Home | History | Annotate | Line # | Download | only in dist
PROTOCOL revision 1.1.1.1
      1 This documents OpenSSH's deviations and extensions to the published SSH
      2 protocol.
      3 
      4 Note that OpenSSH's sftp and sftp-server implement revision 3 of the SSH
      5 filexfer protocol described in:
      6 
      7 http://www.openssh.com/txt/draft-ietf-secsh-filexfer-02.txt
      8 
      9 Features from newer versions of the draft are not supported, unless
     10 explicitly implemented as extensions described below.
     11 
     12 The protocol used by OpenSSH's ssh-agent is described in the file
     13 PROTOCOL.agent
     14 
     15 1. transport: Protocol 2 MAC algorithm "umac-64 (a] openssh.com"
     16 
     17 This is a new transport-layer MAC method using the UMAC algorithm
     18 (rfc4418). This method is identical to the "umac-64" method documented
     19 in:
     20 
     21 http://www.openssh.com/txt/draft-miller-secsh-umac-01.txt
     22 
     23 2. transport: Protocol 2 compression algorithm "zlib (a] openssh.com"
     24 
     25 This transport-layer compression method uses the zlib compression
     26 algorithm (identical to the "zlib" method in rfc4253), but delays the
     27 start of compression until after authentication has completed. This
     28 avoids exposing compression code to attacks from unauthenticated users.
     29 
     30 The method is documented in:
     31 
     32 http://www.openssh.com/txt/draft-miller-secsh-compression-delayed-00.txt
     33 
     34 3. connection: Channel write close extension "eow (a] openssh.com"
     35 
     36 The SSH connection protocol (rfc4254) provides the SSH_MSG_CHANNEL_EOF
     37 message to allow an endpoint to signal its peer that it will send no
     38 more data over a channel. Unfortunately, there is no symmetric way for
     39 an endpoint to request that its peer should cease sending data to it
     40 while still keeping the channel open for the endpoint to send data to
     41 the peer.
     42 
     43 This is desirable, since it saves the transmission of data that would
     44 otherwise need to be discarded and it allows an endpoint to signal local
     45 processes of the condition, e.g. by closing the corresponding file
     46 descriptor.
     47 
     48 OpenSSH implements a channel extension message to perform this
     49 signalling: "eow (a] openssh.com" (End Of Write). This message is sent by
     50 an endpoint when the local output of a session channel is closed or
     51 experiences a write error. The message is formatted as follows:
     52 
     53 	byte		SSH_MSG_CHANNEL_REQUEST
     54 	uint32		recipient channel
     55 	string		"eow (a] openssh.com"
     56 	boolean		FALSE
     57 
     58 On receiving this message, the peer SHOULD cease sending data of
     59 the channel and MAY signal the process from which the channel data
     60 originates (e.g. by closing its read file descriptor).
     61 
     62 As with the symmetric SSH_MSG_CHANNEL_EOF message, the channel does
     63 remain open after a "eow (a] openssh.com" has been sent and more data may
     64 still be sent in the other direction. This message does not consume
     65 window space and may be sent even if no window space is available.
     66 
     67 NB. due to certain broken SSH implementations aborting upon receipt
     68 of this message (in contravention of RFC4254 section 5.4), this
     69 message is only sent to OpenSSH peers (identified by banner).
     70 Other SSH implementations may be whitelisted to receive this message
     71 upon request.
     72 
     73 4. connection: disallow additional sessions extension
     74    "no-more-sessions (a] openssh.com"
     75 
     76 Most SSH connections will only ever request a single session, but a
     77 attacker may abuse a running ssh client to surreptitiously open
     78 additional sessions under their control. OpenSSH provides a global
     79 request "no-more-sessions (a] openssh.com" to mitigate this attack.
     80 
     81 When an OpenSSH client expects that it will never open another session
     82 (i.e. it has been started with connection multiplexing disabled), it
     83 will send the following global request:
     84 
     85 	byte		SSH_MSG_GLOBAL_REQUEST
     86 	string		"no-more-sessions (a] openssh.com"
     87 	char		want-reply
     88 
     89 On receipt of such a message, an OpenSSH server will refuse to open
     90 future channels of type "session" and instead immediately abort the
     91 connection.
     92 
     93 Note that this is not a general defence against compromised clients
     94 (that is impossible), but it thwarts a simple attack.
     95 
     96 NB. due to certain broken SSH implementations aborting upon receipt
     97 of this message, the no-more-sessions request is only sent to OpenSSH
     98 servers (identified by banner). Other SSH implementations may be
     99 whitelisted to receive this message upon request.
    100 
    101 5. connection: Tunnel forward extension "tun (a] openssh.com"
    102 
    103 OpenSSH supports layer 2 and layer 3 tunnelling via the "tun (a] openssh.com"
    104 channel type. This channel type supports forwarding of network packets
    105 with datagram boundaries intact between endpoints equipped with 
    106 interfaces like the BSD tun(4) device. Tunnel forwarding channels are
    107 requested by the client with the following packet:
    108 
    109 	byte		SSH_MSG_CHANNEL_OPEN
    110 	string		"tun (a] openssh.com"
    111 	uint32		sender channel
    112 	uint32		initial window size
    113 	uint32		maximum packet size
    114 	uint32		tunnel mode
    115 	uint32		remote unit number
    116 
    117 The "tunnel mode" parameter specifies whether the tunnel should forward
    118 layer 2 frames or layer 3 packets. It may take one of the following values:
    119 
    120 	SSH_TUNMODE_POINTOPOINT  1		/* layer 3 packets */
    121 	SSH_TUNMODE_ETHERNET     2		/* layer 2 frames */
    122 
    123 The "tunnel unit number" specifies the remote interface number, or may
    124 be zero to allow the server to automatically chose an interface. A server
    125 that is not willing to open a client-specified unit should refuse the
    126 request with a SSH_MSG_CHANNEL_OPEN_FAILURE error. On successful open,
    127 the server should reply with SSH_MSG_CHANNEL_OPEN_SUCCESS.
