1 | SSH (Secure Shell) is a program to log into another computer over a |
---|
2 | network, to execute commands in a remote machine, and to move files |
---|
3 | from one machine to another. It provides strong authentication and |
---|
4 | secure communications over insecure channels. It is intended as a |
---|
5 | replacement for rlogin, rsh, rcp, and rdist. |
---|
6 | |
---|
7 | See the file INSTALL for installation instructions. See COPYING for |
---|
8 | license terms and other legal issues. See RFC for a description of |
---|
9 | the protocol. There is a WWW page for ssh; see http://www.cs.hut.fi/ssh. |
---|
10 | |
---|
11 | This file has been updated to match ssh-1.2.26 / f-secure ssh 1.3.6. |
---|
12 | |
---|
13 | |
---|
14 | FEATURES |
---|
15 | |
---|
16 | o Strong authentication. Closes several security holes (e.g., IP, |
---|
17 | routing, and DNS spoofing). New authentication methods: .rhosts |
---|
18 | together with RSA based host authentication, and pure RSA |
---|
19 | authentication. |
---|
20 | |
---|
21 | o Improved privacy. All communications are automatically and |
---|
22 | transparently encrypted. RSA is used for key exchange, and a |
---|
23 | conventional cipher (normally IDEA, Blowfish, or triple-DES) for |
---|
24 | encrypting the session. Encryption is started before |
---|
25 | authentication, and no passwords or other information is |
---|
26 | transmitted in the clear. Encryption is also used to protect |
---|
27 | against spoofed packets. |
---|
28 | |
---|
29 | o Secure X11 sessions. The program automatically sets DISPLAY on |
---|
30 | the server machine, and forwards any X11 connections over the |
---|
31 | secure channel. Fake Xauthority information is automatically |
---|
32 | generated and forwarded to the remote machine; the local client |
---|
33 | automatically examines incoming X11 connections and replaces the |
---|
34 | fake authorization data with the real data (never telling the |
---|
35 | remote machine the real information). |
---|
36 | |
---|
37 | o Arbitrary TCP/IP ports can be redirected through the encrypted channel |
---|
38 | in both directions (e.g., for e-cash transactions). |
---|
39 | |
---|
40 | o No retraining needed for normal users; everything happens |
---|
41 | automatically, and old .rhosts files will work with strong |
---|
42 | authentication if administration installs host key files. |
---|
43 | |
---|
44 | o Never trusts the network. Minimal trust on the remote side of |
---|
45 | the connection. Minimal trust on domain name servers. Pure RSA |
---|
46 | authentication never trusts anything but the private key. |
---|
47 | |
---|
48 | o Client RSA-authenticates the server machine in the beginning of |
---|
49 | every connection to prevent trojan horses (by routing or DNS |
---|
50 | spoofing) and man-in-the-middle attacks, and the server |
---|
51 | RSA-authenticates the client machine before accepting .rhosts or |
---|
52 | /etc/hosts.equiv authentication (to prevent DNS, routing, or |
---|
53 | IP-spoofing). |
---|
54 | |
---|
55 | o Host authentication key distribution can be centrally by the |
---|
56 | administration, automatically when the first connection is made |
---|
57 | to a machine (the key obtained on the first connection will be |
---|
58 | recorded and used for authentication in the future), or manually |
---|
59 | by each user for his/her own use. The central and per-user host |
---|
60 | key repositories are both used and complement each other. Host |
---|
61 | keys can be generated centrally or automatically when the software |
---|
62 | is installed. Host authentication keys are typically 1024 bits. |
---|
63 | |
---|
64 | o Any user can create any number of user authentication RSA keys for |
---|
65 | his/her own use. Each user has a file which lists the RSA public |
---|
66 | keys for which proof of possession of the corresponding private |
---|
67 | key is accepted as authentication. User authentication keys are |
---|
68 | typically 1024 bits. |
---|
69 | |
---|
70 | o The server program has its own server RSA key which is |
---|
71 | automatically regenerated every hour. This key is never saved in |
---|
72 | any file. Exchanged session keys are encrypted using both the |
---|
73 | server key and the server host key. The purpose of the separate |
---|
74 | server key is to make it impossible to decipher a captured session by |
---|
75 | breaking into the server machine at a later time; one hour from |
---|
76 | the connection even the server machine cannot decipher the session |
---|
77 | key. The key regeneration interval is configurable. The server |
---|
78 | key is normally 768 bits. |
---|
79 | |
---|
80 | o An authentication agent, running in the user's laptop or local |
---|
81 | workstation, can be used to hold the user's RSA authentication |
---|
82 | keys. Ssh automatically forwards the connection to the |
---|
83 | authentication agent over any connections, and there is no need to |
---|
84 | store the RSA authentication keys on any machine in the network |
---|
85 | (except the user's own local machine). The authentication |
