-line options -.It -user's configuration file -.Pq Pa $HOME/.ssh/config -.It -system-wide configuration file -.Pq Pa /usr/local/etc/ssh_config -.El -.Pp -For each parameter, the first obtained value -will be used. -The configuration files contain sections bracketed by -.Dq Host -specifications, and that section is only applied for hosts that -match one of the patterns given in the specification. -The matched host name is the one given on the command line. -.Pp -Since the first obtained value for each parameter is used, more -host-specific declarations should be given near the beginning of the -file, and general defaults at the end. -.Pp -The configuration file has the following format: -.Pp -Empty lines and lines starting with -.Ql # -are comments. -.Pp -Otherwise a line is of the format -.Dq keyword arguments . -Configuration options may be separated by whitespace or -optional whitespace and exactly one -.Ql = ; -the latter format is useful to avoid the need to quote whitespace -when specifying configuration options using the -.Nm ssh , -.Nm scp -and -.Nm sftp -.Fl o -option. -.Pp -The possible -keywords and their meanings are as follows (note that -keywords are case-insensitive and arguments are case-sensitive): -.Bl -tag -width Ds -.It Cm Host -Restricts the following declarations (up to the next -.Cm Host -keyword) to be only for those hosts that match one of the patterns -given after the keyword. -.Ql \&* -and -.Ql \&? -can be used as wildcards in the -patterns. -A single -.Ql \&* -as a pattern can be used to provide global -defaults for all hosts. -The host is the -.Ar hostname -argument given on the command line (i.e., the name is not converted to -a canonicalized host name before matching). -.It Cm AddressFamily -Specifies which address family to use when connecting. -Valid arguments are -.Dq any , -.Dq inet -(Use IPv4 only) or -.Dq inet6 -(Use IPv6 only.) -.It Cm BatchMode -If set to -.Dq yes , -passphrase/password querying will be disabled. -This option is useful in scripts and other batch jobs where no user -is present to supply the password. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.It Cm BindAddress -Specify the interface to transmit from on machines with multiple -interfaces or aliased addresses. -Note that this option does not work if -.Cm UsePrivilegedPort -is set to -.Dq yes . -.It Cm ChallengeResponseAuthentication -Specifies whether to use challenge response authentication. -The argument to this keyword must be -.Dq yes -or -.Dq no . -The default is -.Dq yes . -.It Cm CheckHostIP -If this flag is set to -.Dq yes , -ssh will additionally check the host IP address in the -.Pa known_hosts -file. -This allows ssh to detect if a host key changed due to DNS spoofing. -If the option is set to -.Dq no , -the check will not be executed. -The default is -.Dq yes . -.It Cm Cipher -Specifies the cipher to use for encrypting the session -in protocol version 1. -Currently, -.Dq blowfish , -.Dq 3des , -and -.Dq des -are supported. -.Ar des -is only supported in the -.Nm ssh -client for interoperability with legacy protocol 1 implementations -that do not support the -.Ar 3des -cipher. -Its use is strongly discouraged due to cryptographic weaknesses. -The default is -.Dq 3des . -.It Cm Ciphers -Specifies the ciphers allowed for protocol version 2 -in order of preference. -Multiple ciphers must be comma-separated. -The default is -.Pp -.Bd -literal - ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, - aes192-cbc,aes256-cbc'' -.Ed -.It Cm ClearAllForwardings -Specifies that all local, remote and dynamic port forwardings -specified in the configuration files or on the command line be -cleared. -This option is primarily useful when used from the -.Nm ssh -command line to clear port forwardings set in -configuration files, and is automatically set by -.Xr scp 1 -and -.Xr sftp 1 . -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.It Cm Compression -Specifies whether to use compression. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.It Cm CompressionLevel -Specifies the compression level to use if compression is enabled. -The argument must be an integer from 1 (fast) to 9 (slow, best). -The default level is 6, which is good for most applications. -The meaning of the values is the same as in -.Xr gzip 1 . -Note that this option applies to protocol version 1 only. -.It Cm ConnectionAttempts -Specifies the number of tries (one per second) to make before exiting. -The argument must be an integer. -This may be useful in scripts if the connection sometimes fails. -The default is 1. -.It Cm ConnectTimeout -Specifies the timeout (in seconds) used when connecting to the ssh -server, instead of using the default system TCP timeout. -This value is used only when the target is down or really unreachable, -not when it refuses the connection. -.It Cm DynamicForward -Specifies that a TCP/IP port on the local machine be forwarded -over the secure channel, and the application -protocol is then used to determine where to connect to from the -remote machine. -The argument must be a port number. -Currently the SOCKS4 and SOCKS5 protocols are supported, and -.Nm ssh -will act as a SOCKS server. -Multiple forwardings may be specified, and -additional forwardings can be given on the command line. -Only the superuser can forward privileged ports. -.It Cm EnableSSHKeysign -Setting this option to -.Dq yes -in the global client configuration file -.Pa /usr/local/etc/ssh_config -enables the use of the helper program -.Xr ssh-keysign 8 -during -.Cm HostbasedAuthentication . -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -See -.Xr ssh-keysign 8 -for more information. -.It Cm EscapeChar -Sets the escape character (default: -.Ql ~ ) . -The escape character can also -be set on the command line. -The argument should be a single character, -.Ql ^ -followed by a letter, or -.Dq none -to disable the escape -character entirely (making the connection transparent for binary -data). -.It Cm ForwardAgent -Specifies whether the connection to the authentication agent (if any) -will be forwarded to the remote machine. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.Pp -Agent forwarding should be enabled with caution. -Users with the ability to bypass file permissions on the remote host -(for the agent's Unix-domain socket) -can access the local agent through the forwarded connection. -An attacker cannot obtain key material from the agent, -however they can perform operations on the keys that enable them to -authenticate using the identities loaded into the agent. -.It Cm ForwardX11 -Specifies whether X11 connections will be automatically redirected -over the secure channel and -.Ev DISPLAY -set. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.Pp -X11 forwarding should be enabled with caution. -Users with the ability to bypass file permissions on the remote host -(for the user's X authorization database) -can access the local X11 display through the forwarded connection. -An attacker may then be able to perform activities such as keystroke monitoring. -.It Cm GatewayPorts -Specifies whether remote hosts are allowed to connect to local -forwarded ports. -By default, -.Nm ssh -binds local port forwardings to the loopback address. -This prevents other remote hosts from connecting to forwarded ports. -.Cm GatewayPorts -can be used to specify that -.Nm ssh -should bind local port forwardings to the wildcard address, -thus allowing remote hosts to connect to forwarded ports. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.It Cm GlobalKnownHostsFile -Specifies a file to use for the global -host key database instead of -.Pa /usr/local/etc/ssh_known_hosts . -.It Cm GSSAPIAuthentication -Specifies whether authentication based on GSSAPI may be used, either using -the result of a successful key exchange, or using GSSAPI user -authentication. -The default is -.Dq yes . -Note that this option applies to protocol version 2 only. -.It Cm GSSAPIDelegateCredentials -Forward (delegate) credentials to the server. -The default is -.Dq no . -Note that this option applies to protocol version 2 only. -.It Cm HostbasedAuthentication -Specifies whether to try rhosts based authentication with public key -authentication. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -This option applies to protocol version 2 only and -is similar to -.Cm RhostsRSAAuthentication . -.It Cm HostKeyAlgorithms -Specifies the protocol version 2 host key algorithms -that the client wants to use in order of preference. -The default for this option is: -.Dq ssh-rsa,ssh-dss . -.It Cm HostKeyAlias -Specifies an alias that should be used instead of the -real host name when looking up or saving the host key -in the host key database files. -This option is useful for tunneling ssh connections -or for multiple servers running on a single host. -.It Cm HostName -Specifies the real host name to log into. -This can be used to specify nicknames or abbreviations for hosts. -Default is the name given on the command line. -Numeric IP addresses are also permitted (both on the command line and in -.Cm HostName -specifications). -.It Cm IdentityFile -Specifies a file from which the user's RSA or DSA authentication identity -is read. -The default is -.Pa $HOME/.ssh/identity -for protocol version 1, and -.Pa $HOME/.ssh/id_rsa -and -.Pa $HOME/.ssh/id_dsa -for protocol version 2. -Additionally, any identities represented by the authentication agent -will be used for authentication. -The file name may use the tilde -syntax to refer to a user's home directory. -It is possible to have -multiple identity files specified in configuration files; all these -identities will be tried in sequence. -.It Cm KeepAlive -Specifies whether the system should send TCP keepalive messages to the -other side. -If they are sent, death of the connection or crash of one -of the machines will be properly noticed. -However, this means that -connections will die if the route is down temporarily, and some people -find it annoying. -.Pp -The default is -.Dq yes -(to send keepalives), and the client will notice -if the network goes down or the remote host dies. -This is important in scripts, and many users want it too. -.Pp -To disable keepalives, the value should be set to -.Dq no . -.It Cm LocalForward -Specifies that a TCP/IP port on the local machine be forwarded over -the secure channel to the specified host and port from the remote machine. -The first argument must be a port number, and the second must be -.Ar host:port . -IPv6 addresses can be specified with an alternative syntax: -.Ar host/port . -Multiple forwardings may be specified, and additional -forwardings can be given on the command line. -Only the superuser can forward privileged ports. -.It Cm LogLevel -Gives the verbosity level that is used when logging messages from -.Nm ssh . -The possible values are: -QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. -The default is INFO. -DEBUG and DEBUG1 are equivalent. -DEBUG2 and DEBUG3 each specify higher levels of verbose output. -.It Cm MACs -Specifies the MAC (message authentication code) algorithms -in order of preference. -The MAC algorithm is used in protocol version 2 -for data integrity protection. -Multiple algorithms must be comma-separated. -The default is -.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 . -.It Cm NoHostAuthenticationForLocalhost -This option can be used if the home directory is shared across machines. -In this case localhost will refer to a different machine on each of -the machines and the user will get many warnings about changed host keys. -However, this option disables host authentication for localhost. -The argument to this keyword must be -.Dq yes -or -.Dq no . -The default is to check the host key for localhost. -.It Cm NumberOfPasswordPrompts -Specifies the number of password prompts before giving up. -The argument to this keyword must be an integer. -Default is 3. -.It Cm PasswordAuthentication -Specifies whether to use password authentication. -The argument to this keyword must be -.Dq yes -or -.Dq no . -The default is -.Dq yes . -.It Cm Port -Specifies the port number to connect on the remote host. -Default is 22. -.It Cm PreferredAuthentications -Specifies the order in which the client should try protocol 2 -authentication methods. -This allows a client to prefer one method (e.g. -.Cm keyboard-interactive ) -over another method (e.g. -.Cm password ) -The default for this option is: -.Dq hostbased,publickey,keyboard-interactive,password . -.It Cm Protocol -Specifies the protocol versions -.Nm ssh -should support in order of preference. -The possible values are -.Dq 1 -and -.Dq 2 . -Multiple versions must be comma-separated. -The default is -.Dq 2,1 . -This means that -.Nm ssh -tries version 2 and falls back to version 1 -if version 2 is not available. -.It Cm ProxyCommand -Specifies the command to use to connect to the server. -The command -string extends to the end of the line, and is executed with -.Pa /bin/sh . -In the command string, -.Ql %h -will be substituted by the host name to -connect and -.Ql %p -by the port. -The command can be basically anything, -and should read from its standard input and write to its standard output. -It should eventually connect an -.Xr sshd 8 -server running on some machine, or execute -.Ic sshd -i -somewhere. -Host key management will be done using the -HostName of the host being connected (defaulting to the name typed by -the user). -Setting the command to -.Dq none -disables this option entirely. -Note that -.Cm CheckHostIP -is not available for connects with a proxy command. -.Pp -.It Cm PubkeyAuthentication -Specifies whether to try public key authentication. -The argument to this keyword must be -.Dq yes -or -.Dq no . -The default is -.Dq yes . -This option applies to protocol version 2 only. -.It Cm RemoteForward -Specifies that a TCP/IP port on the remote machine be forwarded over -the secure channel to the specified host and port from the local machine. -The first argument must be a port number, and the second must be -.Ar host:port . -IPv6 addresses can be specified with an alternative syntax: -.Ar host/port . -Multiple forwardings may be specified, and additional -forwardings can be given on the command line. -Only the superuser can forward privileged ports. -.It Cm RhostsRSAAuthentication -Specifies whether to try rhosts based authentication with RSA host -authentication. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -This option applies to protocol version 1 only and requires -.Nm ssh -to be setuid root. -.It Cm RSAAuthentication -Specifies whether to try RSA authentication. -The argument to this keyword must be -.Dq yes -or -.Dq no . -RSA authentication will only be -attempted if the identity file exists, or an authentication agent is -running. -The default is -.Dq yes . -Note that this option applies to protocol version 1 only. -.It Cm SmartcardDevice -Specifies which smartcard device to use. -The argument to this keyword is the device -.Nm ssh -should use to communicate with a smartcard used for storing the user's -private RSA key. -By default, no device is specified and smartcard support is not activated. -.It Cm StrictHostKeyChecking -If this flag is set to -.Dq yes , -.Nm ssh -will never automatically add host keys to the -.Pa $HOME/.ssh/known_hosts -file, and refuses to connect to hosts whose host key has changed. -This provides maximum protection against trojan horse attacks, -however, can be annoying when the -.Pa /usr/local/etc/ssh_known_hosts -file is poorly maintained, or connections to new hosts are -frequently made. -This option forces the user to manually -add all new hosts. -If this flag is set to -.Dq no , -.Nm ssh -will automatically add new host keys to the -user known hosts files. -If this flag is set to -.Dq ask , -new host keys -will be added to the user known host files only after the user -has confirmed that is what they really want to do, and -.Nm ssh -will refuse to connect to hosts whose host key has changed. -The host keys of -known hosts will be verified automatically in all cases. -The argument must be -.Dq yes , -.Dq no -or -.Dq ask . -The default is -.Dq ask . -.It Cm UsePrivilegedPort -Specifies whether to use a privileged port for outgoing connections. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -If set to -.Dq yes -.Nm ssh -must be setuid root. -Note that this option must be set to -.Dq yes -for -.Cm RhostsRSAAuthentication -with older servers. -.It Cm User -Specifies the user to log in as. -This can be useful when a different user name is used on different machines. -This saves the trouble of -having to remember to give the user name on the command line. -.It Cm UserKnownHostsFile -Specifies a file to use for the user -host key database instead of -.Pa $HOME/.ssh/known_hosts . -.It Cm VerifyHostKeyDNS -Specifies whether to verify the remote key using DNS and SSHFP resource -records. -The default is -.Dq no . -Note that this option applies to protocol version 2 only. -.It Cm XAuthLocation -Specifies the full pathname of the -.Xr xauth 1 -program. -The default is -.Pa /usr/X11R6/bin/xauth . -.El -.Sh FILES -.Bl -tag -width Ds -.It Pa $HOME/.ssh/config -This is the per-user configuration file. -The format of this file is described above. -This file is used by the -.Nm ssh -client. -This file does not usually contain any sensitive information, -but the recommended permissions are read/write for the user, and not -accessible by others. -.It Pa /usr/local/etc/ssh_config -Systemwide configuration file. -This file provides defaults for those -values that are not specified in the user's configuration file, and -for those users who do not have a configuration file. -This file must be world-readable. -.El -.Sh SEE ALSO -.Xr ssh 1 -.Sh AUTHORS -OpenSSH is a derivative of the original and free -ssh 1.2.12 release by Tatu Ylonen. -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, -Theo de Raadt and Dug Song -removed many bugs, re-added newer features and -created OpenSSH. -Markus Friedl contributed the support for SSH -protocol versions 1.5 and 2.0. diff -ru --new-file openssh-3.7p1/linux/ssh_config.out openssh-3.7.1p1/linux/ssh_config.out --- openssh-3.7p1/linux/ssh_config.out 2003-09-16 16:40:08.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh_config.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,37 +0,0 @@ -# $OpenBSD: ssh_config,v 1.19 2003/08/13 08:46:31 markus Exp $ - -# This is the ssh client system-wide configuration file. See -# ssh_config(5) for more information. This file provides defaults for -# users, and the values can be changed in per-user configuration files -# or on the command line. - -# Configuration data is parsed as follows: -# 1. command line options -# 2. user-specific file -# 3. system-wide file -# Any configuration value is only changed the first time it is set. -# Thus, host-specific definitions should be at the beginning of the -# configuration file, and defaults at the end. - -# Site-wide defaults for various options - -# Host * -# ForwardAgent no -# ForwardX11 no -# RhostsRSAAuthentication no -# RSAAuthentication yes -# PasswordAuthentication yes -# HostbasedAuthentication no -# BatchMode no -# CheckHostIP yes -# AddressFamily any -# ConnectTimeout 0 -# StrictHostKeyChecking ask -# IdentityFile ~/.ssh/identity -# IdentityFile ~/.ssh/id_rsa -# IdentityFile ~/.ssh/id_dsa -# Port 22 -# Protocol 2,1 -# Cipher 3des -# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc -# EscapeChar ~ diff -ru --new-file openssh-3.7p1/linux/ssh_prng_cmds openssh-3.7.1p1/linux/ssh_prng_cmds --- openssh-3.7p1/linux/ssh_prng_cmds 2003-09-16 16:40:06.000000000 +1000 +++ openssh-3.7.1p1/linux/ssh_prng_cmds 1970-01-01 10:00:00.000000000 +1000 @@ -1,75 +0,0 @@ -# entropy gathering commands - -# Format is: "program-name args" path rate - -# The "rate" represents the number of bits of usuable entropy per -# byte of command output. Be conservative. -# -# $Id: ssh_prng_cmds.in,v 1.8 2002/07/14 21:43:58 tim Exp $ - -"ls -alni /var/log" /bin/ls 0.02 -"ls -alni /var/adm" /bin/ls 0.02 -"ls -alni /usr/adm" /bin/ls 0.02 -"ls -alni /var/mail" /bin/ls 0.02 -"ls -alni /usr/mail" /bin/ls 0.02 -"ls -alni /var/adm/syslog" /bin/ls 0.02 -"ls -alni /usr/adm/syslog" /bin/ls 0.02 -"ls -alni /var/spool/mail" /bin/ls 0.02 -"ls -alni /proc" /bin/ls 0.02 -"ls -alni /tmp" /bin/ls 0.02 -"ls -alni /var/tmp" /bin/ls 0.02 -"ls -alni /usr/tmp" /bin/ls 0.02 -"ls -alTi /var/log" /bin/ls 0.02 -"ls -alTi /var/adm" /bin/ls 0.02 -"ls -alTi /var/mail" /bin/ls 0.02 -"ls -alTi /var/adm/syslog" /bin/ls 0.02 -"ls -alTi /var/spool/mail" /bin/ls 0.02 -"ls -alTi /proc" /bin/ls 0.02 -"ls -alTi /tmp" /bin/ls 0.02 -"ls -alTi /var/tmp" /bin/ls 0.02 -"ls -alTi /usr/tmp" /bin/ls 0.02 - -"netstat -an" /bin/netstat 0.05 -"netstat -in" /bin/netstat 0.05 -"netstat -rn" /bin/netstat 0.02 -"netstat -pn" /bin/netstat 0.02 -"netstat -ia" /bin/netstat 0.05 -"netstat -s" /bin/netstat 0.02 -"netstat -is" /bin/netstat 0.07 - -"arp -n -a" /sbin/arp 0.02 - -"ifconfig -a" /sbin/ifconfig 0.02 - -"ps laxww" /bin/ps 0.03 -"ps -al" /bin/ps 0.03 -"ps -efl" /bin/ps 0.03 -"jstat" undef 0.07 - -"w" /usr/bin/w 0.05 - -"who -i" /usr/bin/who 0.01 - -"last" /usr/bin/last 0.01 - -"lastlog" /usr/bin/lastlog 0.01 - -"df" /bin/df 0.01 -"df -i" /bin/df 0.01 - -"sar -d" /usr/bin/sar 0.04 - -"vmstat" /usr/bin/vmstat 0.01 -"uptime" /usr/bin/uptime 0.01 - -"ipcs -a" /usr/bin/ipcs 0.01 - -"tail -200 /var/log/messages" /usr/bin/tail 0.01 -"tail -200 /var/log/syslog" /usr/bin/tail 0.01 -"tail -200 /var/adm/messages" /usr/bin/tail 0.01 -"tail -200 /var/adm/syslog" /usr/bin/tail 0.01 -"tail -200 /var/adm/syslog/syslog.log" /usr/bin/tail 0.01 -"tail -200 /var/log/maillog" /usr/bin/tail 0.01 -"tail -200 /var/adm/maillog" /usr/bin/tail 0.01 -"tail -200 /var/adm/syslog/mail.log" /usr/bin/tail 0.01 - Binary files openssh-3.7p1/linux/sshconnect.o and openssh-3.7.1p1/linux/sshconnect.o differ Binary files openssh-3.7p1/linux/sshconnect1.o and openssh-3.7.1p1/linux/sshconnect1.o differ Binary files openssh-3.7p1/linux/sshconnect2.o and openssh-3.7.1p1/linux/sshconnect2.o differ Binary files openssh-3.7p1/linux/sshd and openssh-3.7.1p1/linux/sshd differ diff -ru --new-file openssh-3.7p1/linux/sshd.8.out openssh-3.7.1p1/linux/sshd.8.out --- openssh-3.7p1/linux/sshd.8.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/sshd.8.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,837 +0,0 @@ -.\" -*- nroff -*- -.\" -.\" Author: Tatu Ylonen -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" As far as I am concerned, the code I have written for this software -.\" can be used freely for any purpose. Any derived versions of this -.\" software must be clearly marked as such, and if the derived work is -.\" incompatible with the protocol description in the RFC file, it must be -.\" called by a name other than "ssh" or "Secure Shell". -.