README.openssh2 - third_party/openssh-portable - Git at Google

 $Id: README.openssh2,v 1.8 2000/05/07 18:30:03 markus Exp $

 howto:
 	1) generate server key:
 		$ ssh-keygen -d -f /etc/ssh_host_dsa_key -N ''
 	2) enable ssh2:
 		server: add 'Protocol 2,1' to /etc/sshd_config
 		client: ssh -o 'Protocol 2,1', or add to .ssh/config
 	3) DSA authentication similar to RSA (add keys to ~/.ssh/authorized_keys2)
 	   interop w/ ssh.com dsa-keys:
 		ssh-keygen -f /key/from/ssh.com -X >> ~/.ssh/authorized_keys2
 	   and vice versa
 		ssh-keygen -f /privatekey/from/openssh -x > ~/.ssh2/mykey.pub
 		echo Key mykey.pub >> ~/.ssh2/authorization

 works:
 	secsh-transport: works w/o rekey
 		proposal exchange, i.e. different enc/mac/comp per direction
 		encryption: blowfish-cbc, 3des-cbc, arcfour, cast128-cbc
 		mac: hmac-md5, hmac-sha1, (hmac-ripemd160)
 		compression: zlib, none
 	secsh-userauth: passwd and pubkey with DSA
 	secsh-connection: pty+shell or command, flow control works (window adjust)
 		tcp-forwarding: -L works, -R incomplete
 		x11-fwd
 	dss/dsa: host key database in ~/.ssh/known_hosts2
 	client interops w/ sshd2, lshd
 	server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT, F-Secure SSH Client 4.0, SecureFX (secure ftp)
 	server supports multiple concurrent sessions (e.g. with SSH.com Windows client)
 todo:
 	re-keying
 	secsh-connection features:
 		 tcp-forwarding, agent-fwd
 	auth other than passwd, and DSA-pubkey:
 		 keyboard-interactive, (PGP-pubkey?)
 	config
 	server-auth w/ old host-keys
 	cleanup
 	advanced key storage?
 	keynote
 	sftp

 -markus
 $Date: 2000/05/07 18:30:03 $
	$Id: README.openssh2,v 1.8 2000/05/07 18:30:03 markus Exp $

	howto:
	1) generate server key:
	$ ssh-keygen -d -f /etc/ssh_host_dsa_key -N ''
	2) enable ssh2:
	server: add 'Protocol 2,1' to /etc/sshd_config
	client: ssh -o 'Protocol 2,1', or add to .ssh/config
	3) DSA authentication similar to RSA (add keys to ~/.ssh/authorized_keys2)
	interop w/ ssh.com dsa-keys:
	ssh-keygen -f /key/from/ssh.com -X >> ~/.ssh/authorized_keys2
	and vice versa
	ssh-keygen -f /privatekey/from/openssh -x > ~/.ssh2/mykey.pub
	echo Key mykey.pub >> ~/.ssh2/authorization

	works:
	secsh-transport: works w/o rekey
	proposal exchange, i.e. different enc/mac/comp per direction
	encryption: blowfish-cbc, 3des-cbc, arcfour, cast128-cbc
	mac: hmac-md5, hmac-sha1, (hmac-ripemd160)
	compression: zlib, none
	secsh-userauth: passwd and pubkey with DSA
	secsh-connection: pty+shell or command, flow control works (window adjust)
	tcp-forwarding: -L works, -R incomplete
	x11-fwd
	dss/dsa: host key database in ~/.ssh/known_hosts2
	client interops w/ sshd2, lshd
	server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT, F-Secure SSH Client 4.0, SecureFX (secure ftp)
	server supports multiple concurrent sessions (e.g. with SSH.com Windows client)
	todo:
	re-keying
	secsh-connection features:
	tcp-forwarding, agent-fwd
	auth other than passwd, and DSA-pubkey:
	keyboard-interactive, (PGP-pubkey?)
	config
	server-auth w/ old host-keys
	cleanup
	advanced key storage?
	keynote
	sftp

	-markus
	$Date: 2000/05/07 18:30:03 $