---|
86 | protocols never reveal the keys; they can only be used to verify |
---|
87 | that the user's agent has a certain key. Eventually the agent |
---|
88 | could rely on a smart card to perform all authentication |
---|
89 | computations. |
---|
90 | |
---|
91 | o The software can be installed and used (with restricted |
---|
92 | functionality) even without root privileges. |
---|
93 | |
---|
94 | o The client is customizable in system-wide and per-user |
---|
95 | configuration files. Most aspects of the client's operation can |
---|
96 | be configured. Different options can be specified on a per-host basis. |
---|
97 | |
---|
98 | o Automatically executes conventional rsh (after displaying a |
---|
99 | warning) if the server machine is not running sshd. |
---|
100 | |
---|
101 | o Optional compression of all data with gzip (including forwarded X11 |
---|
102 | and TCP/IP port data), which may result in significant speedups on |
---|
103 | slow connections. |
---|
104 | |
---|
105 | o Complete replacement for rlogin, rsh, and rcp. |
---|
106 | |
---|
107 | |
---|
108 | WHY TO USE SECURE SHELL |
---|
109 | |
---|
110 | Currently, almost all communications in computer networks are done |
---|
111 | without encryption. As a consequence, anyone who has access to any |
---|
112 | machine connected to the network can listen in on any communication. |
---|
113 | This is being done by hackers, curious administrators, employers, |
---|
114 | criminals, industrial spies, and governments. Some networks leak off |
---|
115 | enough electromagnetic radiation that data may be captured even from a |
---|
116 | distance. |
---|
117 | |
---|
118 | When you log in, your password goes in the network in plain |
---|
119 | text. Thus, any listener can then use your account to do any evil he |
---|
120 | likes. Many incidents have been encountered worldwide where crackers |
---|
121 | have started programs on workstations without the owners knowledge |
---|
122 | just to listen to the network and collect passwords. Programs for |
---|
123 | doing this are available on the Internet, or can be built by a |
---|
124 | competent programmer in a few hours. |
---|
125 | |
---|
126 | Furthermore, it is possible to hijack connections going though the |
---|
127 | network. This means that an intruder can enter in the middle of an |
---|
128 | existing connection, and start modifying data in both directions. |
---|
129 | This can, e.g., be used to insert new commands in sessions |
---|
130 | authenticated by one-time passwords. A consequence is that no |
---|
131 | security method based on purely authenticating the user is safe. |
---|
132 | Furthermore, routing spoofing can be used to bring almost any |
---|
133 | connection in the Internet to a location where it can be attacked. |
---|
134 | |
---|
135 | Encryption and cryptographic authentication and integrity protection |
---|
136 | are required to secure networks and computer systems. SSH uses strong |
---|
137 | cryptographic algorithms to achieve these goals. |
---|
138 | |
---|
139 | Ease of use is critical to the acceptance of a piece of software. SSH |
---|
140 | attempts to be *easier* to use than its insecure counterparts. |
---|
141 | |
---|
142 | SSH has gained very wide acceptance. It is currently (late 1996) |
---|
143 | being used in approximately 50 countries at probably tens of thousands |
---|
144 | of organizations. Its users include top universities, research |
---|
145 | laboratories, banks, major corporations, and numerous smaller |
---|
146 | companies and individuals. |
---|
147 | |
---|
148 | SSH is available for almost all Unix platforms, and commercial |
---|
149 | versions are available for Windows (3.1, 95, NT) and Macintosh. For |
---|
150 | more information, see http://www.datafellows.com/f-secure. |
---|
151 | |
---|
152 | |
---|
153 | OVERVIEW OF SECURE SHELL |
---|
154 | |
---|
155 | The software consists of a number of programs. |
---|
156 | |
---|
157 | sshd Server program run on the server machine. This |
---|
158 | listens for connections from client machines, and |
---|
159 | whenever it receives a connection, it performs |
---|
160 | authentication and starts serving the client. |
---|
161 | |
---|
162 | ssh This is the client program used to log into another |
---|
163 | machine or to execute commands on the other machine. |
---|
164 | "slogin" is another name for this program. |
---|
165 | |
---|
166 | scp Securely copies files from one machine to another. |
---|
167 | |
---|
168 | ssh-keygen Used to create RSA keys (host keys and user |
---|
169 | authentication keys). |
---|
170 | |
---|
171 | ssh-agent Authentication agent. This can be used to hold RSA |
---|
172 | keys for authentication. |
---|
173 | |
---|
174 | ssh-add Used to register new keys with the agent. |
---|
175 | |
---|
176 | make-ssh-known-hosts |
---|
177 | Used to create the /etc/ssh_known_hosts file. |
---|
178 | |
---|
179 | |
---|
180 | Ssh is the program users normally use. It is started as |
---|
181 | |
---|
182 | ssh host |
---|
183 | |
---|
184 | or |
---|
185 | |
---|
