1/* $OpenBSD: ssh.h,v 1.83 2015/12/11 03:19:09 djm Exp $ */
2
3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
5 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 *                    All rights reserved
7 *
8 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose.  Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is
11 * incompatible with the protocol description in the RFC file, it must be
12 * called by a name other than "ssh" or "Secure Shell".
13 */
14
15/* Cipher used for encrypting authentication files. */
16#define SSH_AUTHFILE_CIPHER	SSH_CIPHER_3DES
17
18/* Default port number. */
19#define SSH_DEFAULT_PORT	22
20
21/*
22 * Maximum number of certificate files that can be specified
23 * in configuration files or on the command line.
24 */
25#define SSH_MAX_CERTIFICATE_FILES	100
26
27/*
28 * Maximum number of RSA authentication identity files that can be specified
29 * in configuration files or on the command line.
30 */
31#define SSH_MAX_IDENTITY_FILES		100
32
33/*
34 * Maximum length of lines in authorized_keys file.
35 * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
36 * some room for options and comments.
37 */
38#define SSH_MAX_PUBKEY_BYTES		16384
39
40/*
41 * Major protocol version.  Different version indicates major incompatibility
42 * that prevents communication.
43 *
44 * Minor protocol version.  Different version indicates minor incompatibility
45 * that does not prevent interoperation.
46 */
47#define PROTOCOL_MAJOR_1	1
48#define PROTOCOL_MINOR_1	5
49
50/* We support both SSH1 and SSH2 */
51#define PROTOCOL_MAJOR_2	2
52#define PROTOCOL_MINOR_2	0
53
54/*
55 * Name for the service.  The port named by this service overrides the
56 * default port if present.
57 */
58#define SSH_SERVICE_NAME	"ssh"
59
60/*
61 * Name of the environment variable containing the process ID of the
62 * authentication agent.
63 */
64#define SSH_AGENTPID_ENV_NAME	"SSH_AGENT_PID"
65
66/*
67 * Name of the environment variable containing the pathname of the
68 * authentication socket.
69 */
70#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
71
72/*
73 * Environment variable for overwriting the default location of askpass
74 */
75#define SSH_ASKPASS_ENV		"SSH_ASKPASS"
76
77/*
78 * Force host key length and server key length to differ by at least this
79 * many bits.  This is to make double encryption with rsaref work.
80 */
81#define SSH_KEY_BITS_RESERVED		128
82
83/*
84 * Length of the session key in bytes.  (Specified as 256 bits in the
85 * protocol.)
86 */
87#define SSH_SESSION_KEY_LENGTH		32
88
89/* Used to identify ``EscapeChar none'' */
90#define SSH_ESCAPECHAR_NONE		-2
91
92/*
93 * unprivileged user when UsePrivilegeSeparation=yes;
94 * sshd will change its privileges to this user and its
95 * primary group.
96 */
97#ifndef SSH_PRIVSEP_USER
98#define SSH_PRIVSEP_USER		"sshd"
99#endif
100
101/* Minimum modulus size (n) for RSA keys. */
102#define SSH_RSA_MINIMUM_MODULUS_SIZE	768
103
104/* Listen backlog for sshd, ssh-agent and forwarding sockets */
105#define SSH_LISTEN_BACKLOG		128
106