Home | History | Annotate | Download | only in include
      1 /*
      2  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
      3  * Use is subject to license terms.
      4  */
      5 /*	$OpenBSD: pathnames.h,v 1.13 2002/05/23 19:24:30 markus Exp $	*/
      6 
      7 #ifndef	_PATHNAMES_H
      8 #define	_PATHNAMES_H
      9 
     10 #pragma ident	"%Z%%M%	%I%	%E% SMI"
     11 
     12 #ifdef __cplusplus
     13 extern "C" {
     14 #endif
     15 
     16 
     17 /*
     18  * Author: Tatu Ylonen <ylo (at) cs.hut.fi>
     19  * Copyright (c) 1995 Tatu Ylonen <ylo (at) cs.hut.fi>, Espoo, Finland
     20  *                    All rights reserved
     21  *
     22  * As far as I am concerned, the code I have written for this software
     23  * can be used freely for any purpose.  Any derived versions of this
     24  * software must be clearly marked as such, and if the derived work is
     25  * incompatible with the protocol description in the RFC file, it must be
     26  * called by a name other than "ssh" or "Secure Shell".
     27  */
     28 
     29 #define ETCDIR				"/etc"
     30 
     31 #ifndef SSHDIR
     32 #define SSHDIR				ETCDIR "/ssh"
     33 #endif
     34 
     35 #ifndef _PATH_SSH_PIDDIR
     36 #define _PATH_SSH_PIDDIR		"/var/run"
     37 #endif
     38 
     39 /*
     40  * System-wide file containing host keys of known hosts.  This file should be
     41  * world-readable.
     42  */
     43 #define _PATH_SSH_SYSTEM_HOSTFILE	SSHDIR "/ssh_known_hosts"
     44 /* backward compat for protocol 2 */
     45 #define _PATH_SSH_SYSTEM_HOSTFILE2	SSHDIR "/ssh_known_hosts2"
     46 
     47 /*
     48  * Of these, ssh_host_key must be readable only by root, whereas ssh_config
     49  * should be world-readable.
     50  */
     51 #define _PATH_SERVER_CONFIG_FILE	SSHDIR "/sshd_config"
     52 #define _PATH_HOST_CONFIG_FILE		SSHDIR "/ssh_config"
     53 #define _PATH_HOST_KEY_FILE		SSHDIR "/ssh_host_key"
     54 #define _PATH_HOST_DSA_KEY_FILE		SSHDIR "/ssh_host_dsa_key"
     55 #define _PATH_HOST_RSA_KEY_FILE		SSHDIR "/ssh_host_rsa_key"
     56 #define _PATH_DH_MODULI			SSHDIR "/moduli"
     57 /* Backwards compatibility */
     58 #define _PATH_DH_PRIMES			SSHDIR "/primes"
     59 
     60 #ifndef _PATH_SSH_PROGRAM
     61 #define _PATH_SSH_PROGRAM		"/usr/bin/ssh"
     62 #endif
     63 
     64 /*
     65  * The process id of the daemon listening for connections is saved here to
     66  * make it easier to kill the correct daemon when necessary.
     67  */
     68 #define _PATH_SSH_DAEMON_PID_FILE	_PATH_SSH_PIDDIR "/sshd.pid"
     69 
     70 /*
     71  * The directory in user\'s home directory in which the files reside. The
     72  * directory should be world-readable (though not all files are).
     73  */
     74 #define _PATH_SSH_USER_DIR		".ssh"
     75 
     76 /*
     77  * Per-user file containing host keys of known hosts.  This file need not be
     78  * readable by anyone except the user him/herself, though this does not
     79  * contain anything particularly secret.
     80  */
     81 #define _PATH_SSH_USER_HOSTFILE		"~/.ssh/known_hosts"
     82 /* backward compat for protocol 2 */
     83 #define _PATH_SSH_USER_HOSTFILE2	"~/.ssh/known_hosts2"
     84 
     85 /*
     86  * Name of the default file containing client-side authentication key. This
     87  * file should only be readable by the user him/herself.
     88  */
     89 #define _PATH_SSH_CLIENT_IDENTITY	".ssh/identity"
     90 #define _PATH_SSH_CLIENT_ID_DSA		".ssh/id_dsa"
     91 #define _PATH_SSH_CLIENT_ID_RSA		".ssh/id_rsa"
     92 
     93 /*
     94  * Configuration file in user\'s home directory.  This file need not be
     95  * readable by anyone but the user him/herself, but does not contain anything
     96  * particularly secret.  If the user\'s home directory resides on an NFS
     97  * volume where root is mapped to nobody, this may need to be world-readable.