186 | ssh host command |
---|
187 | |
---|
188 | The first form opens a new shell on the remote machine (after |
---|
189 | authentication). The latter form executes the command on the remote |
---|
190 | machine. |
---|
191 | |
---|
192 | When started, the ssh connects sshd on the server machine, verifies |
---|
193 | that the server machine really is the machine it wanted to connect, |
---|
194 | exchanges encryption keys (in a manner which prevents an outside |
---|
195 | listener from getting the keys), performs authentication using .rhosts |
---|
196 | and /etc/hosts.equiv, RSA authentication, or conventional password |
---|
197 | based authentication. The server then (normally) allocates a |
---|
198 | pseudo-terminal and starts an interactive shell or user program. |
---|
199 | |
---|
200 | The TERM environment variable (describing the type of the user's |
---|
201 | terminal) is passed from the client side to the remote side. Also, |
---|
202 | terminal modes will be copied from the client side to the remote side |
---|
203 | to preserve user preferences (e.g., the erase character). |
---|
204 | |
---|
205 | If the DISPLAY variable is set on the client side, the server will |
---|
206 | create a dummy X server and set DISPLAY accordingly. Any connections |
---|
207 | to the dummy X server will be forwarded through the secure channel, |
---|
208 | and will be made to the real X server from the client side. An |
---|
209 | arbitrary number of X programs can be started during the session, and |
---|
210 | starting them does not require anything special from the user. (Note |
---|
211 | that the user must not manually set DISPLAY, because then it would |
---|
212 | connect directly to the real display instead of going through the |
---|
213 | encrypted channel). This behavior can be disabled in the |
---|
214 | configuration file or by giving the -x option to the client. |
---|
215 | |
---|
216 | Arbitrary IP ports can be forwarded over the secure channel. The |
---|
217 | program then creates a port on one side, and whenever a connection is |
---|
218 | opened to this port, it will be passed over the secure channel, and a |
---|
219 | connection will be made from the other side to a specified host:port |
---|
220 | pair. Arbitrary IP forwarding must always be explicitly requested, |
---|
221 | and cannot be used to forward privileged ports (unless the user is |
---|
222 | root). It is possible to specify automatic forwards in a per-user |
---|
223 | configuration file, for example to make electronic cash systems work |
---|
224 | securely. |
---|
225 | |
---|
226 | If there is an authentication agent on the client side, connection to |
---|
227 | it will be automatically forwarded to the server side. |
---|
228 | |
---|
229 | For more information, see the manual pages ssh(1), sshd(8), scp(1), |
---|
230 | ssh-keygen(1), ssh-agent(1), ssh-add(1), and make-ssh-known-hosts(1) |
---|
231 | included in this distribution. |
---|
232 | |
---|
233 | |
---|
234 | X11 CONNECTION FORWARDING |
---|
235 | |
---|
236 | X11 forwarding serves two purposes: it is a convenience to the user |
---|
237 | because there is no need to set the DISPLAY variable, and it provides |
---|
238 | encrypted X11 connections. I cannot think of any other easy way to |
---|
239 | make X11 connections encrypted; modifying the X server, clients or |
---|
240 | libraries would require special work for each machine, vendor and |
---|
241 | application. Widely used IP-level encryption does not seem likely for |
---|
242 | several years. Thus what we have left is faking an X server on the |
---|
243 | same machine where the clients are run, and forwarding the connections |
---|
244 | to a real X server over the secure channel. |
---|
245 | |
---|
246 | X11 forwarding works as follows. The client extracts Xauthority |
---|
247 | information for the server. It then creates random authorization |
---|
248 | data, and sends the random data to the server. The server allocates |
---|
249 | an X11 display number, and stores the (fake) Xauthority data for this |
---|
250 | display. Whenever an X11 connection is opened, the server forwards |
---|
251 | the connection over the secure channel to the client, and the client |
---|
252 | parses the first packet of the X11 protocol, substitutes real |
---|
253 | authentication data for the fake data (if the fake data matched), and |
---|
254 | forwards the connection to the real X server. |
---|
255 | |
---|
256 | If the display does not have Xauthority data, the server will create a |
---|
257 | unix domain socket in /tmp/.X11-unix, and use the unix domain socket |
---|
258 | as the display. No authentication information is forwarded in this |
---|
259 | case. X11 connections are again forwarded over the secure channel. |
---|
260 | To the X server the connections appear to come from the client |
---|
261 | machine, and the server must have connections allowed from the local |
---|
262 | machine. Using authentication data is always recommended because not |
---|
263 | using it makes the display insecure. If XDM is used, it automatically |