\" -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $OpenBSD: sshd.8,v 1.199 2003/08/13 08:46:31 markus Exp $ -.Dd September 25, 1999 -.Dt SSHD 8 -.Os -.Sh NAME -.Nm sshd -.Nd OpenSSH SSH daemon -.Sh SYNOPSIS -.Nm sshd -.Bk -words -.Op Fl deiqtD46 -.Op Fl b Ar bits -.Op Fl f Ar config_file -.Op Fl g Ar login_grace_time -.Op Fl h Ar host_key_file -.Op Fl k Ar key_gen_time -.Op Fl o Ar option -.Op Fl p Ar port -.Op Fl u Ar len -.Ek -.Sh DESCRIPTION -.Nm -(SSH Daemon) is the daemon program for -.Xr ssh 1 . -Together these programs replace rlogin and rsh, and -provide secure encrypted communications between two untrusted hosts -over an insecure network. -The programs are intended to be as easy to -install and use as possible. -.Pp -.Nm -is the daemon that listens for connections from clients. -It is normally started at boot from -.Pa /etc/rc . -It forks a new -daemon for each incoming connection. -The forked daemons handle -key exchange, encryption, authentication, command execution, -and data exchange. -This implementation of -.Nm -supports both SSH protocol version 1 and 2 simultaneously. -.Nm -works as follows: -.Pp -.Ss SSH protocol version 1 -.Pp -Each host has a host-specific RSA key -(normally 1024 bits) used to identify the host. -Additionally, when -the daemon starts, it generates a server RSA key (normally 768 bits). -This key is normally regenerated every hour if it has been used, and -is never stored on disk. -.Pp -Whenever a client connects, the daemon responds with its public -host and server keys. -The client compares the -RSA host key against its own database to verify that it has not changed. -The client then generates a 256 bit random number. -It encrypts this -random number using both the host key and the server key, and sends -the encrypted number to the server. -Both sides then use this -random number as a session key which is used to encrypt all further -communications in the session. -The rest of the session is encrypted -using a conventional cipher, currently Blowfish or 3DES, with 3DES -being used by default. -The client selects the encryption algorithm -to use from those offered by the server. -.Pp -Next, the server and the client enter an authentication dialog. -The client tries to authenticate itself using -.Pa .rhosts -authentication, -.Pa .rhosts -authentication combined with RSA host -authentication, RSA challenge-response authentication, or password -based authentication. -.Pp -Regardless of the authentication type, the account is checked to -ensure that it is accessible. An account is not accessible if it is -locked, listed in -.Cm DenyUsers -or its group is listed in -.Cm DenyGroups -\&. The definition of a locked account is system dependant. Some platforms -have their own account database (eg AIX) and some modify the passwd field ( -.Ql \&*LK\&* -on Solaris, -.Ql \&* -on HP-UX, containing -.Ql Nologin -on Tru64 and a leading -.Ql \&!! -on Linux). If there is a requirement to disable password authentication -for the account while allowing still public-key, then the passwd field -should be set to something other than these values (eg -.Ql NP -or -.Ql \&*NP\&* -). -.Pp -Rhosts authentication is normally disabled -because it is fundamentally insecure, but can be enabled in the server -configuration file if desired. -System security is not improved unless -.Nm rshd , -.Nm rlogind , -and -.Nm rexecd -are disabled (thus completely disabling -.Xr rlogin -and -.Xr rsh -into the machine). -.Pp -.Ss SSH protocol version 2 -.Pp -Version 2 works similarly: -Each host has a host-specific key (RSA or DSA) used to identify the host. -However, when the daemon starts, it does not generate a server key. -Forward security is provided through a Diffie-Hellman key agreement. -This key agreement results in a shared session key. -.Pp -The rest of the session is encrypted using a symmetric cipher, currently -128 bit AES, Blowfish, 3DES, CAST128, Arcfour, 192 bit AES, or 256 bit AES. -The client selects the encryption algorithm -to use from those offered by the server. -Additionally, session integrity is provided -through a cryptographic message authentication code -(hmac-sha1 or hmac-md5). -.Pp -Protocol version 2 provides a public key based -user (PubkeyAuthentication) or -client host (HostbasedAuthentication) authentication method, -conventional password authentication and challenge response based methods. -.Pp -.Ss Command execution and data forwarding -.Pp -If the client successfully authenticates itself, a dialog for -preparing the session is entered. -At this time the client may request -things like allocating a pseudo-tty, forwarding X11 connections, -forwarding TCP/IP connections, or forwarding the authentication agent -connection over the secure channel. -.Pp -Finally, the client either requests a shell or execution of a command. -The sides then enter session mode. -In this mode, either side may send -data at any time, and such data is forwarded to/from the shell or -command on the server side, and the user terminal in the client side. -.Pp -When the user program terminates and all forwarded X11 and other -connections have been closed, the server sends command exit status to -the client, and both sides exit. -.Pp -.Nm -can be configured using command-line options or a configuration -file. -Command-line options override values specified in the -configuration file. -.Pp -.Nm -rereads its configuration file when it receives a hangup signal, -.Dv SIGHUP , -by executing itself with the name it was started as, i.e., -.Pa /usr/sbin/sshd . -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl b Ar bits -Specifies the number of bits in the ephemeral protocol version 1 -server key (default 768). -.It Fl d -Debug mode. -The server sends verbose debug output to the system -log, and does not put itself in the background. -The server also will not fork and will only process one connection. -This option is only intended for debugging for the server. -Multiple -.Fl d -options increase the debugging level. -Maximum is 3. -.It Fl e -When this option is specified, -.Nm -will send the output to the standard error instead of the system log. -.It Fl f Ar configuration_file -Specifies the name of the configuration file. -The default is -.Pa /usr/local/etc/sshd_config . -.Nm -refuses to start if there is no configuration file. -.It Fl g Ar login_grace_time -Gives the grace time for clients to authenticate themselves (default -120 seconds). -If the client fails to authenticate the user within -this many seconds, the server disconnects and exits. -A value of zero indicates no limit. -.It Fl h Ar host_key_file -Specifies a file from which a host key is read. -This option must be given if -.Nm -is not run as root (as the normal -host key files are normally not readable by anyone but root). -The default is -.Pa /usr/local/etc/ssh_host_key -for protocol version 1, and -.Pa /usr/local/etc/ssh_host_rsa_key -and -.Pa /usr/local/etc/ssh_host_dsa_key -for protocol version 2. -It is possible to have multiple host key files for -the different protocol versions and host key algorithms. -.It Fl i -Specifies that -.Nm -is being run from -.Xr inetd 8 . -.Nm -is normally not run -from inetd because it needs to generate the server key before it can -respond to the client, and this may take tens of seconds. -Clients would have to wait too long if the key was regenerated every time. -However, with small key sizes (e.g., 512) using -.Nm -from inetd may -be feasible. -.It Fl k Ar key_gen_time -Specifies how often the ephemeral protocol version 1 server key is -regenerated (default 3600 seconds, or one hour). -The motivation for regenerating the key fairly -often is that the key is not stored anywhere, and after about an hour, -it becomes impossible to recover the key for decrypting intercepted -communications even if the machine is cracked into or physically -seized. -A value of zero indicates that the key will never be regenerated. -.It Fl o Ar option -Can be used to give options in the format used in the configuration file. -This is useful for specifying options for which there is no separate -command-line flag. -.It Fl p Ar port -Specifies the port on which the server listens for connections -(default 22). -Multiple port options are permitted. -Ports specified in the configuration file are ignored when a -command-line port is specified. -.It Fl q -Quiet mode. -Nothing is sent to the system log. -Normally the beginning, -authentication, and termination of each connection is logged. -.It Fl t -Test mode. -Only check the validity of the configuration file and sanity of the keys. -This is useful for updating -.Nm -reliably as configuration options may change. -.It Fl u Ar len -This option is used to specify the size of the field -in the -.Li utmp -structure that holds the remote host name. -If the resolved host name is longer than -.Ar len , -the dotted decimal value will be used instead. -This allows hosts with very long host names that -overflow this field to still be uniquely identified. -Specifying -.Fl u0 -indicates that only dotted decimal addresses -should be put into the -.Pa utmp -file. -.Fl u0 -may also be used to prevent -.Nm -from making DNS requests unless the authentication -mechanism or configuration requires it. -Authentication mechanisms that may require DNS include -.Cm RhostsRSAAuthentication , -.Cm HostbasedAuthentication -and using a -.Cm from="pattern-list" -option in a key file. -Configuration options that require DNS include using a -USER@HOST pattern in -.Cm AllowUsers -or -.Cm DenyUsers . -.It Fl D -When this option is specified -.Nm -will not detach and does not become a daemon. -This allows easy monitoring of -.Nm sshd . -.It Fl 4 -Forces -.Nm -to use IPv4 addresses only. -.It Fl 6 -Forces -.Nm -to use IPv6 addresses only. -.El -.Sh CONFIGURATION FILE -.Nm -reads configuration data from -.Pa /usr/local/etc/sshd_config -(or the file specified with -.Fl f -on the command line). -The file format and configuration options are described in -.Xr sshd_config 5 . -.Sh LOGIN PROCESS -When a user successfully logs in, -.Nm -does the following: -.Bl -enum -offset indent -.It -If the login is on a tty, and no command has been specified, -prints last login time and -.Pa /etc/motd -(unless prevented in the configuration file or by -.Pa $HOME/.hushlogin ; -see the -.Sx FILES -section). -.It -If the login is on a tty, records login time. -.It -Checks -.Pa /etc/nologin ; -if it exists, prints contents and quits -(unless root). -.It -Changes to run with normal user privileges. -.It -Sets up basic environment. -.It -Reads -.Pa $HOME/.ssh/environment -if it exists and users are allowed to change their environment. -See the -.Cm PermitUserEnvironment -option in -.Xr sshd_config 5 . -.It -Changes to user's home directory. -.It -If -.Pa $HOME/.ssh/rc -exists, runs it; else if -.Pa /etc/ssh/sshrc -exists, runs -it; otherwise runs xauth. -The -.Dq rc -files are given the X11 -authentication protocol and cookie in standard input. -.It -Runs user's shell or command. -.El -.Sh AUTHORIZED_KEYS FILE FORMAT -.Pa $HOME/.ssh/authorized_keys -is the default file that lists the public keys that are -permitted for RSA authentication in protocol version 1 -and for public key authentication (PubkeyAuthentication) -in protocol version 2. -.Cm AuthorizedKeysFile -may be used to specify an alternative file. -.Pp -Each line of the file contains one -key (empty lines and lines starting with a -.Ql # -are ignored as -comments). -Each RSA public key consists of the following fields, separated by -spaces: options, bits, exponent, modulus, comment. -Each protocol version 2 public key consists of: -options, keytype, base64 encoded key, comment. -The options field -is optional; its presence is determined by whether the line starts -with a number or not (the options field never starts with a number). -The bits, exponent, modulus and comment fields give the RSA key for -protocol version 1; the -comment field is not used for anything (but may be convenient for the -user to identify the key). -For protocol version 2 the keytype is -.Dq ssh-dss -or -.Dq ssh-rsa . -.Pp -Note that lines in this file are usually several hundred bytes long -(because of the size of the public key encoding). -You don't want to type them in; instead, copy the -.Pa identity.pub , -.Pa id_dsa.pub -or the -.Pa id_rsa.pub -file and edit it. -.Pp -.Nm -enforces a minimum RSA key modulus size for protocol 1 -and protocol 2 keys of 768 bits. -.Pp -The options (if present) consist of comma-separated option -specifications. -No spaces are permitted, except within double quotes. -The following option specifications are supported (note -that option keywords are case-insensitive): -.Bl -tag -width Ds -.It Cm from="pattern-list" -Specifies that in addition to public key authentication, the canonical name -of the remote host must be present in the comma-separated list of -patterns -.Pf ( Ql \&* -and -.Ql \&? -serve as wildcards). -The list may also contain -patterns negated by prefixing them with -.Ql \&! ; -if the canonical host name matches a negated pattern, the key is not accepted. -The purpose -of this option is to optionally increase security: public key authentication -by itself does not trust the network or name servers or anything (but -the key); however, if somebody somehow steals the key, the key -permits an intruder to log in from anywhere in the world. -This additional option makes using a stolen key more difficult (name -servers and/or routers would have to be compromised in addition to -just the key). -.It Cm command="command" -Specifies that the command is executed whenever this key is used for -authentication. -The command supplied by the user (if any) is ignored. -The command is run on a pty if the client requests a pty; -otherwise it is run without a tty. -If an 8-bit clean channel is required, -one must not request a pty or should specify -.Cm no-pty . -A quote may be included in the command by quoting it with a backslash. -This option might be useful -to restrict certain public keys to perform just a specific operation. -An example might be a key that permits remote backups but nothing else. -Note that the client may specify TCP/IP and/or X11 -forwarding unless they are explicitly prohibited. -Note that this option applies to shell, command or subsystem execution. -.It Cm environment="NAME=value" -Specifies that the string is to be added to the environment when -logging in using this key. -Environment variables set this way -override other default environment values. -Multiple options of this type are permitted. -Environment processing is disabled by default and is -controlled via the -.Cm PermitUserEnvironment -option. -This option is automatically disabled if -.Cm UseLogin -is enabled. -.It Cm no-port-forwarding -Forbids TCP/IP forwarding when this key is used for authentication. -Any port forward requests by the client will return an error. -This might be used, e.g., in connection with the -.Cm command -option. -.It Cm no-X11-forwarding -Forbids X11 forwarding when this key is used for authentication. -Any X11 forward requests by the client will return an error. -.It Cm no-agent-forwarding -Forbids authentication agent forwarding when this key is used for -authentication. -.It Cm no-pty -Prevents tty allocation (a request to allocate a pty will fail). -.It Cm permitopen="host:port" -Limit local -.Li ``ssh -L'' -port forwarding such that it may only connect to the specified host and -port. -IPv6 addresses can be specified with an alternative syntax: -.Ar host/port . -Multiple -.Cm permitopen -options may be applied separated by commas. -No pattern matching is performed on the specified hostnames, -they must be literal domains or addresses. -.El -.Ss Examples -1024 33 12121.\|.\|.\|312314325 ylo@foo.bar -.Pp -from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula -.Pp -command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi -.Pp -permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323 -.Sh SSH_KNOWN_HOSTS FILE FORMAT -The -.Pa /usr/local/etc/ssh_known_hosts -and -.Pa $HOME/.ssh/known_hosts -files contain host public keys for all known hosts. -The global file should -be prepared by the administrator (optional), and the per-user file is -maintained automatically: whenever the user connects from an unknown host -its key is added to the per-user file. -.Pp -Each line in these files contains the following fields: hostnames, -bits, exponent, modulus, comment. -The fields are separated by spaces. -.Pp -Hostnames is a comma-separated list of patterns -.Pf ( Ql \&* -and -.Ql \&? -act as -wildcards); each pattern in turn is matched against the canonical host -name (when authenticating a client) or against the user-supplied -name (when authenticating a server). -A pattern may also be preceded by -.Ql \&! -to indicate negation: if the host name matches a negated -pattern, it is not accepted (by that line) even if it matched another -pattern on the line. -.Pp -Bits, exponent, and modulus are taken directly from the RSA host key; they -can be obtained, e.g., from -.Pa /usr/local/etc/ssh_host_key.pub . -The optional comment field continues to the end of the line, and is not used. -.Pp -Lines starting with -.Ql # -and empty lines are ignored as comments. -.Pp -When performing host authentication, authentication is accepted if any -matching line has the proper key. -It is thus permissible (but not -recommended) to have several lines or different host keys for the same -names. -This will inevitably happen when short forms of host names -from different domains are put in the file. -It is possible -that the files contain conflicting information; authentication is -accepted if valid information can be found from either file. -.Pp -Note that the lines in these files are typically hundreds of characters -long, and you definitely don't want to type in the host keys by hand. -Rather, generate them by a script -or by taking -.Pa /usr/local/etc/ssh_host_key.pub -and adding the host names at the front. -.Ss Examples -.Bd -literal -closenet,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi -cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= -.Ed -.Sh FILES -.Bl -tag -width Ds -.It Pa /usr/local/etc/sshd_config -Contains configuration data for -.Nm sshd . -The file format and configuration options are described in -.Xr sshd_config 5 . -.It Pa /usr/local/etc/ssh_host_key, /usr/local/etc/ssh_host_dsa_key, /usr/local/etc/ssh_host_rsa_key -These three files contain the private parts of the host keys. -These files should only be owned by root, readable only by root, and not -accessible to others. -Note that -.Nm -does not start if this file is group/world-accessible. -.It Pa /usr/local/etc/ssh_host_key.pub, /usr/local/etc/ssh_host_dsa_key.pub, /usr/local/etc/ssh_host_rsa_key.pub -These three files contain the public parts of the host keys. -These files should be world-readable but writable only by -root. -Their contents should match the respective private parts. -These files are not -really used for anything; they are provided for the convenience of -the user so their contents can be copied to known hosts files. -These files are created using -.Xr ssh-keygen 1 . -.It Pa /etc/moduli -Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". -The file format is described in -.Xr moduli 5 . -.It Pa /var/empty -.Xr chroot 2 -directory used by -.Nm -during privilege separation in the pre-authentication phase. -The directory should not contain any files and must be owned by root -and not group or world-writable. -.It Pa /var/run/sshd.pid -Contains the process ID of the -.Nm -listening for connections (if there are several daemons running -concurrently for different ports, this contains the process ID of the one -started last). -The content of this file is not sensitive; it can be world-readable. -.It Pa $HOME/.ssh/authorized_keys -Lists the public keys (RSA or DSA) that can be used to log into the user's account. -This file must be readable by root (which may on some machines imply -it being world-readable if the user's home directory resides on an NFS -volume). -It is recommended that it not be accessible by others. -The format of this file is described above. -Users will place the contents of their -.Pa identity.pub , -.Pa id_dsa.pub -and/or -.Pa id_rsa.pub -files into this file, as described in -.Xr ssh-keygen 1 . -.It Pa "/usr/local/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts" -These files are consulted when using rhosts with RSA host -authentication or protocol version 2 hostbased authentication -to check the public key of the host. -The key must be listed in one of these files to be accepted. -The client uses the same files -to verify that it is connecting to the correct remote host. -These files should be writable only by root/the owner. -.Pa /usr/local/etc/ssh_known_hosts -should be world-readable, and -.Pa $HOME/.ssh/known_hosts -can, but need not be, world-readable. -.It Pa /etc/nologin -If this file exists, -.Nm -refuses to let anyone except root log in. -The contents of the file -are displayed to anyone trying to log in, and non-root connections are -refused. -The file should be world-readable. -.It Pa /etc/hosts.allow, /etc/hosts.deny -Access controls that should be enforced by tcp-wrappers are defined here. -Further details are described in -.Xr hosts_access 5 . -.It Pa $HOME/.rhosts -This file contains host-username pairs, separated by a space, one per -line. -The given user on the corresponding host is permitted to log in -without a password. -The same file is used by rlogind and rshd. -The file must -be writable only by the user; it is recommended that it not be -accessible by others. -.Pp -If is also possible to use netgroups in the file. -Either host or user -name may be of the form +@groupname to specify all hosts or all users -in the group. -.It Pa $HOME/.shosts -For ssh, -this file is exactly the same as for -.Pa .rhosts . -However, this file is -not used by rlogin and rshd, so using this permits access using SSH only. -.It Pa /etc/hosts.equiv -This file is used during -.Pa .rhosts -authentication. -In the simplest form, this file contains host names, one per line. -Users on -those hosts are permitted to log in without a password, provided they -have the same user name on both machines. -The host name may also be -followed by a user name; such users are permitted to log in as -.Em any -user on this machine (except root). -Additionally, the syntax -.Dq +@group -can be used to specify netgroups. -Negated entries start with -.Ql \&- . -.Pp -If the client host/user is successfully matched in this file, login is -automatically permitted provided the client and server user names are the -same. -Additionally, successful RSA host authentication is normally required. -This file must be writable only by root; it is recommended -that it be world-readable. -.Pp -.Sy "Warning: It is almost never a good idea to use user names in" -.Pa hosts.equiv . -Beware that it really means that the named user(s) can log in as -.Em anybody , -which includes bin, daemon, adm, and other accounts that own critical -binaries and directories. -Using a user name practically grants the user root access. -The only valid use for user names that I can think -of is in negative entries. -.Pp -Note that this warning also applies to rsh/rlogin. -.It Pa /usr/local/etc/shosts.equiv -This is processed exactly as -.Pa /etc/hosts.equiv . -However, this file may be useful in environments that want to run both -rsh/rlogin and ssh. -.It Pa $HOME/.ssh/environment -This file is read into the environment at login (if it exists). -It can only contain empty lines, comment lines (that start with -.Ql # ) , -and assignment lines of the form name=value. -The file should be writable -only by the user; it need not be readable by anyone else. -Environment processing is disabled by default and is -controlled via the -.Cm PermitUserEnvironment -option. -.It Pa $HOME/.ssh/rc -If this file exists, it is run with -.Pa /bin/sh -after reading the -environment files but before starting the user's shell or command. -It must not produce any output on stdout; stderr must be used -instead. -If X11 forwarding is in use, it will receive the "proto cookie" pair in -its standard input (and -.Ev DISPLAY -in its environment). -The script must call -.Xr xauth 1 -because -.Nm -will not run xauth automatically to add X11 cookies. -.Pp -The primary purpose of this file is to run any initialization routines -which may be needed before the user's home directory becomes -accessible; AFS is a particular example of such an environment. -.Pp -This file will probably contain some initialization code followed by -something similar to: -.Bd -literal -if read proto cookie && [ -n "$DISPLAY" ]; then - if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then - # X11UseLocalhost=yes - echo add unix:`echo $DISPLAY | - cut -c11-` $proto $cookie - else - # X11UseLocalhost=no - echo add $DISPLAY $proto $cookie - fi | xauth -q - -fi -.Ed -.Pp -If this file does not exist, -.Pa /etc/ssh/sshrc -is run, and if that -does not exist either, xauth is used to add the cookie. -.Pp -This file should be writable only by the user, and need not be -readable by anyone else. -.It Pa /etc/ssh/sshrc -Like -.Pa $HOME/.ssh/rc . -This can be used to specify -machine-specific login-time initializations globally. -This file should be writable only by root, and should be world-readable. -.El -.Sh SEE ALSO -.Xr scp 1 , -.Xr sftp 1 , -.Xr ssh 1 , -.Xr ssh-add 1 , -.Xr ssh-agent 1 , -.Xr ssh-keygen 1 , -.Xr login.conf 5 , -.Xr moduli 5 , -.Xr sshd_config 5 , -.Xr sftp-server 8 -.Rs -.