SSH 2.0.10
==============

        Timo J. Rinne <tri@ssh.fi>
	Sami Lehtinen <sjl@ssh.fi>
        17 September 1998
	
	See file LICENSING for licensing terms.


   What has changed since ssh 1 ?
   ------------------------------

      - ssh has been 98% rewritten

      - support other key-exchange methods besides double-encrypting
        rsa key exchange. The current distribution comes with Diffie-Hellman
        key exchange.

      - support for DSA and other public key algorithms besides RSA.

      - the protocol is more secure and allows future integration into
        public key infrastructures

      - the protocol complies with upcoming `secsh' internet standard.

      - support for "subsystems", platform-independent modules that
        implement particular functions such as file transfers

      - built-in SOCKS support

      - new feature: sftp, the secure file transfer protocol (name will
        probably change)


   Feedback
   --------

      bugs:   ssh2-bugs@ssh.fi
      other:  ssh2@ssh.fi



SSH2 Binaries
=============

      ssh2            ssh2 client.

      sshd2           ssh2 daemon.

      sftp2           sftp client (needs ssh2). Type "?" in the command line
                      for help.

      sftp-server2    sftp server (executed by sshd2).

      scp2            scp client

      ssh-keygen2     utility for generating keys. -h for help.

      ssh-add2        add identities to the authentication agent.

      ssh-agent2      the authentication agent

      ssh-askpass2    X11 utility for querying passwords.



Installation
============

   1. uncompress the distribution
   ------------------------------

      > zcat ssh-2.0.x.tar.gz | tar xf -

      This should create a subdirectory ssh-2.0.x.

      > cd ssh-2.0.x


   2. compile ssh2
   ---------------

      Read the NOTES-section found in the end of this file.

      > ./configure
      > make

      If this fails, find and fix the problem. Report it to ssh2-bugs@ssh.fi.
      Try again :-)

   3. run the install script
   -------------------------

      Get a root shell and change to the ssh-2.0.x directory.

      # make install

      This should set everything up and create the host key.

      The old files are moved to *.old names. If you don't want them
      around, goto apps/ssh and run 

      # make clean-up-old

      which will delete them.

      NOTE: This host key has relatively little entropy. We'll have
            to actually stir in more randomness to create strong
            keys. We'll fix this later..

   4. configure sshd2
   ------------------

      Set up the following files:


ssh 2 files
===========

      Public keys have a .pub suffix, private keys have none. Example:

         id_dsa_1024_a        A 1024-bit DSA private key
         id_dsa_1024_a.pub    Corresponding public key

      There is no "known_hosts", as in ssh1. The host keys are stored
      in separate files in ~/.ssh2/hostkeys .


   ~/.ssh2/hostkeys/key_xxxx_yyyy.pub
   -----------------------------

      would be the public host key of the ssh2 daemon running in port xxxx
      of the host yyyy.


   /etc/ssh2/hostkey.pub  and  /etc/ssh2/hostkey
   -----------------------------------------

      Public and private hostkeys for sshd2. Created by "make install".


   ~/.ssh2/identification
   ----------------------

      Lists the private keys that can be used for authentication.

         # identification
         IdKey  id_dsa_1024_a

      This means that the private key in the file ~/.ssh2/id_dsa_1024_a
      is used for public key authentication.


   ~/.ssh2/authorization
   ---------------------

      Lists the public keys that are accepted for authentication on this
      host.

         # authorization
         Key     id_dsa_1024_a.pub

      This means that anyone, who holds the matching private key to the
      public key in the file $USER/.ssh2/id_dsa_1024_a.pub can log in as
      $USER.


   /etc/ssh2/sshd2_config
   --------------------

      Server configuration file. Copied here by "make install". See man
      page for details.

      The line:

         subsystem-sftp                  sftp-server

      means that when when a subsystem "sftp" is requested, the
      command "sftp-server" is started. For example, if our sshd2_config
      read:

         subsystem-quux                  echo "fiu poks pam"

      the command "ssh2 host -s quux" would simply print the text
      "fiu poks pam".


   ~/.ssh2/ssh2_config
   -------------------

       Client configuration file. See the global client config file
       ssh2_config in /etc/ssh2.


Platforms
=========

	Ssh 2.0 has been reportedly succesfully compiled and
	run on the following platforms.

	Processor	OS		OS-Versions
	-------------------------------------------------------------
	ix86		NetBSD		1.2, 1.3
	ix86		FreeBSD		2.2.x, 3.0-current
	ix86		Linux		2.0.34
	sparc		Solaris		2.6
			AIX		4.1

NOTES ON INSTALLATION AND USE:

	* Scp2 isn't compatible with scp1. If target server is
	running ssh-1.x.x, use scp1-command (the compatibility will, if
	possible, get fixed in the future).

	* If your system doesn't support, or has a broken version of
	non-blocking connect, run ./configure with
	-enable-blocking-connect .

	* compability with ssh1 works correctly ONLY IF your ssh1-version
	is 1.2.26 or better (1.2.26 is the latest). So be sure you have
	that!

	* IRIX-support still isn't complete.

	* If your Sun boots during a connect to sshd2, do the following.
	Fetch the latest patches from Sun, generate a new hostkey with the
	patched version, and try again (also, you might want to try
	--enable-blocking-connect etc).

THANKS
======	
	...to everyone who contributed to ssh2. If you feel that your
	name should be in this list, write mail to ssh2@ssh.fi. These
	are in no particular order.

	Dug Song
	Andreas Ley
	Troy Barbee
	Simon Burge
	Luigi Pugnetti
	
	... and everyone else who submitted bug-reports,
	feature-requests and patches.