     98  */
     99 #define _PATH_SSH_USER_CONFFILE		".ssh/config"
    100 
    101 /*
    102  * File containing a list of those rsa keys that permit logging in as this
    103  * user.  This file need not be readable by anyone but the user him/herself,
    104  * but does not contain anything particularly secret.  If the user\'s home
    105  * directory resides on an NFS volume where root is mapped to nobody, this
    106  * may need to be world-readable.  (This file is read by the daemon which is
    107  * running as root.)
    108  */
    109 #define _PATH_SSH_USER_PERMITTED_KEYS	".ssh/authorized_keys"
    110 
    111 /* backward compat for protocol v2 */
    112 #define _PATH_SSH_USER_PERMITTED_KEYS2	".ssh/authorized_keys2"
    113 
    114 /*
    115  * Per-user and system-wide ssh "rc" files.  These files are executed with
    116  * /bin/sh before starting the shell or command if they exist.  They will be
    117  * passed "proto cookie" as arguments if X11 forwarding with spoofing is in
    118  * use.  xauth will be run if neither of these exists.
    119  */
    120 #define _PATH_SSH_USER_RC		".ssh/rc"
    121 #define _PATH_SSH_SYSTEM_RC		SSHDIR "/sshrc"
    122 
    123 /*
    124  * Ssh-only version of /etc/hosts.equiv.  Additionally, the daemon may use
    125  * ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled.
    126  */
    127 #define _PATH_SSH_HOSTS_EQUIV		SSHDIR "/shosts.equiv"
    128 #define _PATH_RHOSTS_EQUIV		"/etc/hosts.equiv"
    129 
    130 /*
    131  * /etc/default/login
    132  */
    133 #define _PATH_DEFAULT_LOGIN		"/etc/default/login"
    134 
    135 /*
    136  * Default location of askpass
    137  */
    138 #ifndef _PATH_SSH_ASKPASS_DEFAULT
    139 #define _PATH_SSH_ASKPASS_DEFAULT	"/usr/lib/ssh/ssh-askpass"
    140 #endif
    141 
    142 /* Location of ssh-keysign for hostbased authentication */
    143 #ifndef _PATH_SSH_KEY_SIGN
    144 #define _PATH_SSH_KEY_SIGN            "/usr/lib/ssh/ssh-keysign"
    145 #endif
    146 
    147 /* xauth for X11 forwarding */
    148 #ifndef _PATH_XAUTH
    149 #define _PATH_XAUTH			"/usr/openwin/bin/xauth"
    150 #endif
    151 
    152 /* UNIX domain socket for X11 server; displaynum will replace %u */
    153 #ifndef _PATH_UNIX_X
    154 #define _PATH_UNIX_X "/tmp/.X11-unix/X%u"
    155 #endif
    156 
    157 /* for scp */
    158 #ifndef _PATH_CP
    159 #define _PATH_CP			"cp"
    160 #endif
    161 
    162 /* for sftp */
    163 #ifndef _PATH_SFTP_SERVER
    164 #define _PATH_SFTP_SERVER		"/usr/lib/ssh/sftp-server"
    165 #endif
    166 
    167 /* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */
    168 #ifndef _PATH_PRIVSEP_CHROOT_DIR
    169 #define _PATH_PRIVSEP_CHROOT_DIR	"/var/empty"
    170 #endif
    171 
    172 #ifndef _PATH_LS
    173 #define _PATH_LS			"ls"
    174 #endif
    175 
    176 /* path to login program */
    177 #ifndef LOGIN_PROGRAM
    178 # ifdef LOGIN_PROGRAM_FALLBACK
    179 #  define LOGIN_PROGRAM         LOGIN_PROGRAM_FALLBACK
    180 # else
    181 #  define LOGIN_PROGRAM         "/usr/bin/login"
    182 # endif
    183 #endif /* LOGIN_PROGRAM */
    184 
    185 /* Askpass program define */
    186 #ifndef ASKPASS_PROGRAM
    187 #define ASKPASS_PROGRAM         "/usr/lib/ssh/ssh-askpass"
    188 #endif /* ASKPASS_PROGRAM */
    189 
    190 #ifdef __cplusplus
    191 }
    192 #endif
    193 
    194 #endif /* _PATHNAMES_H */
    195