    128 
    129 Once established the client and server may exchange packet or frames
    130 over the tunnel channel by encapsulating them in SSH protocol strings
    131 and sending them as channel data. This ensures that packet boundaries
    132 are kept intact. Specifically, packets are transmitted using normal
    133 SSH_MSG_CHANNEL_DATA packets:
    134 
    135 	byte		SSH_MSG_CHANNEL_DATA
    136 	uint32		recipient channel
    137 	string		data
    138 
    139 The contents of the "data" field for layer 3 packets is:
    140 
    141 	uint32			packet length
    142 	uint32			address family
    143 	byte[packet length - 4]	packet data
    144 
    145 The "address family" field identifies the type of packet in the message.
    146 It may be one of:
    147 
    148 	SSH_TUN_AF_INET		2		/* IPv4 */
    149 	SSH_TUN_AF_INET6	24		/* IPv6 */
    150 
    151 The "packet data" field consists of the IPv4/IPv6 datagram itself
    152 without any link layer header.
    153 
    154 The contents of the "data" field for layer 3 packets is:
    155 
    156 	uint32			packet length
    157 	byte[packet length]	frame
    158 
    159 The "frame" field contains an IEEE 802.3 Ethernet frame, including
    160 header.
    161 
    162 6. sftp: Reversal of arguments to SSH_FXP_SYMLINK
    163 
    164 When OpenSSH's sftp-server was implemented, the order of the arguments
    165 to the SSH_FXP_SYMLINK method was inadvertently reversed. Unfortunately,
    166 the reversal was not noticed until the server was widely deployed. Since
    167 fixing this to follow the specification would cause incompatibility, the
    168 current order was retained. For correct operation, clients should send
    169 SSH_FXP_SYMLINK as follows:
    170 
    171 	uint32		id
    172 	string		targetpath
    173 	string		linkpath
    174 
    175 7. sftp: Server extension announcement in SSH_FXP_VERSION
    176 
    177 OpenSSH's sftp-server lists the extensions it supports using the
    178 standard extension announcement mechanism in the SSH_FXP_VERSION server
    179 hello packet:
    180 
    181 	uint32		3		/* protocol version */
    182 	string		ext1-name
    183 	string		ext1-version
    184 	string		ext2-name
    185 	string		ext2-version
    186 	...
    187 	string		extN-name
    188 	string		extN-version
    189 
    190 Each extension reports its integer version number as an ASCII encoded
    191 string, e.g. "1". The version will be incremented if the extension is
    192 ever changed in an incompatible way. The server MAY advertise the same
    193 extension with multiple versions (though this is unlikely). Clients MUST
    194 check the version number before attempting to use the extension.
    195 
    196 8. sftp: Extension request "posix-rename (a] openssh.com"
    197 
    198 This operation provides a rename operation with POSIX semantics, which
    199 are different to those provided by the standard SSH_FXP_RENAME in
    200 draft-ietf-secsh-filexfer-02.txt. This request is implemented as a
    201 SSH_FXP_EXTENDED request with the following format:
    202 
    203 	uint32		id
    204 	string		"posix-rename (a] openssh.com"
    205 	string		oldpath
    206 	string		newpath
    207 
    208 On receiving this request the server will perform the POSIX operation
    209 rename(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
    210 This extension is advertised in the SSH_FXP_VERSION hello with version
    211 "1".
    212 
    213 9. sftp: Extension requests "statvfs (a] openssh.com" and
    214          "fstatvfs (a] openssh.com"
    215 
    216 These requests correspond to the statvfs and fstatvfs POSIX system
    217 interfaces. The "statvfs (a] openssh.com" request operates on an explicit
    218 pathname, and is formatted as follows:
    219 
    220 	uint32		id
    221 	string		"statvfs (a] openssh.com"
    222 	string		path
    223 
    224 The "fstatvfs (a] openssh.com" operates on an open file handle:
    225 
    226 	uint32		id
    227 	string		"fstatvfs (a] openssh.com"
    228 	string		handle
    229 
    230 These requests return a SSH_FXP_STATUS reply on failure. On success they
    231 return the following SSH_FXP_EXTENDED_REPLY reply:
    232 
    233 	uint32		id
    234 	uint64		f_bsize		/* file system block size */
    235 	uint64		f_frsize	/* fundamental fs block size */
    236 	uint64		f_blocks	/* number of blocks (unit f_frsize) */
    237 	uint64		f_bfree		/* free blocks in file system */
    238 	uint64		f_bavail	/* free blocks for non-root */
    239 	uint64		f_files		/* total file inodes */
    240 	uint64		f_ffree		/* free file inodes */
    241 	uint64		f_favail	/* free file inodes for to non-root */
    242 	uint64		f_fsid		/* file system id */
    243 	uint64		f_flag		/* bit mask of f_flag values */
    244 	uint64		f_namemax	/* maximum filename length */
    245 
    246 The values of the f_flag bitmask are as follows:
    247 
    248 	#define SSH_FXE_STATVFS_ST_RDONLY	0x1	/* read-only */
    249 	#define SSH_FXE_STATVFS_ST_NOSUID	0x2	/* no setuid */
    250 
    251 Both the "statvfs (a] openssh.com" and "fstatvfs (a] openssh.com" extensions are
    252 advertised in the SSH_FXP_VERSION hello with version "2".
    253 
    254 $OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $
    255