%A T. Ylonen -.%A T. Kivinen -.%A M. Saarinen -.%A T. Rinne -.%A S. Lehtinen -.%T "SSH Protocol Architecture" -.%N draft-ietf-secsh-architecture-12.txt -.%D January 2002 -.%O work in progress material -.Re -.Rs -.%A M. Friedl -.%A N. Provos -.%A W. A. Simpson -.%T "Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol" -.%N draft-ietf-secsh-dh-group-exchange-02.txt -.%D January 2002 -.%O work in progress material -.Re -.Sh AUTHORS -OpenSSH is a derivative of the original and free -ssh 1.2.12 release by Tatu Ylonen. -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, -Theo de Raadt and Dug Song -removed many bugs, re-added newer features and -created OpenSSH. -Markus Friedl contributed the support for SSH -protocol versions 1.5 and 2.0. -Niels Provos and Markus Friedl contributed support -for privilege separation. Binary files openssh-3.7p1/linux/sshd.o and openssh-3.7.1p1/linux/sshd.o differ diff -ru --new-file openssh-3.7p1/linux/sshd_config.5.out openssh-3.7.1p1/linux/sshd_config.5.out --- openssh-3.7p1/linux/sshd_config.5.out 2003-09-16 16:40:09.000000000 +1000 +++ openssh-3.7.1p1/linux/sshd_config.5.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,764 +0,0 @@ -.\" -*- nroff -*- -.\" -.\" Author: Tatu Ylonen -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" As far as I am concerned, the code I have written for this software -.\" can be used freely for any purpose. Any derived versions of this -.\" software must be clearly marked as such, and if the derived work is -.\" incompatible with the protocol description in the RFC file, it must be -.\" called by a name other than "ssh" or "Secure Shell". -.\" -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $OpenBSD: sshd_config.5,v 1.25 2003/09/01 09:50:04 markus Exp $ -.Dd September 25, 1999 -.Dt SSHD_CONFIG 5 -.Os -.Sh NAME -.Nm sshd_config -.Nd OpenSSH SSH daemon configuration file -.Sh SYNOPSIS -.Bl -tag -width Ds -compact -.It Pa /usr/local/etc/sshd_config -.El -.Sh DESCRIPTION -.Nm sshd -reads configuration data from -.Pa /usr/local/etc/sshd_config -(or the file specified with -.Fl f -on the command line). -The file contains keyword-argument pairs, one per line. -Lines starting with -.Ql # -and empty lines are interpreted as comments. -.Pp -The possible -keywords and their meanings are as follows (note that -keywords are case-insensitive and arguments are case-sensitive): -.Bl -tag -width Ds -.It Cm AllowGroups -This keyword can be followed by a list of group name patterns, separated -by spaces. -If specified, login is allowed only for users whose primary -group or supplementary group list matches one of the patterns. -.Ql \&* -and -.Ql \&? -can be used as -wildcards in the patterns. -Only group names are valid; a numerical group ID is not recognized. -By default, login is allowed for all groups. -.Pp -.It Cm AllowTcpForwarding -Specifies whether TCP forwarding is permitted. -The default is -.Dq yes . -Note that disabling TCP forwarding does not improve security unless -users are also denied shell access, as they can always install their -own forwarders. -.Pp -.It Cm AllowUsers -This keyword can be followed by a list of user name patterns, separated -by spaces. -If specified, login is allowed only for user names that -match one of the patterns. -.Ql \&* -and -.Ql \&? -can be used as -wildcards in the patterns. -Only user names are valid; a numerical user ID is not recognized. -By default, login is allowed for all users. -If the pattern takes the form USER@HOST then USER and HOST -are separately checked, restricting logins to particular -users from particular hosts. -.Pp -.It Cm AuthorizedKeysFile -Specifies the file that contains the public keys that can be used -for user authentication. -.Cm AuthorizedKeysFile -may contain tokens of the form %T which are substituted during connection -set-up. -The following tokens are defined: %% is replaced by a literal '%', -%h is replaced by the home directory of the user being authenticated and -%u is replaced by the username of that user. -After expansion, -.Cm AuthorizedKeysFile -is taken to be an absolute path or one relative to the user's home -directory. -The default is -.Dq .ssh/authorized_keys . -.It Cm Banner -In some jurisdictions, sending a warning message before authentication -may be relevant for getting legal protection. -The contents of the specified file are sent to the remote user before -authentication is allowed. -This option is only available for protocol version 2. -By default, no banner is displayed. -.Pp -.It Cm ChallengeResponseAuthentication -Specifies whether challenge response authentication is allowed. -All authentication styles from -.Xr login.conf 5 -are supported. -The default is -.Dq yes . -.It Cm Ciphers -Specifies the ciphers allowed for protocol version 2. -Multiple ciphers must be comma-separated. -The default is -.Pp -.Bd -literal - ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, - aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr'' -.Ed -.It Cm ClientAliveInterval -Sets a timeout interval in seconds after which if no data has been received -from the client, -.Nm sshd -will send a message through the encrypted -channel to request a response from the client. -The default -is 0, indicating that these messages will not be sent to the client. -This option applies to protocol version 2 only. -.It Cm ClientAliveCountMax -Sets the number of client alive messages (see above) which may be -sent without -.Nm sshd -receiving any messages back from the client. -If this threshold is reached while client alive messages are being sent, -.Nm sshd -will disconnect the client, terminating the session. -It is important to note that the use of client alive messages is very -different from -.Cm KeepAlive -(below). -The client alive messages are sent through the encrypted channel -and therefore will not be spoofable. -The TCP keepalive option enabled by -.Cm KeepAlive -is spoofable. -The client alive mechanism is valuable when the client or -server depend on knowing when a connection has become inactive. -.Pp -The default value is 3. -If -.Cm ClientAliveInterval -(above) is set to 15, and -.Cm ClientAliveCountMax -is left at the default, unresponsive ssh clients -will be disconnected after approximately 45 seconds. -.It Cm Compression -Specifies whether compression is allowed. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq yes . -.It Cm DenyGroups -This keyword can be followed by a list of group name patterns, separated -by spaces. -Login is disallowed for users whose primary group or supplementary -group list matches one of the patterns. -.Ql \&* -and -.Ql \&? -can be used as -wildcards in the patterns. -Only group names are valid; a numerical group ID is not recognized. -By default, login is allowed for all groups. -.Pp -.It Cm DenyUsers -This keyword can be followed by a list of user name patterns, separated -by spaces. -Login is disallowed for user names that match one of the patterns. -.Ql \&* -and -.Ql \&? -can be used as wildcards in the patterns. -Only user names are valid; a numerical user ID is not recognized. -By default, login is allowed for all users. -If the pattern takes the form USER@HOST then USER and HOST -are separately checked, restricting logins to particular -users from particular hosts. -.It Cm GatewayPorts -Specifies whether remote hosts are allowed to connect to ports -forwarded for the client. -By default, -.Nm sshd -binds remote port forwardings to the loopback address. -This prevents other remote hosts from connecting to forwarded ports. -.Cm GatewayPorts -can be used to specify that -.Nm sshd -should bind remote port forwardings to the wildcard address, -thus allowing remote hosts to connect to forwarded ports. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.It Cm GSSAPIAuthentication -Specifies whether user authentication based on GSSAPI is allowed. -The default is -.Dq no . -Note that this option applies to protocol version 2 only. -.It Cm GSSAPICleanupCredentials -Specifies whether to automatically destroy the user's credentials cache -on logout. -The default is -.Dq yes . -Note that this option applies to protocol version 2 only. -.It Cm HostbasedAuthentication -Specifies whether rhosts or /etc/hosts.equiv authentication together -with successful public key client host authentication is allowed -(hostbased authentication). -This option is similar to -.Cm RhostsRSAAuthentication -and applies to protocol version 2 only. -The default is -.Dq no . -.It Cm HostKey -Specifies a file containing a private host key -used by SSH. -The default is -.Pa /usr/local/etc/ssh_host_key -for protocol version 1, and -.Pa /usr/local/etc/ssh_host_rsa_key -and -.Pa /usr/local/etc/ssh_host_dsa_key -for protocol version 2. -Note that -.Nm sshd -will refuse to use a file if it is group/world-accessible. -It is possible to have multiple host key files. -.Dq rsa1 -keys are used for version 1 and -.Dq dsa -or -.Dq rsa -are used for version 2 of the SSH protocol. -.It Cm IgnoreRhosts -Specifies that -.Pa .rhosts -and -.Pa .shosts -files will not be used in -.Cm RhostsRSAAuthentication -or -.Cm HostbasedAuthentication . -.Pp -.Pa /etc/hosts.equiv -and -.Pa /usr/local/etc/shosts.equiv -are still used. -The default is -.Dq yes . -.It Cm IgnoreUserKnownHosts -Specifies whether -.Nm sshd -should ignore the user's -.Pa $HOME/.ssh/known_hosts -during -.Cm RhostsRSAAuthentication -or -.Cm HostbasedAuthentication . -The default is -.Dq no . -.It Cm KeepAlive -Specifies whether the system should send TCP keepalive messages to the -other side. -If they are sent, death of the connection or crash of one -of the machines will be properly noticed. -However, this means that -connections will die if the route is down temporarily, and some people -find it annoying. -On the other hand, if keepalives are not sent, -sessions may hang indefinitely on the server, leaving -.Dq ghost -users and consuming server resources. -.Pp -The default is -.Dq yes -(to send keepalives), and the server will notice -if the network goes down or the client host crashes. -This avoids infinitely hanging sessions. -.Pp -To disable keepalives, the value should be set to -.Dq no . -.It Cm KerberosAuthentication -Specifies whether the password provided by the user for -.Cm PasswordAuthentication -will be validated through the Kerberos KDC. -To use this option, the server needs a -Kerberos servtab which allows the verification of the KDC's identity. -Default is -.Dq no . -.It Cm KerberosOrLocalPasswd -If set then if password authentication through Kerberos fails then -the password will be validated via any additional local mechanism -such as -.Pa /etc/passwd . -Default is -.Dq yes . -.It Cm KerberosTicketCleanup -Specifies whether to automatically destroy the user's ticket cache -file on logout. -Default is -.Dq yes . -.It Cm KeyRegenerationInterval -In protocol version 1, the ephemeral server key is automatically regenerated -after this many seconds (if it has been used). -The purpose of regeneration is to prevent -decrypting captured sessions by later breaking into the machine and -stealing the keys. -The key is never stored anywhere. -If the value is 0, the key is never regenerated. -The default is 3600 (seconds). -.It Cm ListenAddress -Specifies the local addresses -.Nm sshd -should listen on. -The following forms may be used: -.Pp -.Bl -item -offset indent -compact -.It -.Cm ListenAddress -.Sm off -.Ar host No | Ar IPv4_addr No | Ar IPv6_addr -.Sm on -.It -.Cm ListenAddress -.Sm off -.Ar host No | Ar IPv4_addr No : Ar port -.Sm on -.It -.Cm ListenAddress -.Sm off -.Oo -.Ar host No | Ar IPv6_addr Oc : Ar port -.Sm on -.El -.Pp -If -.Ar port -is not specified, -.Nm sshd -will listen on the address and all prior -.Cm Port -options specified. -The default is to listen on all local addresses. -Multiple -.Cm ListenAddress -options are permitted. -Additionally, any -.Cm Port -options must precede this option for non port qualified addresses. -.It Cm LoginGraceTime -The server disconnects after this time if the user has not -successfully logged in. -If the value is 0, there is no time limit. -The default is 120 seconds. -.It Cm LogLevel -Gives the verbosity level that is used when logging messages from -.Nm sshd . -The possible values are: -QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. -The default is INFO. -DEBUG and DEBUG1 are equivalent. -DEBUG2 and DEBUG3 each specify higher levels of debugging output. -Logging with a DEBUG level violates the privacy of users and is not recommended. -.It Cm MACs -Specifies the available MAC (message authentication code) algorithms. -The MAC algorithm is used in protocol version 2 -for data integrity protection. -Multiple algorithms must be comma-separated. -The default is -.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 . -.It Cm MaxStartups -Specifies the maximum number of concurrent unauthenticated connections to the -.Nm sshd -daemon. -Additional connections will be dropped until authentication succeeds or the -.Cm LoginGraceTime -expires for a connection. -The default is 10. -.Pp -Alternatively, random early drop can be enabled by specifying -the three colon separated values -.Dq start:rate:full -(e.g., "10:30:60"). -.Nm sshd -will refuse connection attempts with a probability of -.Dq rate/100 -(30%) -if there are currently -.Dq start -(10) -unauthenticated connections. -The probability increases linearly and all connection attempts -are refused if the number of unauthenticated connections reaches -.Dq full -(60). -.It Cm PasswordAuthentication -Specifies whether password authentication is allowed. -The default is -.Dq yes . -.It Cm PermitEmptyPasswords -When password authentication is allowed, it specifies whether the -server allows login to accounts with empty password strings. -The default is -.Dq no . -.It Cm PermitRootLogin -Specifies whether root can login using -.Xr ssh 1 . -The argument must be -.Dq yes , -.Dq without-password , -.Dq forced-commands-only -or -.Dq no . -The default is -.Dq yes . -.Pp -If this option is set to -.Dq without-password -password authentication is disabled for root. -.Pp -If this option is set to -.Dq forced-commands-only -root login with public key authentication will be allowed, -but only if the -.Ar command -option has been specified -(which may be useful for taking remote backups even if root login is -normally not allowed). -All other authentication methods are disabled for root. -.Pp -If this option is set to -.Dq no -root is not allowed to login. -.It Cm PermitUserEnvironment -Specifies whether -.Pa ~/.ssh/environment -and -.Cm environment= -options in -.Pa ~/.ssh/authorized_keys -are processed by -.Nm sshd . -The default is -.Dq no . -Enabling environment processing may enable users to bypass access -restrictions in some configurations using mechanisms such as -.Ev LD_PRELOAD . -.It Cm PidFile -Specifies the file that contains the process ID of the -.Nm sshd -daemon. -The default is -.Pa /var/run/sshd.pid . -.It Cm Port -Specifies the port number that -.Nm sshd -listens on. -The default is 22. -Multiple options of this type are permitted. -See also -.Cm ListenAddress . -.It Cm PrintLastLog -Specifies whether -.Nm sshd -should print the date and time when the user last logged in. -The default is -.Dq yes . -.It Cm PrintMotd -Specifies whether -.Nm sshd -should print -.Pa /etc/motd -when a user logs in interactively. -(On some systems it is also printed by the shell, -.Pa /etc/profile , -or equivalent.) -The default is -.Dq yes . -.It Cm Protocol -Specifies the protocol versions -.Nm sshd -supports. -The possible values are -.Dq 1 -and -.Dq 2 . -Multiple versions must be comma-separated. -The default is -.Dq 2,1 . -Note that the order of the protocol list does not indicate preference, -because the client selects among multiple protocol versions offered -by the server. -Specifying -.Dq 2,1 -is identical to -.Dq 1,2 . -.It Cm PubkeyAuthentication -Specifies whether public key authentication is allowed. -The default is -.Dq yes . -Note that this option applies to protocol version 2 only. -.Cm RhostsRSAAuthentication -should be used -instead, because it performs RSA-based host authentication in addition -to normal rhosts or /etc/hosts.equiv authentication. -The default is -.Dq no . -This option applies to protocol version 1 only. -.It Cm RhostsRSAAuthentication -Specifies whether rhosts or /etc/hosts.equiv authentication together -with successful RSA host authentication is allowed. -The default is -.Dq no . -This option applies to protocol version 1 only. -.It Cm RSAAuthentication -Specifies whether pure RSA authentication is allowed. -The default is -.Dq yes . -This option applies to protocol version 1 only. -.It Cm ServerKeyBits -Defines the number of bits in the ephemeral protocol version 1 server key. -The minimum value is 512, and the default is 768. -.It Cm StrictModes -Specifies whether -.Nm sshd -should check file modes and ownership of the -user's files and home directory before accepting login. -This is normally desirable because novices sometimes accidentally leave their -directory or files world-writable. -The default is -.Dq yes . -.It Cm Subsystem -Configures an external subsystem (e.g., file transfer daemon). -Arguments should be a subsystem name and a command to execute upon subsystem -request. -The command -.Xr sftp-server 8 -implements the -.Dq sftp -file transfer subsystem. -By default no subsystems are defined. -Note that this option applies to protocol version 2 only. -.It Cm SyslogFacility -Gives the facility code that is used when logging messages from -.Nm sshd . -The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, -LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. -The default is AUTH. -.It Cm UseDNS -Specifies whether -.Nm sshd -should lookup the remote host name and check that -the resolved host name for the remote IP address maps back to the -very same IP address. -The default is -.Dq yes . -.It Cm UseLogin -Specifies whether -.Xr login 1 -is used for interactive login sessions. -The default is -.Dq no . -Note that -.Xr login 1 -is never used for remote command execution. -Note also, that if this is enabled, -.Cm X11Forwarding -will be disabled because -.Xr login 1 -does not know how to handle -.Xr xauth 1 -cookies. -If -.Cm UsePrivilegeSeparation -is specified, it will be disabled after authentication. -.It Cm UsePAM -Enables PAM authentication (via challenge-response) and session set up. -If you enable this, you should probably disable -.Cm PasswordAuthentication . -If you enable -.CM UsePAM -then you will not be able to run sshd as a non-root user. -.It Cm UsePrivilegeSeparation -Specifies whether -.Nm sshd -separates privileges by creating an unprivileged child process -to deal with incoming network traffic. -After successful authentication, another process will be created that has -the privilege of the authenticated user. -The goal of privilege separation is to prevent privilege -escalation by containing any corruption within the unprivileged processes. -The default is -.Dq yes . -.It Cm X11DisplayOffset -Specifies the first display number available for -.Nm sshd Ns 's -X11 forwarding. -This prevents -.Nm sshd -from interfering with real X11 servers. -The default is 10. -.It Cm X11Forwarding -Specifies whether X11 forwarding is permitted. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.Pp -When X11 forwarding is enabled, there may be additional exposure to -the server and to client displays if the -.Nm sshd -proxy display is configured to listen on the wildcard address (see -.Cm X11UseLocalhost -below), however this is not the default. -Additionally, the authentication spoofing and authentication data -verification and substitution occur on the client side. -The security risk of using X11 forwarding is that the client's X11 -display server may be exposed to attack when the ssh client requests -forwarding (see the warnings for -.Cm ForwardX11 -in -.Xr ssh_config 5 ) . -A system administrator may have a stance in which they want to -protect clients that may expose themselves to attack by unwittingly -requesting X11 forwarding, which can warrant a -.Dq no -setting. -.Pp -Note that disabling X11 forwarding does not prevent users from -forwarding X11 traffic, as users can always install their own forwarders. -X11 forwarding is automatically disabled if -.Cm UseLogin -is enabled. -.It Cm X11UseLocalhost -Specifies whether -.Nm sshd -should bind the X11 forwarding server to the loopback address or to -the wildcard address. -By default, -.Nm sshd -binds the forwarding server to the loopback address and sets the -hostname part of the -.Ev DISPLAY -environment variable to -.Dq localhost . -This prevents remote hosts from connecting to the proxy display. -However, some older X11 clients may not function with this -configuration. -.Cm X11UseLocalhost -may be set to -.Dq no -to specify that the forwarding server should be bound to the wildcard -address. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq yes . -.It Cm XAuthLocation -Specifies the full pathname of the -.Xr xauth 1 -program. -The default is -.Pa /usr/X11R6/bin/xauth . -.El -.Ss Time Formats -.Nm sshd -command-line arguments and configuration file options that specify time -may be expressed using a sequence of the form: -.Sm off -.Ar time Op Ar qualifier , -.Sm on -where -.Ar time -is a positive integer value and -.Ar qualifier -is one of the following: -.Pp -.Bl -tag -width Ds -compact -offset indent -.It Cm -seconds -.It Cm s | Cm S -seconds -.It Cm m | Cm M -minutes -.It Cm h | Cm H -hours -.It Cm d | Cm D -days -.It Cm w | Cm W -weeks -.El -.Pp -Each member of the sequence is added together to calculate -the total time value. -.Pp -Time format examples: -.Pp -.Bl -tag -width Ds -compact -offset indent -.It 600 -600 seconds (10 minutes) -.It 10m -10 minutes -.It 1h30m -1 hour 30 minutes (90 minutes) -.El -.Sh FILES -.Bl -tag -width Ds -.It Pa /usr/local/etc/sshd_config -Contains configuration data for -.Nm sshd . -This file should be writable by root only, but it is recommended -(though not necessary) that it be world-readable. -.El -.Sh SEE ALSO -.Xr sshd 8 -.Sh AUTHORS -OpenSSH is a derivative of the original and free -ssh 1.2.12 release by Tatu Ylonen. -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, -Theo de Raadt and Dug Song -removed many bugs, re-added newer features and -created OpenSSH. -Markus Friedl contributed the support for SSH -protocol versions 1.5 and 2.0. -Niels Provos and Markus Friedl contributed support -for privilege separation. diff -ru --new-file openssh-3.7p1/linux/sshd_config.out openssh-3.7.1p1/linux/sshd_config.out --- openssh-3.7p1/linux/sshd_config.out 2003-09-16 16:40:08.000000000 +1000 +++ openssh-3.7.1p1/linux/sshd_config.out 1970-01-01 10:00:00.000000000 +1000 @@ -1,96 +0,0 @@ -# $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options change a -# default value. - -#Port 22 -#Protocol 2,1 -#ListenAddress 0.0.0.0 -#ListenAddress :: - -# HostKey for protocol version 1 -#HostKey /usr/local/etc/ssh_host_key -# HostKeys for protocol version 2 -#HostKey /usr/local/etc/ssh_host_rsa_key -#HostKey /usr/local/etc/ssh_host_dsa_key - -# Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 1h -#ServerKeyBits 768 - -# Logging -#obsoletes QuietMode and FascistLogging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -#PermitRootLogin yes -#StrictModes yes - -#RSAAuthentication yes -#PubkeyAuthentication yes -#AuthorizedKeysFile .ssh/authorized_keys - -# For this to work you will also need host keys in /usr/local/etc/ssh_known_hosts -#RhostsRSAAuthentication no -# similar for protocol version 2 -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# RhostsRSAAuthentication and HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no - -# Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCreds yes - -# Set this to 'yes' to enable PAM authentication (via challenge-response) -# and session processing. Depending on your PAM configuration, this may -# bypass the setting of 'PasswordAuthentication' -#UsePAM yes - -#AllowTcpForwarding yes -#GatewayPorts no -#X11Forwarding no -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PrintMotd yes -#PrintLastLog yes -#KeepAlive yes -#UseLogin no -#UsePrivilegeSeparation yes -#PermitUserEnvironment no -#Compression yes -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS yes -#PidFile /var/run/sshd.pid -#MaxStartups 10 - -# no default banner path -#Banner /some/path - -# override default of no subsystems -Subsystem sftp /usr/local/libexec/sftp-server Binary files openssh-3.7p1/linux/sshlogin.o and openssh-3.7.1p1/linux/sshlogin.o differ Binary files openssh-3.7p1/linux/sshpty.o and openssh-3.7.1p1/linux/sshpty.o differ Binary files openssh-3.7p1/linux/sshtty.o and openssh-3.7.1p1/linux/sshtty.o differ Binary files openssh-3.7p1/linux/tildexpand.o and openssh-3.7.1p1/linux/tildexpand.o differ Binary files openssh-3.7p1/linux/ttymodes.o and openssh-3.7.1p1/linux/ttymodes.o differ Binary files openssh-3.7p1/linux/uidswap.o and openssh-3.7.1p1/linux/uidswap.o differ Binary files openssh-3.7p1/linux/uuencode.o and openssh-3.7.1p1/linux/uuencode.o differ Binary files openssh-3.7p1/linux/xmalloc.o and openssh-3.7.1p1/linux/xmalloc.o differ diff -ru --new-file openssh-3.7p1/scp.0 openssh-3.7.1p1/scp.0 --- openssh-3.7p1/scp.0 2003-09-16 16:13:36.000000000 +1000 +++ openssh-3.7.1p1/scp.0 2003-09-17 07:38:36.000000000 +1000 @@ -1,4 +1,4 @@ -SCP(1) BSD General Commands Manual SCP(1) +SCP(1) OpenBSD Reference Manual SCP(1) NAME scp - secure copy (remote file copy program) @@ -41,8 +41,8 @@ about their progress. This is helpful in debugging connection, authentication, and configuration problems. - -B Selects batch mode (prevents asking for passwords or - passphrases). + -B Selects batch mode (prevents asking for passwords or passphras- + es). -q Disables the progress meter. @@ -55,7 +55,7 @@ -P port Specifies the port to connect to on the remote host. Note that - this option is written with a capital M-bM-^@M-^XPM-bM-^@M-^Y, because -p is already + this option is written with a capital `P', because -p is already reserved for preserving the times and modes of the file in rcp(1). @@ -88,7 +88,7 @@ the University of California. AUTHORS - Timo Rinne M-bM-^LM-)tri@iki.fiM-bM-^LM-* and - Tatu Ylonen M-bM-^LM-)ylo@cs.hut.fiM-bM-^LM-* + Timo Rinne and + Tatu Ylonen -BSD September 25, 1999 BSD +OpenBSD 3.4 September 25, 1999 2 diff -ru --new-file openssh-3.7p1/sftp-server.0 openssh-3.7.1p1/sftp-server.0 --- openssh-3.7p1/sftp-server.0 2003-09-16 16:13:37.000000000 +1000 +++ openssh-3.7.1p1/sftp-server.0 2003-09-17 07:38:38.000000000 +1000 @@ -1,4 +1,4 @@ -SFTP-SERVER(8) BSD System ManagerM-bM-^@M-^Ys Manual SFTP-SERVER(8) +SFTP-SERVER(8) OpenBSD System Manager's Manual SFTP-SERVER(8) NAME sftp-server - SFTP server subsystem @@ -8,20 +8,20 @@ DESCRIPTION sftp-server is a program that speaks the server side of SFTP protocol to - stdout and expects client requests from stdin. sftp-server is not - intended to be called directly, but from sshd(8) using the Subsystem - option. See sshd(8) for more information. + stdout and expects client requests from stdin. sftp-server is not in- + tended to be called directly, but from sshd(8) using the Subsystem op- + tion. See sshd(8) for more information. SEE ALSO sftp(1), ssh(1), sshd(8) - T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- + T. Ylonen, and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- filexfer-00.txt, January 2001, work in progress material. AUTHORS - Markus Friedl M-bM-^LM-)markus@openbsd.orgM-bM-^LM-* + Markus Friedl HISTORY sftp-server first appeared in OpenBSD 2.8 . -BSD August 30, 2000 BSD +OpenBSD 3.4 August 30, 2000 1 diff -ru --new-file openssh-3.7p1/sftp.0 openssh-3.7.1p1/sftp.0 --- openssh-3.7p1/sftp.0 2003-09-16 16:13:37.000000000 +1000 +++ openssh-3.7.1p1/sftp.0 2003-09-17 07:38:38.000000000 +1000 @@ -1,4 +1,4 @@ -SFTP(1) BSD General Commands Manual SFTP(1) +SFTP(1) OpenBSD Reference Manual SFTP(1) NAME sftp - secure file transfer program @@ -15,8 +15,8 @@ sftp is an interactive file transfer program, similar to ftp(1), which performs all operations over an encrypted ssh(1) transport. It may also use many features of ssh, such as public key authentication and compres- - sion. sftp connects and logs into the specified host, then enters an - interactive command mode. + sion. sftp connects and logs into the specified host, then enters an in- + teractive command mode. The second usage format will retrieve files automatically if a non-inter- active authentication method is used; otherwise it will do so after suc- @@ -31,13 +31,13 @@ sshd(8) and ssh-keygen(1) for details). The options are as follows: -b batchfile - Batch mode reads a series of commands from an input batchfile - instead of stdin. Since it lacks user interaction it should be + Batch mode reads a series of commands from an input batchfile in- + stead of stdin. Since it lacks user interaction it should be used in conjunction with non-interactive authentication. sftp will abort if any of the following commands fail: get, put, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd and lmkdir. Termination on error can be suppressed on a - command by command basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y + command by command basis by prefixing the command with a `-' character (for example, -rm /tmp/blah*). -o ssh_option @@ -59,7 +59,7 @@ files. Larger buffers require fewer round trips at the cost of higher memory consumption. The default is 32768 bytes. - -C Enables compression (via sshM-bM-^@M-^Ys -C flag). + -C Enables compression (via ssh's -C flag). -F ssh_config Specifies an alternative per-user configuration file for ssh(1). @@ -82,8 +82,8 @@ INTERACTIVE COMMANDS Once in interactive mode, sftp understands a set of commands similar to - those of ftp(1). Commands are case insensitive and pathnames may be - enclosed in quotes if they contain spaces. + those of ftp(1). Commands are case insensitive and pathnames may be en- + closed in quotes if they contain spaces. bye Quit sftp. @@ -108,7 +108,7 @@ Retrieve the remote-path and store it on the local machine. If the local path name is not specified, it is given the same name it has on the remote machine. If the -P flag is specified, then - the fileM-bM-^@M-^Ys full permission and access time are copied too. + the file's full permission and access time are copied too. help Display help text. @@ -140,10 +140,10 @@ Toggle display of progress meter. put [flags] local-path [remote-path] - Upload local-path and store it on the remote machine. If the - remote path name is not specified, it is given the same name it - has on the local machine. If the -P flag is specified, then the - fileM-bM-^@M-^Ys full permission and access time are copied too. + Upload local-path and store it on the remote machine. If the re- + mote path name is not specified, it is given the same name it has + on the local machine. If the -P flag is specified, then the + file's full permission and access time are copied too. pwd Display remote working directory. @@ -175,7 +175,7 @@ scp(1), ssh(1), ssh-add(1), ssh-keygen(1), ssh_config(5), sftp-server(8), sshd(8) - T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- + T. Ylonen, and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- filexfer-00.txt, January 2001, work in progress material. -BSD February 4, 2001 BSD +OpenBSD 3.4 February 4, 2001 3 diff -ru --new-file openssh-3.7p1/ssh-add.0 openssh-3.7.1p1/ssh-add.0 --- openssh-3.7p1/ssh-add.0 2003-09-16 16:13:36.000000000 +1000 +++ openssh-3.7.1p1/ssh-add.0 2003-09-17 07:38:36.000000000 +1000 @@ -1,4 +1,4 @@ -SSH-ADD(1) BSD General Commands Manual SSH-ADD(1) +SSH-ADD(1) OpenBSD Reference Manual SSH-ADD(1) NAME ssh-add - adds RSA or DSA identities to the authentication agent @@ -9,12 +9,12 @@ ssh-add -e reader DESCRIPTION - ssh-add adds RSA or DSA identities to the authentication agent, - ssh-agent(1). When run without arguments, it adds the files + ssh-add adds RSA or DSA identities to the authentication agent, ssh- + agent(1). When run without arguments, it adds the files $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. Alterna- tive file names can be given on the command line. If any file requires a passphrase, ssh-add asks for the passphrase from the user. The - passphrase is read from the userM-bM-^@M-^Ys tty. ssh-add retries the last + passphrase is read from the user's tty. ssh-add retries the last passphrase if multiple identity files are given. The authentication agent must be running and must be an ancestor of the @@ -99,4 +99,4 @@ ated OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -BSD September 25, 1999 BSD +OpenBSD 3.4 September 25, 1999 2 diff -ru --new-file openssh-3.7p1/ssh-agent.0 openssh-3.7.1p1/ssh-agent.0 --- openssh-3.7p1/ssh-agent.0 2003-09-16 16:13:36.000000000 +1000 +++ openssh-3.7.1p1/ssh-agent.0 2003-09-17 07:38:37.000000000 +1000 @@ -1,4 +1,4 @@ -SSH-AGENT(1) BSD General Commands Manual SSH-AGENT(1) +SSH-AGENT(1) OpenBSD Reference Manual SSH-AGENT(1) NAME ssh-agent - authentication agent @@ -18,14 +18,14 @@ The options are as follows: -a bind_address - Bind the agent to the unix-domain socket bind_address. The - default is /tmp/ssh-XXXXXXXX/agent.. + Bind the agent to the unix-domain socket bind_address. The de- + fault is /tmp/ssh-XXXXXXXX/agent.. -c Generate C-shell commands on stdout. This is the default if - SHELL looks like itM-bM-^@M-^Ys a csh style of shell. + SHELL looks like it's a csh style of shell. -s Generate Bourne shell commands on stdout. This is the default if - SHELL does not look like itM-bM-^@M-^Ys a csh style of shell. + SHELL does not look like it's a csh style of shell. -k Kill the current agent (given by the SSH_AGENT_PID environment variable). @@ -34,8 +34,8 @@ Set a default value for the maximum lifetime of identities added to the agent. The lifetime may be specified in seconds or in a time format specified in sshd(8). A lifetime specified for an - identity with ssh-add(1) overrides this value. Without this - option the default maximum lifetime is forever. + identity with ssh-add(1) overrides this value. Without this op- + tion the default maximum lifetime is forever. -d Debug mode. When this option is specified ssh-agent will not fork. @@ -53,7 +53,7 @@ these identities. ssh-add -l displays the identities currently held by the agent. - The idea is that the agent is run in the userM-bM-^@M-^Ys local PC, laptop, or ter- + The idea is that the agent is run in the user's local PC, laptop, or ter- minal. Authentication data need not be stored on any other machine, and authentication passphrases never go over the network. However, the con- nection to the agent is forwarded over SSH remote logins, and the user @@ -67,17 +67,17 @@ looks at these variables and uses them to establish a connection to the agent. - The agent will never send a private key over its request channel. - Instead, operations that require a private key will be performed by the + The agent will never send a private key over its request channel. In- + stead, operations that require a private key will be performed by the agent, and the result will be returned to the requester. This way, pri- vate keys are not exposed to clients using the agent. A unix-domain socket is created and the name of this socket is stored in the SSH_AUTH_SOCK environment variable. The socket is made accessible - only to the current user. This method is easily abused by root or - another instance of the same user. + only to the current user. This method is easily abused by root or anoth- + er instance of the same user. - The SSH_AGENT_PID environment variable holds the agentM-bM-^@M-^Ys process ID. + The SSH_AGENT_PID environment variable holds the agent's process ID. The agent exits automatically when the command given on the command line terminates. @@ -111,4 +111,4 @@ ated OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -BSD September 25, 1999 BSD +OpenBSD 3.4 September 25, 1999 2 diff -ru --new-file openssh-3.7p1/ssh-keygen.0 openssh-3.7.1p1/ssh-keygen.0 --- openssh-3.7p1/ssh-keygen.0 2003-09-16 16:13:36.000000000 +1000 +++ openssh-3.7.1p1/ssh-keygen.0 2003-09-17 07:38:37.000000000 +1000 @@ -1,4 +1,4 @@ -SSH-KEYGEN(1) BSD General Commands Manual SSH-KEYGEN(1) +SSH-KEYGEN(1) OpenBSD Reference Manual SSH-KEYGEN(1) NAME ssh-keygen - authentication key generation, management and conversion @@ -35,17 +35,17 @@ Normally this program generates the key and asks for a file in which to store the private key. The public key is stored in a file with the same - name but M-bM-^@M-^\.pubM-bM-^@M-^] appended. The program also asks for a passphrase. The + name but ``.pub'' appended. The program also asks for a passphrase. The passphrase may be empty to indicate no passphrase (host keys must have an empty passphrase), or it may be a string of arbitrary length. A - passphrase is similar to a password, except it can be a phrase with a - series of words, punctuation, numbers, whitespace, or any string of char- - acters you want. Good passphrases are 10-30 characters long, are not - simple sentences or otherwise easily guessable (English prose has only - 1-2 bits of entropy per character, and provides very bad passphrases), - and contain a mix of upper and lowercase letters, numbers, and non- - alphanumeric characters. The passphrase can be changed later by using - the -p option. + passphrase is similar to a password, except it can be a phrase with a se- + ries of words, punctuation, numbers, whitespace, or any string of charac- + ters you want. Good passphrases are 10-30 characters long, are not sim- + ple sentences or otherwise easily guessable (English prose has only 1-2 + bits of entropy per character, and provides very bad passphrases), and + contain a mix of upper and lowercase letters, numbers, and non-alphanu- + meric characters. The passphrase can be changed later by using the -p + option. There is no way to recover a lost passphrase. If the passphrase is lost or forgotten, a new key must be generated and copied to the corresponding @@ -54,8 +54,8 @@ For RSA1 keys, there is also a comment field in the key file that is only for convenience to the user to help identify the key. The comment can tell what the key is for, or whatever is useful. The comment is initial- - ized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be changed using the - -c option. + ized to ``user@host'' when the key is created, but can be changed using + the -c option. After a key is generated, instructions below detail where the keys should be placed to be activated. @@ -77,7 +77,7 @@ the passphrase if the key has one, and for the new comment. -e This option will read a private or public OpenSSH key file and - print the key in a M-bM-^@M-^XSECSH Public Key File FormatM-bM-^@M-^Y to stdout. + print the key in a `SECSH Public Key File Format' to stdout. This option allows exporting keys for use by several commercial SSH implementations. @@ -88,8 +88,8 @@ -i This option will read an unencrypted private (or public) key file in SSH2-compatible format and print an OpenSSH compatible private - (or public) key to stdout. ssh-keygen also reads the M-bM-^@M-^XSECSH - Public Key File FormatM-bM-^@M-^Y. This option allows importing keys from + (or public) key to stdout. ssh-keygen also reads the `SECSH + Public Key File Format'. This option allows importing keys from several commercial SSH implementations. -l Show fingerprint of specified public key file. Private RSA1 keys @@ -108,8 +108,8 @@ -t type Specifies the type of the key to create. The possible values are - M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\rsaM-bM-^@M-^] or M-bM-^@M-^\dsaM-bM-^@M-^] for protocol - version 2. + ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for proto- + col version 2. -B Show the bubblebabble digest of specified private or public key file. @@ -155,9 +155,9 @@ MODULI GENERATION ssh-keygen may be used to generate groups for the Diffie-Hellman Group Exchange (DH-GEX) protocol. Generating these groups is a two-step pro- - cess: first, candidate primes are generated using a fast, but memory - intensive process. These candidate primes are then tested for suitabil- - ity (a CPU-intensive process). + cess: first, candidate primes are generated using a fast, but memory in- + tensive process. These candidate primes are then tested for suitability + (a CPU-intensive process). Generation of primes is performed using the -G option. The desired length of the primes may be specified by the -b option. For example: @@ -188,8 +188,8 @@ FILES $HOME/.ssh/identity Contains the protocol version 1 RSA authentication identity of - the user. This file should not be readable by anyone but the - user. It is possible to specify a passphrase when generating the + the user. This file should not be readable by anyone but the us- + er. It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file using 3DES. This file is not automatically accessed by ssh-keygen but it is offered as the default file for the private @@ -204,8 +204,8 @@ $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of - the user. This file should not be readable by anyone but the - user. It is possible to specify a passphrase when generating the + the user. This file should not be readable by anyone but the us- + er. It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file using 3DES. This file is not automatically accessed by ssh-keygen but it is offered as the default file for the private @@ -220,8 +220,8 @@ $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of - the user. This file should not be readable by anyone but the - user. It is possible to specify a passphrase when generating the + the user. This file should not be readable by anyone but the us- + er. It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file using 3DES. This file is not automatically accessed by ssh-keygen but it is offered as the default file for the private @@ -241,14 +241,14 @@ SEE ALSO ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8) - J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf- + J. Galbraith, and R. Thayer, SECSH Public Key File Format, draft-ietf- secsh-publickeyfile-01.txt, March 2001, work in progress material. AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and cre- - ated OpenSSH. Markus Friedl contributed the support for SSH protocol + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -BSD September 25, 1999 BSD +OpenBSD 3.4 September 25, 1999 4 diff -ru --new-file openssh-3.7p1/ssh-keyscan.0 openssh-3.7.1p1/ssh-keyscan.0 --- openssh-3.7p1/ssh-keyscan.0 2003-09-16 16:13:36.000000000 +1000 +++ openssh-3.7.1p1/ssh-keyscan.0 2003-09-17 07:38:37.000000000 +1000 @@ -1,4 +1,4 @@ -SSH-KEYSCAN(1) BSD General Commands Manual SSH-KEYSCAN(1) +SSH-KEYSCAN(1) OpenBSD Reference Manual SSH-KEYSCAN(1) NAME ssh-keyscan - gather ssh public keys @@ -29,14 +29,15 @@ Set the timeout for connection attempts. If timeout seconds have elapsed since a connection was initiated to a host or since the last time anything was read from that host, then the connection - is closed and the host in question considered unavailable. - Default is 5 seconds. + is closed and the host in question considered unavailable. De- + fault is 5 seconds. -t type Specifies the type of the key to fetch from the scanned hosts. - The possible values are M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\rsaM-bM-^@M-^] - or M-bM-^@M-^\dsaM-bM-^@M-^] for protocol version 2. Multiple values may be speci- - fied by separating them with commas. The default is M-bM-^@M-^\rsa1M-bM-^@M-^]. + The possible values are ``rsa1'' for protocol version 1 and + ``rsa'' or ``dsa'' for protocol version 2. Multiple values may + be specified by separating them with commas. The default is + ``rsa1''. -f filename Read hosts or addrlist namelist pairs from this file, one per @@ -53,9 +54,9 @@ SECURITY If a ssh_known_hosts file is constructed using ssh-keyscan without veri- fying the keys, users will be vulnerable to attacks. On the other hand, - if the security model allows such a risk, ssh-keyscan can help in the - detection of tampered keyfiles or man in the middle attacks which have - begun after the ssh_known_hosts file was created. + if the security model allows such a risk, ssh-keyscan can help in the de- + tection of tampered keyfiles or man in the middle attacks which have be- + gun after the ssh_known_hosts file was created. FILES Input format: @@ -70,7 +71,7 @@ host-or-namelist keytype base64-encoded-key - Where keytype is either M-bM-^@M-^\ssh-rsaM-bM-^@M-^] or M-bM-^@M-^\ssh-dssM-bM-^@M-^]. + Where keytype is either ``ssh-rsa'' or ``ssh-dss''. /etc/ssh/ssh_known_hosts @@ -89,8 +90,8 @@ ssh(1), sshd(8) AUTHORS - David Mazieres M-bM-^LM-)dm@lcs.mit.eduM-bM-^LM-* wrote the initial version, and - Wayne Davison M-bM-^LM-)wayned@users.sourceforge.netM-bM-^LM-* added support for protocol + David Mazieres wrote the initial version, and + Wayne Davison added support for protocol version 2. BUGS @@ -99,4 +100,4 @@ This is because it opens a connection to the ssh port, reads the public key, and drops the connection as soon as it gets the key. -BSD January 1, 1996 BSD +OpenBSD 3.4 January 1, 1996 2 diff -ru --new-file openssh-3.7p1/ssh-keysign.0 openssh-3.7.1p1/ssh-keysign.0 --- openssh-3.7p1/ssh-keysign.0 2003-09-16 16:13:37.000000000 +1000 +++ openssh-3.7.1p1/ssh-keysign.0 2003-09-17 07:38:38.000000000 +1000 @@ -1,4 +1,4 @@ -SSH-KEYSIGN(8) BSD System ManagerM-bM-^@M-^Ys Manual SSH-KEYSIGN(8) +SSH-KEYSIGN(8) OpenBSD System Manager's Manual SSH-KEYSIGN(8) NAME ssh-keysign - ssh helper program for hostbased authentication @@ -13,7 +13,7 @@ ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting EnableSSHKeysign - to M-bM-^@M-^\yesM-bM-^@M-^]. + to ``yes''. ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about hostbased authentica- @@ -37,6 +37,6 @@ ssh-keysign first appeared in OpenBSD 3.2. AUTHORS - Markus Friedl M-bM-^LM-)markus@openbsd.orgM-bM-^LM-* + Markus Friedl -BSD May 24, 2002 BSD +OpenBSD 3.4 May 24, 2002 1 diff -ru --new-file openssh-3.7p1/ssh-rand-helper.0 openssh-3.7.1p1/ssh-rand-helper.0 --- openssh-3.7p1/ssh-rand-helper.0 2003-09-16 16:13:37.000000000 +1000 +++ openssh-3.7.1p1/ssh-rand-helper.0 2003-09-17 07:38:38.000000000 +1000 @@ -1,4 +1,4 @@ -SSH-RAND-HELPER(8) BSD System ManagerM-bM-^@M-^Ys Manual SSH-RAND-HELPER(8) +SSH-RAND-HELPER(8) OpenBSD System Manager's Manual SSH-RAND-HELPER(8) NAME ssh-rand-helper - Random number gatherer for OpenSSH @@ -46,4 +46,4 @@ SEE ALSO ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) -BSD April 14, 2002 BSD +OpenBSD 3.4 April 14, 2002 1 diff -ru --new-file openssh-3.7p1/ssh.0 openssh-3.7.1p1/ssh.0 --- openssh-3.7p1/ssh.0 2003-09-16 16:13:37.000000000 +1000 +++ openssh-3.7.1p1/ssh.0 2003-09-17 07:38:37.000000000 +1000 @@ -1,4 +1,4 @@ -SSH(1) BSD General Commands Manual SSH(1) +SSH(1) OpenBSD Reference Manual SSH(1) NAME ssh - OpenSSH SSH client (remote login program) @@ -14,19 +14,20 @@ DESCRIPTION ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine. It is intended to replace rlogin - and rsh, and provide secure encrypted communications between two - untrusted hosts over an insecure network. X11 connections and arbitrary - TCP/IP ports can also be forwarded over the secure channel. + and rsh, and provide secure encrypted communications between two untrust- + ed hosts over an insecure network. X11 connections and arbitrary TCP/IP + ports can also be forwarded over the secure channel. ssh connects and logs into the specified hostname. The user must prove - his/her identity to the remote machine using one of several methods - depending on the protocol version used: + his/her identity to the remote machine using one of several methods de- + pending on the protocol version used: SSH protocol version 1 + First, if the machine the user logs in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote machine, and the user names are the same on both sides, the user is immediately permitted to log in. Second, - if .rhosts or .shosts exists in the userM-bM-^@M-^Ys home directory on the remote + if .rhosts or .shosts exists in the user's home directory on the remote machine and contains a line containing the name of the client machine and the name of the user on that machine, the user is permitted to log in. This form of authentication alone is normally not allowed by the server @@ -35,7 +36,7 @@ The second authentication method is the rhosts or hosts.equiv method com- bined with RSA-based host authentication. It means that if the login would be permitted by $HOME/.rhosts, $HOME/.shosts, /etc/hosts.equiv, or - /etc/shosts.equiv, and if additionally the server can verify the clientM-bM-^@M-^Ys + /etc/shosts.equiv, and if additionally the server can verify the client's host key (see /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts in the FILES section), only then login is permitted. This authentication method closes security holes due to IP spoofing, DNS spoofing and routing spoof- @@ -55,15 +56,15 @@ which key pair it would like to use for authentication. The server checks if this key is permitted, and if so, sends the user (actually the ssh program running on behalf of the user) a challenge, a random number, - encrypted by the userM-bM-^@M-^Ys public key. The challenge can only be decrypted - using the proper private key. The userM-bM-^@M-^Ys client then decrypts the chal- + encrypted by the user's public key. The challenge can only be decrypted + using the proper private key. The user's client then decrypts the chal- lenge using the private key, proving that he/she knows the private key but without disclosing it to the server. ssh implements the RSA authentication protocol automatically. The user creates his/her RSA key pair by running ssh-keygen(1). This stores the private key in $HOME/.ssh/identity and the public key in - $HOME/.ssh/identity.pub in the userM-bM-^@M-^Ys home directory. The user should + $HOME/.ssh/identity.pub in the user's home directory. The user should then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her home directory on the remote machine (the authorized_keys file corresponds to the conventional $HOME/.rhosts file, and has one key per line, though the @@ -80,6 +81,7 @@ someone listening on the network. SSH protocol version 2 + When a user connects using protocol version 2 similar authentication methods are available. Using the default values for PreferredAuthentications, the client will try to authenticate first using @@ -94,11 +96,11 @@ server checks whether the matching public key is listed in $HOME/.ssh/authorized_keys and grants access if both the key is found and the signature is correct. The session identifier is derived from a - shared Diffie-Hellman value and is only known to the client and the - server. + shared Diffie-Hellman value and is only known to the client and the serv- + er. If public key authentication fails or is not available a password can be - sent encrypted to the remote host for proving the userM-bM-^@M-^Ys identity. + sent encrypted to the remote host for proving the user's identity. Additionally, ssh supports hostbased or challenge response authentica- tion. @@ -109,8 +111,9 @@ ensuring the integrity of the connection. Login session and remote execution - When the userM-bM-^@M-^Ys identity has been accepted by the server, the server - either executes the given command, or logs into the machine and gives the + + When the user's identity has been accepted by the server, the server ei- + ther executes the given command, or logs into the machine and gives the user a normal shell on the remote machine. All communication with the remote command or shell will be automatically encrypted. @@ -119,14 +122,15 @@ If no pseudo tty has been allocated, the session is transparent and can be used to reliably transfer binary data. On most systems, setting the - escape character to M-bM-^@M-^\noneM-bM-^@M-^] will also make the session transparent even if - a tty is used. + escape character to ``none'' will also make the session transparent even + if a tty is used. The session terminates when the command or shell on the remote machine exits and all X11 and TCP/IP connections have been closed. The exit sta- tus of the remote program is returned as the exit status of ssh. Escape Characters + When a pseudo terminal has been requested, ssh supports a number of func- tions through the use of an escape character. @@ -136,7 +140,7 @@ ter can be changed in configuration files using the EscapeChar configura- tion directive or on the command line by the -e option. - The supported escapes (assuming the default M-bM-^@M-^X~M-bM-^@M-^Y) are: + The supported escapes (assuming the default `~') are: ~. Disconnect @@ -159,19 +163,20 @@ version 2 and if the peer supports it) X11 and TCP forwarding - If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or, see the description of + + If the ForwardX11 variable is set to ``yes'' (or, see the description of the -X and -x options described later) and the user is using X11 (the DISPLAY environment variable is set), the connection to the X11 display is automatically forwarded to the remote side in such a way that any X11 - programs started from the shell (or command) will go through the - encrypted channel, and the connection to the real X server will be made - from the local machine. The user should not manually set DISPLAY. For- - warding of X11 connections can be configured on the command line or in - configuration files. + programs started from the shell (or command) will go through the encrypt- + ed channel, and the connection to the real X server will be made from the + local machine. The user should not manually set DISPLAY. Forwarding of + X11 connections can be configured on the command line or in configuration + files. The DISPLAY value set by ssh will point to the server machine, but with a display number greater than zero. This is normal, and happens because - ssh creates a M-bM-^@M-^\proxyM-bM-^@M-^] X server on the server machine for forwarding the + ssh creates a ``proxy'' X server on the server machine for forwarding the connections over the encrypted channel. ssh will also automatically set up Xauthority data on the server machine. @@ -181,10 +186,10 @@ is opened. The real authentication cookie is never sent to the server machine (and no cookies are sent in the plain). - If the ForwardAgent variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or, see the description of - the -A and -a options described later) and the user is using an authenti- - cation agent, the connection to the agent is automatically forwarded to - the remote side. + If the ForwardAgent variable is set to ``yes'' (or, see the description + of the -A and -a options described later) and the user is using an au- + thentication agent, the connection to the agent is automatically forward- + ed to the remote side. Forwarding of arbitrary TCP/IP connections over the secure channel can be specified either on the command line or in a configuration file. One @@ -192,13 +197,14 @@ electronic purse; another is going through firewalls. Server authentication + ssh automatically maintains and checks a database containing identifica- tions for all hosts it has ever been used with. Host keys are stored in - $HOME/.ssh/known_hosts in the userM-bM-^@M-^Ys home directory. Additionally, the + $HOME/.ssh/known_hosts in the user's home directory. Additionally, the file /etc/ssh/ssh_known_hosts is automatically checked for known hosts. - Any new hosts are automatically added to the userM-bM-^@M-^Ys file. If a hostM-bM-^@M-^Ys + Any new hosts are automatically added to the user's file. If a host's identification ever changes, ssh warns about this and disables password - authentication to prevent a trojan horse from getting the userM-bM-^@M-^Ys pass- + authentication to prevent a trojan horse from getting the user's pass- word. Another purpose of this mechanism is to prevent man-in-the-middle attacks which could otherwise be used to circumvent the encryption. The StrictHostKeyChecking option can be used to prevent logins to machines @@ -214,7 +220,7 @@ Agent forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the - agentM-bM-^@M-^Ys Unix-domain socket) can access the local agent through + agent's Unix-domain socket) can access the local agent through the forwarded connection. An attacker cannot obtain key material from the agent, however they can perform operations on the keys that enable them to authenticate using the identities loaded into @@ -240,19 +246,19 @@ more information. -e ch|^ch|none - Sets the escape character for sessions with a pty (default: M-bM-^@M-^X~M-bM-^@M-^Y). + Sets the escape character for sessions with a pty (default: `~'). The escape character is only recognized at the beginning of a - line. The escape character followed by a dot (M-bM-^@M-^X.M-bM-^@M-^Y) closes the + line. The escape character followed by a dot (`.') closes the connection, followed by control-Z suspends the connection, and followed by itself sends the escape character once. Setting the - character to M-bM-^@M-^\noneM-bM-^@M-^] disables any escapes and makes the session + character to ``none'' disables any escapes and makes the session fully transparent. -f Requests ssh to go to background just before command execution. - This is useful if ssh is going to ask for passwords or - passphrases, but the user wants it in the background. This - implies -n. The recommended way to start X11 programs at a - remote site is with something like ssh -f host xterm. + This is useful if ssh is going to ask for passwords or passphras- + es, but the user wants it in the background. This implies -n. + The recommended way to start X11 programs at a remote site is + with something like ssh -f host xterm. -g Allows remote hosts to connect to local forwarded ports. @@ -260,15 +266,15 @@ Selects a file from which the identity (private key) for RSA or DSA authentication is read. The default is $HOME/.ssh/identity for protocol version 1, and $HOME/.ssh/id_rsa and - $HOME/.ssh/id_dsa for protocol version 2. Identity files may - also be specified on a per-host basis in the configuration file. + $HOME/.ssh/id_dsa for protocol version 2. Identity files may al- + so be specified on a per-host basis in the configuration file. It is possible to have multiple -i options (and multiple identi- ties specified in configuration files). -I smartcard_device - Specifies which smartcard device to use. The argument is the - device ssh should use to communicate with a smartcard used for - storing the userM-bM-^@M-^Ys private RSA key. + Specifies which smartcard device to use. The argument is the de- + vice ssh should use to communicate with a smartcard used for + storing the user's private RSA key. -k Disables forwarding of Kerberos tickets. This may also be speci- fied on a per-host basis in the configuration file. @@ -284,13 +290,12 @@ -n Redirects stdin from /dev/null (actually, prevents reading from stdin). This must be used when ssh is run in the background. A - common trick is to use this to run X11 programs on a remote - machine. For example, ssh -n shadows.cs.hut.fi emacs & will - start an emacs on shadows.cs.hut.fi, and the X11 connection will - be automatically forwarded over an encrypted channel. The ssh - program will be put in the background. (This does not work if - ssh needs to ask for a password or passphrase; see also the -f - option.) + common trick is to use this to run X11 programs on a remote ma- + chine. For example, ssh -n shadows.cs.hut.fi emacs & will start + an emacs on shadows.cs.hut.fi, and the X11 connection will be au- + tomatically forwarded over an encrypted channel. The ssh program + will be put in the background. (This does not work if ssh needs + to ask for a password or passphrase; see also the -f option.) -N Do not execute a remote command. This is useful for just for- warding ports (protocol version 2 only). @@ -308,10 +313,10 @@ suppressed. -s May be used to request invocation of a subsystem on the remote - system. Subsystems are a feature of the SSH2 protocol which - facilitate the use of SSH as a secure transport for other appli- - cations (eg. sftp). The subsystem is specified as the remote - command. + system. Subsystems are a feature of the SSH2 protocol which fa- + cilitate the use of SSH as a secure transport for other applica- + tions (eg. sftp). The subsystem is specified as the remote com- + mand. -t Force pseudo-tty allocation. This can be used to execute arbi- trary screen-based programs on a remote machine, which can be @@ -334,15 +339,15 @@ X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the - userM-bM-^@M-^Ys X authorization database) can access the local X11 display + user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. -C Requests compression of all data (including stdin, stdout, stderr, and data for forwarded X11 and TCP/IP connections). The compression algorithm is the same used by gzip(1), and the - M-bM-^@M-^\levelM-bM-^@M-^] can be controlled by the CompressionLevel option for pro- - tocol version 1. Compression is desirable on modem lines and + ``level'' can be controlled by the CompressionLevel option for + protocol version 1. Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks. The default value can be set on a host-by-host basis in the configuration files; see the Compression option. @@ -377,7 +382,7 @@ syntax: port/host/hostport -D port - Specifies a local M-bM-^@M-^\dynamicM-bM-^@M-^] application-level port forwarding. + Specifies a local ``dynamic'' application-level port forwarding. This works by allocating a socket to listen to port on the local side, and whenever a connection is made to this port, the connec- tion is forwarded over the secure channel, and the application @@ -406,20 +411,20 @@ DISPLAY The DISPLAY variable indicates the location of the X11 server. It is automatically set by ssh to point to a value of the form - M-bM-^@M-^\hostname:nM-bM-^@M-^] where hostname indicates the host where the shell + ``hostname:n'' where hostname indicates the host where the shell runs, and n is an integer >= 1. ssh uses this special value to forward X11 connections over the secure channel. The user should normally not set DISPLAY explicitly, as that will render the X11 connection insecure (and will require the user to manually copy any required authorization cookies). - HOME Set to the path of the userM-bM-^@M-^Ys home directory. + HOME Set to the path of the user's home directory. LOGNAME Synonym for USER; set for compatibility with systems that use this variable. - MAIL Set to the path of the userM-bM-^@M-^Ys mailbox. + MAIL Set to the path of the user's mailbox. PATH Set to the default PATH, as specified when compiling ssh. @@ -448,9 +453,9 @@ ments. SSH_TTY - This is set to the name of the tty (path to the device) associ- - ated with the current shell or command. If the current session - has no tty, this variable is not set. + This is set to the name of the tty (path to the device) associat- + ed with the current shell or command. If the current session has + no tty, this variable is not set. TZ The timezone variable is set to indicate the present timezone if it was set when the daemon was started (i.e., the daemon passes @@ -459,9 +464,9 @@ USER Set to the name of the user logging in. Additionally, ssh reads $HOME/.ssh/environment, and adds lines of the - format M-bM-^@M-^\VARNAME=valueM-bM-^@M-^] to the environment if the file exists and if users - are allowed to change their environment. See the PermitUserEnvironment - option in sshd_config(5). + format ``VARNAME=value'' to the environment if the file exists and if + users are allowed to change their environment. See the + PermitUserEnvironment option in sshd_config(5). FILES $HOME/.ssh/known_hosts @@ -519,8 +524,8 @@ by sshd(8) to verify the client host when logging in; other names are needed because ssh does not convert the user-supplied name to a canonical name before checking the key, because someone with - access to the name servers would then be able to fool host - authentication. + access to the name servers would then be able to fool host au- + thentication. /etc/ssh/ssh_config Systemwide configuration file. The file format and configuration @@ -544,16 +549,16 @@ Each line of the file contains a host name (in the canonical form returned by name servers), and then a user name on that host, separated by a space. On some machines this file may need to be - world-readable if the userM-bM-^@M-^Ys home directory is on a NFS parti- + world-readable if the user's home directory is on a NFS parti- tion, because sshd(8) reads it as root. Additionally, this file must be owned by the user, and must not have write permissions for anyone else. The recommended permission for most machines is read/write for the user, and not accessible by others. - Note that by default sshd(8) will be installed so that it - requires successful RSA host authentication before permitting + Note that by default sshd(8) will be installed so that it re- + quires successful RSA host authentication before permitting .rhosts authentication. If the server machine does not have the - clientM-bM-^@M-^Ys host key in /etc/ssh/ssh_known_hosts, it can be stored + client's host key in /etc/ssh/ssh_known_hosts, it can be stored in $HOME/.ssh/known_hosts. The easiest way to do this is to con- nect back to the client from the server machine using ssh; this will automatically add the host key to $HOME/.ssh/known_hosts. @@ -568,8 +573,8 @@ canonical hosts names, one per line (the full format is described on the sshd(8) manual page). If the client host is found in this file, login is automatically permitted provided client and server - user names are the same. Additionally, successful RSA host - authentication is normally required. This file should only be + user names are the same. Additionally, successful RSA host au- + thentication is normally required. This file should only be writable by root. /etc/shosts.equiv @@ -579,12 +584,12 @@ /etc/ssh/sshrc Commands in this file are executed by ssh when the user logs in - just before the userM-bM-^@M-^Ys shell (or command) is started. See the + just before the user's shell (or command) is started. See the sshd(8) manual page for more information. $HOME/.ssh/rc Commands in this file are executed by ssh when the user logs in - just before the userM-bM-^@M-^Ys shell (or command) is started. See the + just before the user's shell (or command) is started. See the sshd(8) manual page for more information. $HOME/.ssh/environment @@ -606,8 +611,8 @@ AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and cre- - ated OpenSSH. Markus Friedl contributed the support for SSH protocol + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -BSD September 25, 1999 BSD +OpenBSD 3.4 September 25, 1999 10 diff -ru --new-file openssh-3.7p1/ssh_config.0 openssh-3.7.1p1/ssh_config.0 --- openssh-3.7p1/ssh_config.0 2003-09-16 16:13:38.000000000 +1000 +++ openssh-3.7.1p1/ssh_config.0 2003-09-17 07:38:39.000000000 +1000 @@ -1,4 +1,4 @@ -SSH_CONFIG(5) BSD File Formats Manual SSH_CONFIG(5) +SSH_CONFIG(5) OpenBSD Programmer's Manual SSH_CONFIG(5) NAME ssh_config - OpenSSH SSH client configuration files @@ -11,11 +11,11 @@ ssh obtains configuration data from the following sources in the follow- ing order: 1. command-line options - 2. userM-bM-^@M-^Ys configuration file ($HOME/.ssh/config) + 2. user's configuration file ($HOME/.ssh/config) 3. system-wide configuration file (/etc/ssh/ssh_config) For each parameter, the first obtained value will be used. The configu- - ration files contain sections bracketed by M-bM-^@M-^\HostM-bM-^@M-^] specifications, and + ration files contain sections bracketed by ``Host'' specifications, and that section is only applied for hosts that match one of the patterns given in the specification. The matched host name is the one given on the command line. @@ -26,11 +26,11 @@ The configuration file has the following format: - Empty lines and lines starting with M-bM-^@M-^X#M-bM-^@M-^Y are comments. + Empty lines and lines starting with `#' are comments. - Otherwise a line is of the format M-bM-^@M-^\keyword argumentsM-bM-^@M-^]. Configuration + Otherwise a line is of the format ``keyword arguments''. Configuration options may be separated by whitespace or optional whitespace and exactly - one M-bM-^@M-^X=M-bM-^@M-^Y; the latter format is useful to avoid the need to quote whites- + one `='; the latter format is useful to avoid the need to quote whites- pace when specifying configuration options using the ssh, scp and sftp -o option. @@ -39,54 +39,54 @@ Host Restricts the following declarations (up to the next Host key- word) to be only for those hosts that match one of the patterns - given after the keyword. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be used as wildcards in - the patterns. A single M-bM-^@M-^X*M-bM-^@M-^Y as a pattern can be used to provide + given after the keyword. `*' and `?' can be used as wildcards in + the patterns. A single `*' as a pattern can be used to provide global defaults for all hosts. The host is the hostname argument given on the command line (i.e., the name is not converted to a canonicalized host name before matching). AddressFamily - Specifies which address family to use when connecting. Valid - arguments are M-bM-^@M-^\anyM-bM-^@M-^], M-bM-^@M-^\inetM-bM-^@M-^] (Use IPv4 only) or M-bM-^@M-^\inet6M-bM-^@M-^] (Use IPv6 - only.) + Specifies which address family to use when connecting. Valid ar- + guments are ``any'', ``inet'' (Use IPv4 only) or ``inet6'' (Use + IPv6 only.) BatchMode - If set to M-bM-^@M-^\yesM-bM-^@M-^], passphrase/password querying will be disabled. + If set to ``yes'', passphrase/password querying will be disabled. This option is useful in scripts and other batch jobs where no user is present to supply the password. The argument must be - M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + ``yes'' or ``no''. The default is ``no''. BindAddress Specify the interface to transmit from on machines with multiple interfaces or aliased addresses. Note that this option does not - work if UsePrivilegedPort is set to M-bM-^@M-^\yesM-bM-^@M-^]. + work if UsePrivilegedPort is set to ``yes''. ChallengeResponseAuthentication Specifies whether to use challenge response authentication. The - argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. + argument to this keyword must be ``yes'' or ``no''. The default + is ``yes''. CheckHostIP - If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh will additionally check the - host IP address in the known_hosts file. This allows ssh to - detect if a host key changed due to DNS spoofing. If the option - is set to M-bM-^@M-^\noM-bM-^@M-^], the check will not be executed. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. + If this flag is set to ``yes'', ssh will additionally check the + host IP address in the known_hosts file. This allows ssh to de- + tect if a host key changed due to DNS spoofing. If the option is + set to ``no'', the check will not be executed. The default is + ``yes''. Cipher Specifies the cipher to use for encrypting the session in proto- - col version 1. Currently, M-bM-^@M-^\blowfishM-bM-^@M-^], M-bM-^@M-^\3desM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^] are sup- - ported. des is only supported in the ssh client for interoper- - ability with legacy protocol 1 implementations that do not sup- - port the 3des cipher. Its use is strongly discouraged due to - cryptographic weaknesses. The default is M-bM-^@M-^\3desM-bM-^@M-^]. + col version 1. Currently, ``blowfish'', ``3des'', and ``des'' + are supported. des is only supported in the ssh client for in- + teroperability with legacy protocol 1 implementations that do not + support the 3des cipher. Its use is strongly discouraged due to + cryptographic weaknesses. The default is ``3des''. Ciphers Specifies the ciphers allowed for protocol version 2 in order of - preference. Multiple ciphers must be comma-separated. The - default is + preference. Multiple ciphers must be comma-separated. The de- + fault is - M-bM-^@M-^XM-bM-^@M-^Xaes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, - aes192-cbc,aes256-cbcM-bM-^@M-^YM-bM-^@M-^Y + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, + aes192-cbc,aes256-cbc'' ClearAllForwardings Specifies that all local, remote and dynamic port forwardings @@ -94,11 +94,11 @@ cleared. This option is primarily useful when used from the ssh command line to clear port forwardings set in configuration files, and is automatically set by scp(1) and sftp(1). The argu- - ment must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + ment must be ``yes'' or ``no''. The default is ``no''. Compression - Specifies whether to use compression. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] - or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + Specifies whether to use compression. The argument must be + ``yes'' or ``no''. The default is ``no''. CompressionLevel Specifies the compression level to use if compression is enabled. @@ -108,61 +108,61 @@ option applies to protocol version 1 only. ConnectionAttempts - Specifies the number of tries (one per second) to make before - exiting. The argument must be an integer. This may be useful in + Specifies the number of tries (one per second) to make before ex- + iting. The argument must be an integer. This may be useful in scripts if the connection sometimes fails. The default is 1. ConnectTimeout Specifies the timeout (in seconds) used when connecting to the ssh server, instead of using the default system TCP timeout. - This value is used only when the target is down or really - unreachable, not when it refuses the connection. + This value is used only when the target is down or really un- + reachable, not when it refuses the connection. DynamicForward Specifies that a TCP/IP port on the local machine be forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. The argument must be a port number. Currently the SOCKS4 and - SOCKS5 protocols are supported, and ssh will act as a SOCKS - server. Multiple forwardings may be specified, and additional - forwardings can be given on the command line. Only the superuser + SOCKS5 protocols are supported, and ssh will act as a SOCKS serv- + er. Multiple forwardings may be specified, and additional for- + wardings can be given on the command line. Only the superuser can forward privileged ports. EnableSSHKeysign - Setting this option to M-bM-^@M-^\yesM-bM-^@M-^] in the global client configuration + Setting this option to ``yes'' in the global client configuration file /etc/ssh/ssh_config enables the use of the helper program ssh-keysign(8) during HostbasedAuthentication. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. See ssh-keysign(8) for - more information. + be ``yes'' or ``no''. The default is ``no''. See ssh-keysign(8) + for more information. EscapeChar - Sets the escape character (default: M-bM-^@M-^X~M-bM-^@M-^Y). The escape character + Sets the escape character (default: `~'). The escape character can also be set on the command line. The argument should be a - single character, M-bM-^@M-^X^M-bM-^@M-^Y followed by a letter, or M-bM-^@M-^\noneM-bM-^@M-^] to disable - the escape character entirely (making the connection transparent - for binary data). + single character, `^' followed by a letter, or ``none'' to dis- + able the escape character entirely (making the connection trans- + parent for binary data). ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + be ``yes'' or ``no''. The default is ``no''. Agent forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the - agentM-bM-^@M-^Ys Unix-domain socket) can access the local agent through + agent's Unix-domain socket) can access the local agent through the forwarded connection. An attacker cannot obtain key material from the agent, however they can perform operations on the keys that enable them to authenticate using the identities loaded into the agent. ForwardX11 - Specifies whether X11 connections will be automatically redi- - rected over the secure channel and DISPLAY set. The argument - must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + Specifies whether X11 connections will be automatically redirect- + ed over the secure channel and DISPLAY set. The argument must be + ``yes'' or ``no''. The default is ``no''. X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the - userM-bM-^@M-^Ys X authorization database) can access the local X11 display + user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. @@ -171,34 +171,35 @@ forwarded ports. By default, ssh binds local port forwardings to the loopback address. This prevents other remote hosts from con- necting to forwarded ports. GatewayPorts can be used to specify - that ssh should bind local port forwardings to the wildcard - address, thus allowing remote hosts to connect to forwarded - ports. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + that ssh should bind local port forwardings to the wildcard ad- + dress, thus allowing remote hosts to connect to forwarded ports. + The argument must be ``yes'' or ``no''. The default is ``no''. GlobalKnownHostsFile Specifies a file to use for the global host key database instead of /etc/ssh/ssh_known_hosts. GSSAPIAuthentication - Specifies whether authentication based on GSSAPI may be used, - either using the result of a successful key exchange, or using - GSSAPI user authentication. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that - this option applies to protocol version 2 only. + Specifies whether authentication based on GSSAPI may be used, ei- + ther using the result of a successful key exchange, or using GSS- + API user authentication. The default is ``yes''. Note that this + option applies to protocol version 2 only. GSSAPIDelegateCredentials Forward (delegate) credentials to the server. The default is - M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol version 2 only. + ``no''. Note that this option applies to protocol version 2 on- + ly. HostbasedAuthentication Specifies whether to try rhosts based authentication with public - key authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 2 only - and is similar to RhostsRSAAuthentication. + key authentication. The argument must be ``yes'' or ``no''. The + default is ``no''. This option applies to protocol version 2 on- + ly and is similar to RhostsRSAAuthentication. HostKeyAlgorithms Specifies the protocol version 2 host key algorithms that the client wants to use in order of preference. The default for this - option is: M-bM-^@M-^\ssh-rsa,ssh-dssM-bM-^@M-^]. + option is: ``ssh-rsa,ssh-dss''. HostKeyAlias Specifies an alias that should be used instead of the real host @@ -214,13 +215,13 @@ tions). IdentityFile - Specifies a file from which the userM-bM-^@M-^Ys RSA or DSA authentication + Specifies a file from which the user's RSA or DSA authentication identity is read. The default is $HOME/.ssh/identity for proto- col version 1, and $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa for protocol version 2. Additionally, any identities represented by the authentication agent will be used for authentication. The - file name may use the tilde syntax to refer to a userM-bM-^@M-^Ys home - directory. It is possible to have multiple identity files speci- + file name may use the tilde syntax to refer to a user's home di- + rectory. It is possible to have multiple identity files speci- fied in configuration files; all these identities will be tried in sequence. @@ -231,11 +232,11 @@ this means that connections will die if the route is down tem- porarily, and some people find it annoying. - The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send keepalives), and the client will + The default is ``yes'' (to send keepalives), and the client will notice if the network goes down or the remote host dies. This is important in scripts, and many users want it too. - To disable keepalives, the value should be set to M-bM-^@M-^\noM-bM-^@M-^]. + To disable keepalives, the value should be set to ``no''. LocalForward Specifies that a TCP/IP port on the local machine be forwarded @@ -253,20 +254,20 @@ DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of verbose output. - MACs Specifies the MAC (message authentication code) algorithms in - order of preference. The MAC algorithm is used in protocol ver- - sion 2 for data integrity protection. Multiple algorithms must - be comma-separated. The default is - M-bM-^@M-^\hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96M-bM-^@M-^]. + MACs Specifies the MAC (message authentication code) algorithms in or- + der of preference. The MAC algorithm is used in protocol version + 2 for data integrity protection. Multiple algorithms must be + comma-separated. The default is ``hmac-md5,hmac-sha1,hmac- + ripemd160,hmac-sha1-96,hmac-md5-96''. NoHostAuthenticationForLocalhost This option can be used if the home directory is shared across - machines. In this case localhost will refer to a different - machine on each of the machines and the user will get many warn- - ings about changed host keys. However, this option disables host - authentication for localhost. The argument to this keyword must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is to check the host key for - localhost. + machines. In this case localhost will refer to a different ma- + chine on each of the machines and the user will get many warnings + about changed host keys. However, this option disables host au- + thentication for localhost. The argument to this keyword must be + ``yes'' or ``no''. The default is to check the host key for lo- + calhost. NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The @@ -274,43 +275,44 @@ PasswordAuthentication Specifies whether to use password authentication. The argument - to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. + to this keyword must be ``yes'' or ``no''. The default is + ``yes''. Port Specifies the port number to connect on the remote host. Default is 22. PreferredAuthentications - Specifies the order in which the client should try protocol 2 - authentication methods. This allows a client to prefer one - method (e.g. keyboard-interactive) over another method (e.g. - password) The default for this option is: - M-bM-^@M-^\hostbased,publickey,keyboard-interactive,passwordM-bM-^@M-^]. + Specifies the order in which the client should try protocol 2 au- + thentication methods. This allows a client to prefer one method + (e.g. keyboard-interactive) over another method (e.g. password) + The default for this option is: ``hostbased,publickey,keyboard- + interactive,password''. Protocol Specifies the protocol versions ssh should support in order of - preference. The possible values are M-bM-^@M-^\1M-bM-^@M-^] and M-bM-^@M-^\2M-bM-^@M-^]. Multiple ver- - sions must be comma-separated. The default is M-bM-^@M-^\2,1M-bM-^@M-^]. This means - that ssh tries version 2 and falls back to version 1 if version 2 - is not available. + preference. The possible values are ``1'' and ``2''. Multiple + versions must be comma-separated. The default is ``2,1''. This + means that ssh tries version 2 and falls back to version 1 if + version 2 is not available. ProxyCommand Specifies the command to use to connect to the server. The com- mand string extends to the end of the line, and is executed with - /bin/sh. In the command string, M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted by the - host name to connect and M-bM-^@M-^X%pM-bM-^@M-^Y by the port. The command can be + /bin/sh. In the command string, `%h' will be substituted by the + host name to connect and `%p' by the port. The command can be basically anything, and should read from its standard input and write to its standard output. It should eventually connect an sshd(8) server running on some machine, or execute sshd -i some- where. Host key management will be done using the HostName of - the host being connected (defaulting to the name typed by the - user). Setting the command to M-bM-^@M-^\noneM-bM-^@M-^] disables this option - entirely. Note that CheckHostIP is not available for connects - with a proxy command. + the host being connected (defaulting to the name typed by the us- + er). Setting the command to ``none'' disables this option en- + tirely. Note that CheckHostIP is not available for connects with + a proxy command. PubkeyAuthentication Specifies whether to try public key authentication. The argument - to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. - This option applies to protocol version 2 only. + to this keyword must be ``yes'' or ``no''. The default is + ``yes''. This option applies to protocol version 2 only. RemoteForward Specifies that a TCP/IP port on the remote machine be forwarded @@ -323,45 +325,46 @@ RhostsRSAAuthentication Specifies whether to try rhosts based authentication with RSA - host authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only - and requires ssh to be setuid root. + host authentication. The argument must be ``yes'' or ``no''. + The default is ``no''. This option applies to protocol version 1 + only and requires ssh to be setuid root. RSAAuthentication Specifies whether to try RSA authentication. The argument to - this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. RSA authentication will only - be attempted if the identity file exists, or an authentication - agent is running. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option - applies to protocol version 1 only. + this keyword must be ``yes'' or ``no''. RSA authentication will + only be attempted if the identity file exists, or an authentica- + tion agent is running. The default is ``yes''. Note that this + option applies to protocol version 1 only. SmartcardDevice Specifies which smartcard device to use. The argument to this keyword is the device ssh should use to communicate with a smart- - card used for storing the userM-bM-^@M-^Ys private RSA key. By default, no + card used for storing the user's private RSA key. By default, no device is specified and smartcard support is not activated. StrictHostKeyChecking - If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh will never automatically add + If this flag is set to ``yes'', ssh will never automatically add host keys to the $HOME/.ssh/known_hosts file, and refuses to con- nect to hosts whose host key has changed. This provides maximum protection against trojan horse attacks, however, can be annoying when the /etc/ssh/ssh_known_hosts file is poorly maintained, or connections to new hosts are frequently made. This option forces the user to manually add all new hosts. If this flag is set to - M-bM-^@M-^\noM-bM-^@M-^], ssh will automatically add new host keys to the user known - hosts files. If this flag is set to M-bM-^@M-^\askM-bM-^@M-^], new host keys will be - added to the user known host files only after the user has con- - firmed that is what they really want to do, and ssh will refuse - to connect to hosts whose host key has changed. The host keys of - known hosts will be verified automatically in all cases. The - argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^] or M-bM-^@M-^\askM-bM-^@M-^]. The default is M-bM-^@M-^\askM-bM-^@M-^]. + ``no'', ssh will automatically add new host keys to the user + known hosts files. If this flag is set to ``ask'', new host keys + will be added to the user known host files only after the user + has confirmed that is what they really want to do, and ssh will + refuse to connect to hosts whose host key has changed. The host + keys of known hosts will be verified automatically in all cases. + The argument must be ``yes'', ``no'' or ``ask''. The default is + ``ask''. UsePrivilegedPort Specifies whether to use a privileged port for outgoing connec- - tions. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - If set to M-bM-^@M-^\yesM-bM-^@M-^] ssh must be setuid root. Note that this option - must be set to M-bM-^@M-^\yesM-bM-^@M-^] for RhostsRSAAuthentication with older - servers. + tions. The argument must be ``yes'' or ``no''. The default is + ``no''. If set to ``yes'' ssh must be setuid root. Note that + this option must be set to ``yes'' for RhostsRSAAuthentication + with older servers. User Specifies the user to log in as. This can be useful when a dif- ferent user name is used on different machines. This saves the @@ -374,7 +377,7 @@ VerifyHostKeyDNS Specifies whether to verify the remote key using DNS and SSHFP - resource records. The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option + resource records. The default is ``no''. Note that this option applies to protocol version 2 only. XAuthLocation @@ -386,12 +389,12 @@ This is the per-user configuration file. The format of this file is described above. This file is used by the ssh client. This file does not usually contain any sensitive information, but the - recommended permissions are read/write for the user, and not - accessible by others. + recommended permissions are read/write for the user, and not ac- + cessible by others. /etc/ssh/ssh_config Systemwide configuration file. This file provides defaults for - those values that are not specified in the userM-bM-^@M-^Ys configuration + those values that are not specified in the user's configuration file, and for those users who do not have a configuration file. This file must be world-readable. @@ -405,4 +408,4 @@ ated OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -BSD September 25, 1999 BSD +OpenBSD 3.4 September 25, 1999 7 diff -ru --new-file openssh-3.7p1/sshd.0 openssh-3.7.1p1/sshd.0 --- openssh-3.7p1/sshd.0 2003-09-16 16:13:37.000000000 +1000 +++ openssh-3.7.1p1/sshd.0 2003-09-17 07:38:38.000000000 +1000 @@ -1,4 +1,4 @@ -SSHD(8) BSD System ManagerM-bM-^@M-^Ys Manual SSHD(8) +SSHD(8) OpenBSD System Manager's Manual SSHD(8) NAME sshd - OpenSSH SSH daemon @@ -14,24 +14,25 @@ intended to be as easy to install and use as possible. sshd is the daemon that listens for connections from clients. It is nor- - mally started at boot from /etc/rc. It forks a new daemon for each - incoming connection. The forked daemons handle key exchange, encryption, + mally started at boot from /etc/rc. It forks a new daemon for each in- + coming connection. The forked daemons handle key exchange, encryption, authentication, command execution, and data exchange. This implementa- tion of sshd supports both SSH protocol version 1 and 2 simultaneously. sshd works as follows: SSH protocol version 1 + Each host has a host-specific RSA key (normally 1024 bits) used to iden- tify the host. Additionally, when the daemon starts, it generates a - server RSA key (normally 768 bits). This key is normally regenerated - every hour if it has been used, and is never stored on disk. + server RSA key (normally 768 bits). This key is normally regenerated ev- + ery hour if it has been used, and is never stored on disk. Whenever a client connects, the daemon responds with its public host and server keys. The client compares the RSA host key against its own database to verify that it has not changed. The client then generates a 256 bit random number. It encrypts this random number using both the - host key and the server key, and sends the encrypted number to the - server. Both sides then use this random number as a session key which is + host key and the server key, and sends the encrypted number to the serv- + er. Both sides then use this random number as a session key which is used to encrypt all further communications in the session. The rest of the session is encrypted using a conventional cipher, currently Blowfish or 3DES, with 3DES being used by default. The client selects the encryp- @@ -39,19 +40,19 @@ Next, the server and the client enter an authentication dialog. The client tries to authenticate itself using .rhosts authentication, .rhosts - authentication combined with RSA host authentication, RSA challenge- - response authentication, or password based authentication. + authentication combined with RSA host authentication, RSA challenge-re- + sponse authentication, or password based authentication. Regardless of the authentication type, the account is checked to ensure that it is accessible. An account is not accessible if it is locked, listed in DenyUsers or its group is listed in DenyGroups . The defini- tion of a locked account is system dependant. Some platforms have their - own account database (eg AIX) and some modify the passwd field ( M-bM-^@M-^X*LK*M-bM-^@M-^Y - on Solaris, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on Tru64 and a leading - M-bM-^@M-^X!!M-bM-^@M-^Y on Linux). If there is a requirement to disable password authenti- + own account database (eg AIX) and some modify the passwd field ( `*LK*' + on Solaris, `*' on HP-UX, containing `Nologin' on Tru64 and a leading + `!!' on Linux). If there is a requirement to disable password authenti- cation for the account while allowing still public-key, then the passwd - field should be set to something other than these values (eg M-bM-^@M-^XNPM-bM-^@M-^Y or - M-bM-^@M-^X*NP*M-bM-^@M-^Y ). + field should be set to something other than these values (eg `NP' or + `*NP*' ). Rhosts authentication is normally disabled because it is fundamentally insecure, but can be enabled in the server configuration file if desired. @@ -59,6 +60,7 @@ abled (thus completely disabling rlogin and rsh into the machine). SSH protocol version 2 + Version 2 works similarly: Each host has a host-specific key (RSA or DSA) used to identify the host. However, when the daemon starts, it does not generate a server key. Forward security is provided through a Diffie- @@ -67,10 +69,9 @@ The rest of the session is encrypted using a symmetric cipher, currently 128 bit AES, Blowfish, 3DES, CAST128, Arcfour, 192 bit AES, or 256 bit - AES. The client selects the encryption algorithm to use from those - offered by the server. Additionally, session integrity is provided - through a cryptographic message authentication code (hmac-sha1 or hmac- - md5). + AES. The client selects the encryption algorithm to use from those of- + fered by the server. Additionally, session integrity is provided through + a cryptographic message authentication code (hmac-sha1 or hmac-md5). Protocol version 2 provides a public key based user (PubkeyAuthentica- tion) or client host (HostbasedAuthentication) authentication method, @@ -78,6 +79,7 @@ ods. Command execution and data forwarding + If the client successfully authenticates itself, a dialog for preparing the session is entered. At this time the client may request things like allocating a pseudo-tty, forwarding X11 connections, forwarding TCP/IP @@ -110,8 +112,8 @@ -d Debug mode. The server sends verbose debug output to the system log, and does not put itself in the background. The server also will not fork and will only process one connection. This option - is only intended for debugging for the server. Multiple -d - options increase the debugging level. Maximum is 3. + is only intended for debugging for the server. Multiple -d op- + tions increase the debugging level. Maximum is 3. -e When this option is specified, sshd will send the output to the standard error instead of the system log. @@ -122,10 +124,10 @@ figuration file. -g login_grace_time - Gives the grace time for clients to authenticate themselves - (default 120 seconds). If the client fails to authenticate the - user within this many seconds, the server disconnects and exits. - A value of zero indicates no limit. + Gives the grace time for clients to authenticate themselves (de- + fault 120 seconds). If the client fails to authenticate the user + within this many seconds, the server disconnects and exits. A + value of zero indicates no limit. -h host_key_file Specifies a file from which a host key is read. This option must @@ -139,9 +141,9 @@ -i Specifies that sshd is being run from inetd(8). sshd is normally not run from inetd because it needs to generate the server key before it can respond to the client, and this may take tens of - seconds. Clients would have to wait too long if the key was - regenerated every time. However, with small key sizes (e.g., - 512) using sshd from inetd may be feasible. + seconds. Clients would have to wait too long if the key was re- + generated every time. However, with small key sizes (e.g., 512) + using sshd from inetd may be feasible. -k key_gen_time Specifies how often the ephemeral protocol version 1 server key @@ -163,8 +165,8 @@ fied in the configuration file are ignored when a command-line port is specified. - -q Quiet mode. Nothing is sent to the system log. Normally the - beginning, authentication, and termination of each connection is + -q Quiet mode. Nothing is sent to the system log. Normally the be- + ginning, authentication, and termination of each connection is logged. -t Test mode. Only check the validity of the configuration file and @@ -179,10 +181,10 @@ indicates that only dotted decimal addresses should be put into the utmp file. -u0 may also be used to prevent sshd from making DNS requests unless the authentication mechanism or configuration - requires it. Authentication mechanisms that may require DNS - include RhostsRSAAuthentication, HostbasedAuthentication and - using a from="pattern-list" option in a key file. Configuration - options that require DNS include using a USER@HOST pattern in + requires it. Authentication mechanisms that may require DNS in- + clude RhostsRSAAuthentication, HostbasedAuthentication and using + a from="pattern-list" option in a key file. Configuration op- + tions that require DNS include using a USER@HOST pattern in AllowUsers or DenyUsers. -D When this option is specified sshd will not detach and does not @@ -214,18 +216,18 @@ 5. Sets up basic environment. - 6. Reads $HOME/.ssh/environment if it exists and users are - allowed to change their environment. See the + 6. Reads $HOME/.ssh/environment if it exists and users are al- + lowed to change their environment. See the PermitUserEnvironment option in sshd_config(5). - 7. Changes to userM-bM-^@M-^Ys home directory. + 7. Changes to user's home directory. - 8. If $HOME/.ssh/rc exists, runs it; else if /etc/ssh/sshrc - exists, runs it; otherwise runs xauth. The M-bM-^@M-^\rcM-bM-^@M-^] files are + 8. If $HOME/.ssh/rc exists, runs it; else if /etc/ssh/sshrc ex- + ists, runs it; otherwise runs xauth. The ``rc'' files are given the X11 authentication protocol and cookie in standard input. - 9. Runs userM-bM-^@M-^Ys shell or command. + 9. Runs user's shell or command. AUTHORIZED_KEYS FILE FORMAT $HOME/.ssh/authorized_keys is the default file that lists the public keys @@ -234,7 +236,7 @@ AuthorizedKeysFile may be used to specify an alternative file. Each line of the file contains one key (empty lines and lines starting - with a M-bM-^@M-^X#M-bM-^@M-^Y are ignored as comments). Each RSA public key consists of the + with a `#' are ignored as comments). Each RSA public key consists of the following fields, separated by spaces: options, bits, exponent, modulus, comment. Each protocol version 2 public key consists of: options, key- type, base64 encoded key, comment. The options field is optional; its @@ -242,11 +244,11 @@ (the options field never starts with a number). The bits, exponent, mod- ulus and comment fields give the RSA key for protocol version 1; the com- ment field is not used for anything (but may be convenient for the user - to identify the key). For protocol version 2 the keytype is M-bM-^@M-^\ssh-dssM-bM-^@M-^] or - M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. + to identify the key). For protocol version 2 the keytype is ``ssh-dss'' + or ``ssh-rsa''. - Note that lines in this file are usually several hundred bytes long - (because of the size of the public key encoding). You donM-bM-^@M-^Yt want to type + Note that lines in this file are usually several hundred bytes long (be- + cause of the size of the public key encoding). You don't want to type them in; instead, copy the identity.pub, id_dsa.pub or the id_rsa.pub file and edit it. @@ -261,31 +263,31 @@ from="pattern-list" Specifies that in addition to public key authentication, the canonical name of the remote host must be present in the comma- - separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y serve as wildcards). The + separated list of patterns (`*' and `?' serve as wildcards). The list may also contain patterns negated by prefixing them with - M-bM-^@M-^X!M-bM-^@M-^Y; if the canonical host name matches a negated pattern, the + `!'; if the canonical host name matches a negated pattern, the key is not accepted. The purpose of this option is to optionally increase security: public key authentication by itself does not trust the network or name servers or anything (but the key); how- - ever, if somebody somehow steals the key, the key permits an - intruder to log in from anywhere in the world. This additional - option makes using a stolen key more difficult (name servers - and/or routers would have to be compromised in addition to just - the key). + ever, if somebody somehow steals the key, the key permits an in- + truder to log in from anywhere in the world. This additional op- + tion makes using a stolen key more difficult (name servers and/or + routers would have to be compromised in addition to just the + key). command="command" Specifies that the command is executed whenever this key is used for authentication. The command supplied by the user (if any) is ignored. The command is run on a pty if the client requests a pty; otherwise it is run without a tty. If an 8-bit clean chan- - nel is required, one must not request a pty or should specify - no-pty. A quote may be included in the command by quoting it - with a backslash. This option might be useful to restrict cer- - tain public keys to perform just a specific operation. An exam- - ple might be a key that permits remote backups but nothing else. - Note that the client may specify TCP/IP and/or X11 forwarding - unless they are explicitly prohibited. Note that this option - applies to shell, command or subsystem execution. + nel is required, one must not request a pty or should specify no- + pty. A quote may be included in the command by quoting it with a + backslash. This option might be useful to restrict certain pub- + lic keys to perform just a specific operation. An example might + be a key that permits remote backups but nothing else. Note that + the client may specify TCP/IP and/or X11 forwarding unless they + are explicitly prohibited. Note that this option applies to + shell, command or subsystem execution. environment="NAME=value" Specifies that the string is to be added to the environment when @@ -297,8 +299,8 @@ no-port-forwarding Forbids TCP/IP forwarding when this key is used for authentica- - tion. Any port forward requests by the client will return an - error. This might be used, e.g., in connection with the command + tion. Any port forward requests by the client will return an er- + ror. This might be used, e.g., in connection with the command option. no-X11-forwarding @@ -312,45 +314,45 @@ no-pty Prevents tty allocation (a request to allocate a pty will fail). permitopen="host:port" - Limit local M-bM-^@M-^XM-bM-^@M-^Xssh -LM-bM-^@M-^YM-bM-^@M-^Y port forwarding such that it may only con- + Limit local ``ssh -L'' port forwarding such that it may only con- nect to the specified host and port. IPv6 addresses can be spec- ified with an alternative syntax: host/port. Multiple permitopen options may be applied separated by commas. No pattern matching - is performed on the specified hostnames, they must be literal - domains or addresses. + is performed on the specified hostnames, they must be literal do- + mains or addresses. Examples 1024 33 12121...312314325 ylo@foo.bar from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula - command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 - backup.hut.fi + command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 back- + up.hut.fi permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323 SSH_KNOWN_HOSTS FILE FORMAT The /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts files contain host public keys for all known hosts. The global file should be prepared - by the administrator (optional), and the per-user file is maintained - automatically: whenever the user connects from an unknown host its key is + by the administrator (optional), and the per-user file is maintained au- + tomatically: whenever the user connects from an unknown host its key is added to the per-user file. Each line in these files contains the following fields: hostnames, bits, exponent, modulus, comment. The fields are separated by spaces. - Hostnames is a comma-separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y act as wild- + Hostnames is a comma-separated list of patterns (`*' and `?' act as wild- cards); each pattern in turn is matched against the canonical host name (when authenticating a client) or against the user-supplied name (when - authenticating a server). A pattern may also be preceded by M-bM-^@M-^X!M-bM-^@M-^Y to indi- - cate negation: if the host name matches a negated pattern, it is not - accepted (by that line) even if it matched another pattern on the line. + authenticating a server). A pattern may also be preceded by `!' to indi- + cate negation: if the host name matches a negated pattern, it is not ac- + cepted (by that line) even if it matched another pattern on the line. Bits, exponent, and modulus are taken directly from the RSA host key; they can be obtained, e.g., from /etc/ssh/ssh_host_key.pub. The optional comment field continues to the end of the line, and is not used. - Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are ignored as comments. + Lines starting with `#' and empty lines are ignored as comments. When performing host authentication, authentication is accepted if any matching line has the proper key. It is thus permissible (but not recom- @@ -361,11 +363,12 @@ be found from either file. Note that the lines in these files are typically hundreds of characters - long, and you definitely donM-bM-^@M-^Yt want to type in the host keys by hand. + long, and you definitely don't want to type in the host keys by hand. Rather, generate them by a script or by taking /etc/ssh/ssh_host_key.pub and adding the host names at the front. Examples + closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= @@ -409,11 +412,11 @@ $HOME/.ssh/authorized_keys Lists the public keys (RSA or DSA) that can be used to log into - the userM-bM-^@M-^Ys account. This file must be readable by root (which - may on some machines imply it being world-readable if the userM-bM-^@M-^Ys + the user's account. This file must be readable by root (which + may on some machines imply it being world-readable if the user's home directory resides on an NFS volume). It is recommended that - it not be accessible by others. The format of this file is - described above. Users will place the contents of their + it not be accessible by others. The format of this file is de- + scribed above. Users will place the contents of their identity.pub, id_dsa.pub and/or id_rsa.pub files into this file, as described in ssh-keygen(1). @@ -434,8 +437,8 @@ world-readable. /etc/hosts.allow, /etc/hosts.deny - Access controls that should be enforced by tcp-wrappers are - defined here. Further details are described in hosts_access(5). + Access controls that should be enforced by tcp-wrappers are de- + fined here. Further details are described in hosts_access(5). $HOME/.rhosts This file contains host-username pairs, separated by a space, one @@ -460,22 +463,21 @@ they have the same user name on both machines. The host name may also be followed by a user name; such users are permitted to log in as any user on this machine (except root). Additionally, the - syntax M-bM-^@M-^\+@groupM-bM-^@M-^] can be used to specify netgroups. Negated - entries start with M-bM-^@M-^X-M-bM-^@M-^Y. + syntax ``+@group'' can be used to specify netgroups. Negated en- + tries start with `-'. - If the client host/user is successfully matched in this file, - login is automatically permitted provided the client and server - user names are the same. Additionally, successful RSA host - authentication is normally required. This file must be writable - only by root; it is recommended that it be world-readable. + If the client host/user is successfully matched in this file, lo- + gin is automatically permitted provided the client and server us- + er names are the same. Additionally, successful RSA host authen- + tication is normally required. This file must be writable only + by root; it is recommended that it be world-readable. Warning: It is almost never a good idea to use user names in hosts.equiv. Beware that it really means that the named user(s) can log in as anybody, which includes bin, daemon, adm, and other - accounts that own critical binaries and directories. Using a - user name practically grants the user root access. The only - valid use for user names that I can think of is in negative - entries. + accounts that own critical binaries and directories. Using a us- + er name practically grants the user root access. The only valid + use for user names that I can think of is in negative entries. Note that this warning also applies to rsh/rlogin. @@ -487,33 +489,33 @@ $HOME/.ssh/environment This file is read into the environment at login (if it exists). It can only contain empty lines, comment lines (that start with - M-bM-^@M-^X#M-bM-^@M-^Y), and assignment lines of the form name=value. The file + `#'), and assignment lines of the form name=value. The file should be writable only by the user; it need not be readable by anyone else. Environment processing is disabled by default and is controlled via the PermitUserEnvironment option. $HOME/.ssh/rc - If this file exists, it is run with /bin/sh after reading the - environment files but before starting the userM-bM-^@M-^Ys shell or com- - mand. It must not produce any output on stdout; stderr must be - used instead. If X11 forwarding is in use, it will receive the - "proto cookie" pair in its standard input (and DISPLAY in its - environment). The script must call xauth(1) because sshd will - not run xauth automatically to add X11 cookies. + If this file exists, it is run with /bin/sh after reading the en- + vironment files but before starting the user's shell or command. + It must not produce any output on stdout; stderr must be used in- + stead. If X11 forwarding is in use, it will receive the "proto + cookie" pair in its standard input (and DISPLAY in its environ- + ment). The script must call xauth(1) because sshd will not run + xauth automatically to add X11 cookies. The primary purpose of this file is to run any initialization - routines which may be needed before the userM-bM-^@M-^Ys home directory - becomes accessible; AFS is a particular example of such an envi- - ronment. + routines which may be needed before the user's home directory be- + comes accessible; AFS is a particular example of such an environ- + ment. This file will probably contain some initialization code followed by something similar to: if read proto cookie && [ -n "$DISPLAY" ]; then - if [ M-bM-^@M-^Xecho $DISPLAY | cut -c1-10M-bM-^@M-^X = M-bM-^@M-^Ylocalhost:M-bM-^@M-^Y ]; then + if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then # X11UseLocalhost=yes - echo add unix:M-bM-^@M-^Xecho $DISPLAY | - cut -c11-M-bM-^@M-^X $proto $cookie + echo add unix:`echo $DISPLAY | + cut -c11-` $proto $cookie else # X11UseLocalhost=no echo add $DISPLAY $proto $cookie @@ -546,9 +548,9 @@ AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and cre- - ated OpenSSH. Markus Friedl contributed the support for SSH protocol + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -BSD September 25, 1999 BSD +OpenBSD 3.4 September 25, 1999 9 diff -ru --new-file openssh-3.7p1/sshd_config.0 openssh-3.7.1p1/sshd_config.0 --- openssh-3.7p1/sshd_config.0 2003-09-16 16:13:37.000000000 +1000 +++ openssh-3.7.1p1/sshd_config.0 2003-09-17 07:38:39.000000000 +1000 @@ -1,4 +1,4 @@ -SSHD_CONFIG(5) BSD File Formats Manual SSHD_CONFIG(5) +SSHD_CONFIG(5) OpenBSD Programmer's Manual SSHD_CONFIG(5) NAME sshd_config - OpenSSH SSH daemon configuration file @@ -9,7 +9,7 @@ DESCRIPTION sshd reads configuration data from /etc/ssh/sshd_config (or the file specified with -f on the command line). The file contains keyword-argu- - ment pairs, one per line. Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are + ment pairs, one per line. Lines starting with `#' and empty lines are interpreted as comments. The possible keywords and their meanings are as follows (note that key- @@ -19,36 +19,36 @@ This keyword can be followed by a list of group name patterns, separated by spaces. If specified, login is allowed only for users whose primary group or supplementary group list matches one - of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be used as wildcards in the + of the patterns. `*' and `?' can be used as wildcards in the patterns. Only group names are valid; a numerical group ID is not recognized. By default, login is allowed for all groups. AllowTcpForwarding Specifies whether TCP forwarding is permitted. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. Note that disabling TCP forwarding does not improve secu- - rity unless users are also denied shell access, as they can - always install their own forwarders. + ``yes''. Note that disabling TCP forwarding does not improve se- + curity unless users are also denied shell access, as they can al- + ways install their own forwarders. AllowUsers This keyword can be followed by a list of user name patterns, - separated by spaces. If specified, login is allowed only for - user names that match one of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be - used as wildcards in the patterns. Only user names are valid; a - numerical user ID is not recognized. By default, login is - allowed for all users. If the pattern takes the form USER@HOST - then USER and HOST are separately checked, restricting logins to - particular users from particular hosts. + separated by spaces. If specified, login is allowed only for us- + er names that match one of the patterns. `*' and `?' can be used + as wildcards in the patterns. Only user names are valid; a nu- + merical user ID is not recognized. By default, login is allowed + for all users. If the pattern takes the form USER@HOST then USER + and HOST are separately checked, restricting logins to particular + users from particular hosts. AuthorizedKeysFile Specifies the file that contains the public keys that can be used for user authentication. AuthorizedKeysFile may contain tokens of the form %T which are substituted during connection set-up. The following tokens are defined: %% is replaced by a literal - M-bM-^@M-^Y%M-bM-^@M-^Y, %h is replaced by the home directory of the user being - authenticated and %u is replaced by the username of that user. - After expansion, AuthorizedKeysFile is taken to be an absolute - path or one relative to the userM-bM-^@M-^Ys home directory. The default - is M-bM-^@M-^\.ssh/authorized_keysM-bM-^@M-^]. + '%', %h is replaced by the home directory of the user being au- + thenticated and %u is replaced by the username of that user. Af- + ter expansion, AuthorizedKeysFile is taken to be an absolute path + or one relative to the user's home directory. The default is + ``.ssh/authorized_keys''. Banner In some jurisdictions, sending a warning message before authenti- cation may be relevant for getting legal protection. The con- @@ -59,14 +59,14 @@ ChallengeResponseAuthentication Specifies whether challenge response authentication is allowed. All authentication styles from login.conf(5) are supported. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. + default is ``yes''. Ciphers Specifies the ciphers allowed for protocol version 2. Multiple ciphers must be comma-separated. The default is - M-bM-^@M-^XM-bM-^@M-^Xaes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, - aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctrM-bM-^@M-^YM-bM-^@M-^Y + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, + aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr'' ClientAliveInterval Sets a timeout interval in seconds after which if no data has @@ -78,8 +78,8 @@ ClientAliveCountMax Sets the number of client alive messages (see above) which may be sent without sshd receiving any messages back from the client. - If this threshold is reached while client alive messages are - being sent, sshd will disconnect the client, terminating the ses- + If this threshold is reached while client alive messages are be- + ing sent, sshd will disconnect the client, terminating the ses- sion. It is important to note that the use of client alive mes- sages is very different from KeepAlive (below). The client alive messages are sent through the encrypted channel and therefore @@ -94,20 +94,20 @@ Compression Specifies whether compression is allowed. The argument must be - M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. + ``yes'' or ``no''. The default is ``yes''. DenyGroups This keyword can be followed by a list of group name patterns, separated by spaces. Login is disallowed for users whose primary group or supplementary group list matches one of the patterns. - M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be used as wildcards in the patterns. Only group - names are valid; a numerical group ID is not recognized. By - default, login is allowed for all groups. + `*' and `?' can be used as wildcards in the patterns. Only group + names are valid; a numerical group ID is not recognized. By de- + fault, login is allowed for all groups. DenyUsers This keyword can be followed by a list of user name patterns, separated by spaces. Login is disallowed for user names that - match one of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be used as wildcards + match one of the patterns. `*' and `?' can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are @@ -121,25 +121,25 @@ hosts from connecting to forwarded ports. GatewayPorts can be used to specify that sshd should bind remote port forwardings to the wildcard address, thus allowing remote hosts to connect to - forwarded ports. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. + forwarded ports. The argument must be ``yes'' or ``no''. The + default is ``no''. GSSAPIAuthentication Specifies whether user authentication based on GSSAPI is allowed. - The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol + The default is ``no''. Note that this option applies to protocol version 2 only. GSSAPICleanupCredentials - Specifies whether to automatically destroy the userM-bM-^@M-^Ys credentials - cache on logout. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option + Specifies whether to automatically destroy the user's credentials + cache on logout. The default is ``yes''. Note that this option applies to protocol version 2 only. HostbasedAuthentication - Specifies whether rhosts or /etc/hosts.equiv authentication - together with successful public key client host authentication is + Specifies whether rhosts or /etc/hosts.equiv authentication to- + gether with successful public key client host authentication is allowed (hostbased authentication). This option is similar to RhostsRSAAuthentication and applies to protocol version 2 only. - The default is M-bM-^@M-^\noM-bM-^@M-^]. + The default is ``no''. HostKey Specifies a file containing a private host key used by SSH. The @@ -147,20 +147,20 @@ /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro- tocol version 2. Note that sshd will refuse to use a file if it is group/world-accessible. It is possible to have multiple host - key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] - are used for version 2 of the SSH protocol. + key files. ``rsa1'' keys are used for version 1 and ``dsa'' or + ``rsa'' are used for version 2 of the SSH protocol. IgnoreRhosts Specifies that .rhosts and .shosts files will not be used in RhostsRSAAuthentication or HostbasedAuthentication. - /etc/hosts.equiv and /etc/shosts.equiv are still used. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. + /etc/hosts.equiv and /etc/shosts.equiv are still used. The de- + fault is ``yes''. IgnoreUserKnownHosts - Specifies whether sshd should ignore the userM-bM-^@M-^Ys + Specifies whether sshd should ignore the user's $HOME/.ssh/known_hosts during RhostsRSAAuthentication or - HostbasedAuthentication. The default is M-bM-^@M-^\noM-bM-^@M-^]. + HostbasedAuthentication. The default is ``no''. KeepAlive Specifies whether the system should send TCP keepalive messages @@ -169,29 +169,29 @@ this means that connections will die if the route is down tem- porarily, and some people find it annoying. On the other hand, if keepalives are not sent, sessions may hang indefinitely on the - server, leaving M-bM-^@M-^\ghostM-bM-^@M-^] users and consuming server resources. + server, leaving ``ghost'' users and consuming server resources. - The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send keepalives), and the server will + The default is ``yes'' (to send keepalives), and the server will notice if the network goes down or the client host crashes. This avoids infinitely hanging sessions. - To disable keepalives, the value should be set to M-bM-^@M-^\noM-bM-^@M-^]. + To disable keepalives, the value should be set to ``no''. KerberosAuthentication Specifies whether the password provided by the user for PasswordAuthentication will be validated through the Kerberos KDC. To use this option, the server needs a Kerberos servtab - which allows the verification of the KDCM-bM-^@M-^Ys identity. Default is - M-bM-^@M-^\noM-bM-^@M-^]. + which allows the verification of the KDC's identity. Default is + ``no''. KerberosOrLocalPasswd If set then if password authentication through Kerberos fails then the password will be validated via any additional local - mechanism such as /etc/passwd. Default is M-bM-^@M-^\yesM-bM-^@M-^]. + mechanism such as /etc/passwd. Default is ``yes''. KerberosTicketCleanup - Specifies whether to automatically destroy the userM-bM-^@M-^Ys ticket - cache file on logout. Default is M-bM-^@M-^\yesM-bM-^@M-^]. + Specifies whether to automatically destroy the user's ticket + cache file on logout. Default is ``yes''. KeyRegenerationInterval In protocol version 1, the ephemeral server key is automatically @@ -230,55 +230,55 @@ MACs Specifies the available MAC (message authentication code) algo- rithms. The MAC algorithm is used in protocol version 2 for data - integrity protection. Multiple algorithms must be comma-sepa- - rated. The default is - M-bM-^@M-^\hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96M-bM-^@M-^]. + integrity protection. Multiple algorithms must be comma-separat- + ed. The default is ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac- + sha1-96,hmac-md5-96''. MaxStartups Specifies the maximum number of concurrent unauthenticated con- nections to the sshd daemon. Additional connections will be - dropped until authentication succeeds or the LoginGraceTime - expires for a connection. The default is 10. + dropped until authentication succeeds or the LoginGraceTime ex- + pires for a connection. The default is 10. Alternatively, random early drop can be enabled by specifying the - three colon separated values M-bM-^@M-^\start:rate:fullM-bM-^@M-^] (e.g., + three colon separated values ``start:rate:full'' (e.g., "10:30:60"). sshd will refuse connection attempts with a proba- - bility of M-bM-^@M-^\rate/100M-bM-^@M-^] (30%) if there are currently M-bM-^@M-^\startM-bM-^@M-^] (10) - unauthenticated connections. The probability increases linearly - and all connection attempts are refused if the number of unau- - thenticated connections reaches M-bM-^@M-^\fullM-bM-^@M-^] (60). + bility of ``rate/100'' (30%) if there are currently ``start'' + (10) unauthenticated connections. The probability increases lin- + early and all connection attempts are refused if the number of + unauthenticated connections reaches ``full'' (60). PasswordAuthentication - Specifies whether password authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. + Specifies whether password authentication is allowed. The de- + fault is ``yes''. PermitEmptyPasswords When password authentication is allowed, it specifies whether the server allows login to accounts with empty password strings. The - default is M-bM-^@M-^\noM-bM-^@M-^]. + default is ``no''. PermitRootLogin Specifies whether root can login using ssh(1). The argument must - be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\without-passwordM-bM-^@M-^], M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. - The default is M-bM-^@M-^\yesM-bM-^@M-^]. + be ``yes'', ``without-password'', ``forced-commands-only'' or + ``no''. The default is ``yes''. - If this option is set to M-bM-^@M-^\without-passwordM-bM-^@M-^] password authentica- - tion is disabled for root. + If this option is set to ``without-password'' password authenti- + cation is disabled for root. - If this option is set to M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^] root login with + If this option is set to ``forced-commands-only'' root login with public key authentication will be allowed, but only if the command option has been specified (which may be useful for taking remote backups even if root login is normally not allowed). All other authentication methods are disabled for root. - If this option is set to M-bM-^@M-^\noM-bM-^@M-^] root is not allowed to login. + If this option is set to ``no'' root is not allowed to login. PermitUserEnvironment Specifies whether ~/.ssh/environment and environment= options in ~/.ssh/authorized_keys are processed by sshd. The default is - M-bM-^@M-^\noM-bM-^@M-^]. Enabling environment processing may enable users to bypass - access restrictions in some configurations using mechanisms such - as LD_PRELOAD. + ``no''. Enabling environment processing may enable users to by- + pass access restrictions in some configurations using mechanisms + such as LD_PRELOAD. PidFile Specifies the file that contains the process ID of the sshd dae- @@ -290,38 +290,39 @@ PrintLastLog Specifies whether sshd should print the date and time when the - user last logged in. The default is M-bM-^@M-^\yesM-bM-^@M-^]. + user last logged in. The default is ``yes''. PrintMotd Specifies whether sshd should print /etc/motd when a user logs in interactively. (On some systems it is also printed by the shell, - /etc/profile, or equivalent.) The default is M-bM-^@M-^\yesM-bM-^@M-^]. + /etc/profile, or equivalent.) The default is ``yes''. Protocol Specifies the protocol versions sshd supports. The possible val- - ues are M-bM-^@M-^\1M-bM-^@M-^] and M-bM-^@M-^\2M-bM-^@M-^]. Multiple versions must be comma-separated. - The default is M-bM-^@M-^\2,1M-bM-^@M-^]. Note that the order of the protocol list - does not indicate preference, because the client selects among - multiple protocol versions offered by the server. Specifying - M-bM-^@M-^\2,1M-bM-^@M-^] is identical to M-bM-^@M-^\1,2M-bM-^@M-^]. + ues are ``1'' and ``2''. Multiple versions must be comma-sepa- + rated. The default is ``2,1''. Note that the order of the pro- + tocol list does not indicate preference, because the client se- + lects among multiple protocol versions offered by the server. + Specifying ``2,1'' is identical to ``1,2''. PubkeyAuthentication - Specifies whether public key authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option applies to protocol ver- - sion 2 only. RhostsRSAAuthentication should be used instead, - because it performs RSA-based host authentication in addition to + Specifies whether public key authentication is allowed. The de- + fault is ``yes''. Note that this option applies to protocol ver- + sion 2 only. RhostsRSAAuthentication should be used instead, be- + cause it performs RSA-based host authentication in addition to normal rhosts or /etc/hosts.equiv authentication. The default is - M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only. + ``no''. This option applies to protocol version 1 only. RhostsRSAAuthentication - Specifies whether rhosts or /etc/hosts.equiv authentication - together with successful RSA host authentication is allowed. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only. + Specifies whether rhosts or /etc/hosts.equiv authentication to- + gether with successful RSA host authentication is allowed. The + default is ``no''. This option applies to protocol version 1 on- + ly. RSAAuthentication - Specifies whether pure RSA authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. This option applies to protocol version 1 - only. + Specifies whether pure RSA authentication is allowed. The de- + fault is ``yes''. This option applies to protocol version 1 on- + ly. ServerKeyBits Defines the number of bits in the ephemeral protocol version 1 @@ -329,34 +330,34 @@ StrictModes Specifies whether sshd should check file modes and ownership of - the userM-bM-^@M-^Ys files and home directory before accepting login. This + the user's files and home directory before accepting login. This is normally desirable because novices sometimes accidentally leave their directory or files world-writable. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. + ``yes''. Subsystem Configures an external subsystem (e.g., file transfer daemon). - Arguments should be a subsystem name and a command to execute - upon subsystem request. The command sftp-server(8) implements - the M-bM-^@M-^\sftpM-bM-^@M-^] file transfer subsystem. By default no subsystems are - defined. Note that this option applies to protocol version 2 - only. + Arguments should be a subsystem name and a command to execute up- + on subsystem request. The command sftp-server(8) implements the + ``sftp'' file transfer subsystem. By default no subsystems are + defined. Note that this option applies to protocol version 2 on- + ly. SyslogFacility Gives the facility code that is used when logging messages from - sshd. The possible values are: DAEMON, USER, AUTH, LOCAL0, - LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The - default is AUTH. + sshd. The possible values are: DAEMON, USER, AUTH, LOCAL0, LO- + CAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The de- + fault is AUTH. UseDNS Specifies whether sshd should lookup the remote host name and check that the resolved host name for the remote IP address maps - back to the very same IP address. The default is M-bM-^@M-^\yesM-bM-^@M-^]. + back to the very same IP address. The default is ``yes''. UseLogin Specifies whether login(1) is used for interactive login ses- - sions. The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that login(1) is never used - for remote command execution. Note also, that if this is - enabled, X11Forwarding will be disabled because login(1) does not + sions. The default is ``no''. Note that login(1) is never used + for remote command execution. Note also, that if this is en- + abled, X11Forwarding will be disabled because login(1) does not know how to handle xauth(1) cookies. If UsePrivilegeSeparation is specified, it will be disabled after authentication. @@ -366,35 +367,35 @@ to run sshd as a non-root user. UsePrivilegeSeparation - Specifies whether sshd separates privileges by creating an - unprivileged child process to deal with incoming network traffic. + Specifies whether sshd separates privileges by creating an un- + privileged child process to deal with incoming network traffic. After successful authentication, another process will be created that has the privilege of the authenticated user. The goal of privilege separation is to prevent privilege escalation by con- taining any corruption within the unprivileged processes. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. + default is ``yes''. X11DisplayOffset - Specifies the first display number available for sshdM-bM-^@M-^Ys X11 for- + Specifies the first display number available for sshd's X11 for- warding. This prevents sshd from interfering with real X11 servers. The default is 10. X11Forwarding Specifies whether X11 forwarding is permitted. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + be ``yes'' or ``no''. The default is ``no''. When X11 forwarding is enabled, there may be additional exposure to the server and to client displays if the sshd proxy display is configured to listen on the wildcard address (see X11UseLocalhost - below), however this is not the default. Additionally, the - authentication spoofing and authentication data verification and - substitution occur on the client side. The security risk of - using X11 forwarding is that the clientM-bM-^@M-^Ys X11 display server may - be exposed to attack when the ssh client requests forwarding (see + below), however this is not the default. Additionally, the au- + thentication spoofing and authentication data verification and + substitution occur on the client side. The security risk of us- + ing X11 forwarding is that the client's X11 display server may be + exposed to attack when the ssh client requests forwarding (see the warnings for ForwardX11 in ssh_config(5)). A system adminis- trator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting - X11 forwarding, which can warrant a M-bM-^@M-^\noM-bM-^@M-^] setting. + X11 forwarding, which can warrant a ``no'' setting. Note that disabling X11 forwarding does not prevent users from forwarding X11 traffic, as users can always install their own @@ -406,12 +407,12 @@ the loopback address or to the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DISPLAY environment variable to - M-bM-^@M-^\localhostM-bM-^@M-^]. This prevents remote hosts from connecting to the + ``localhost''. This prevents remote hosts from connecting to the proxy display. However, some older X11 clients may not function - with this configuration. X11UseLocalhost may be set to M-bM-^@M-^\noM-bM-^@M-^] to + with this configuration. X11UseLocalhost may be set to ``no'' to specify that the forwarding server should be bound to the wild- - card address. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default - is M-bM-^@M-^\yesM-bM-^@M-^]. + card address. The argument must be ``yes'' or ``no''. The de- + fault is ``yes''. XAuthLocation Specifies the full pathname of the xauth(1) program. The default @@ -456,4 +457,4 @@ versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -BSD September 25, 1999 BSD +OpenBSD 3.4 September 25, 1999 7 diff -ru --new-file openssh-3.7p1/version.h openssh-3.7.1p1/version.h --- openssh-3.7p1/version.h 2003-09-03 12:12:54.000000000 +1000 +++ openssh-3.7.1p1/version.h 2003-09-17 07:34:12.000000000 +1000 @@ -1,3 +1,3 @@ -/* $OpenBSD: version.h,v 1.37 2003/04/01 10:56:46 markus Exp $ */ +/* $OpenBSD: version.h,v 1.39 2003/09/16 21:02:40 markus Exp $ */ -#define SSH_VERSION "OpenSSH_3.7p1" +#define SSH_VERSION "OpenSSH_3.7.1p1"