---|
264 | generates the authentication data. |
---|
265 | |
---|
266 | One should be careful not to use "xin" or "xstart" or other similar |
---|
267 | scripts that explicitly set DISPLAY to start X sessions in a remote |
---|
268 | machine, because the connection will then not go over the secure |
---|
269 | channel. The recommended way to start a shell in a remote machine is |
---|
270 | |
---|
271 | xterm -e ssh host & |
---|
272 | |
---|
273 | and the recommended way to execute an X11 application in a remote |
---|
274 | machine is |
---|
275 | |
---|
276 | ssh -n host emacs & |
---|
277 | |
---|
278 | If you need to type a password/passphrase for the remote machine, |
---|
279 | |
---|
280 | ssh -f host emacs |
---|
281 | |
---|
282 | may be useful. |
---|
283 | |
---|
284 | |
---|
285 | |
---|
286 | RSA AUTHENTICATION |
---|
287 | |
---|
288 | RSA authentication is based on public key cryptography. The idea is |
---|
289 | that there are two encryption keys, one for encryption and another for |
---|
290 | decryption. It is not possible (on human time scale) to derive the |
---|
291 | decryption key from the encryption key. The encryption key is called |
---|
292 | the public key, because it can be given to anyone and it is not |
---|
293 | secret. The decryption key, on the other hand, is secret, and is |
---|
294 | called the private key. |
---|
295 | |
---|
296 | RSA authentication is based on the impossibility of deriving the |
---|
297 | private key from the public key. The public key is stored on the |
---|
298 | server machine in the user's $HOME/.ssh/authorized_keys file. The |
---|
299 | private key is only kept on the user's local machine, laptop, or other |
---|
300 | secure storage. Then the user tries to log in, the client tells the |
---|
301 | server the public key that the user wishes to use for authentication. |
---|
302 | The server then checks if this public key is admissible. If so, it |
---|
303 | generates a 256 bit random number, encrypts it with the public key, |
---|
304 | and sends the value to the client. The client then decrypts the |
---|
305 | number with its private key, computes a 128 bit MD5 checksum from the |
---|
306 | resulting data, and sends the checksum back to the server. (Only a |
---|
307 | checksum is sent to prevent chosen-plaintext attacks against RSA.) |
---|
308 | The server checks computes a checksum from the correct data, |
---|
309 | and compares the checksums. Authentication is accepted if the |
---|
310 | checksums match. (Theoretically this indicates that the client |
---|
311 | only probably knows the correct key, but for all practical purposes |
---|
312 | there is no doubt.) |
---|
313 | |
---|
314 | The RSA private key can be protected with a passphrase. The |
---|
315 | passphrase can be any string; it is hashed with MD5 to produce an |
---|
316 | encryption key for 3DES, which is used to encrypt the private part of |
---|
317 | the key file. With passphrase, authorization requires access to the key |
---|
318 | file and the passphrase. Without passphrase, authorization only |
---|
319 | depends on possession of the key file. |
---|
320 | |
---|
321 | RSA authentication is the most secure form of authentication supported |
---|
322 | by this software. It does not rely on the network, routers, domain |
---|
323 | name servers, or the client machine. The only thing that matters is |
---|
324 | access to the private key. |
---|
325 | |
---|
326 | All this, of course, depends on the security of the RSA algorithm |
---|
327 | itself. RSA has been widely known since about 1978, and no effective |
---|
328 | methods for breaking it are known if it is used properly. Care has |
---|
329 | been taken to avoid the well-known pitfalls. Breaking RSA is widely |
---|
330 | believed to be equivalent to factoring, which is a very hard |
---|
331 | mathematical problem that has received considerable public research. |
---|
332 | So far, no effective methods are known for numbers bigger than about |
---|
333 | 512 bits. However, as computer speeds and factoring methods are |
---|
334 | increasing, 512 bits can no longer be considered secure. The |
---|
335 | factoring work is exponential, and 768 or 1024 bits are widely |
---|
336 | considered to be secure in the near future. |
---|
337 | |
---|
338 | |
---|
339 | RHOSTS AUTHENTICATION |
---|
340 | |
---|
341 | Conventional .rhosts and hosts.equiv based authentication mechanisms |
---|
342 | are fundamentally insecure due to IP, DNS (domain name server) and |
---|
343 | routing spoofing attacks. Additionally this authentication method |
---|
344 | relies on the integrity of the client machine. These weaknesses is |
---|
345 | tolerable, and been known and exploited for a long time. |
---|
346 | |
---|
347 | Ssh provides an improved version of these types of authentication, |
---|
348 | because they are very convenient for the user (and allow easy |
---|
349 | transition from rsh and rlogin). It permits these types of |
---|
350 | authentication, but additionally requires that the client host be |
---|
351 | authenticated using RSA. |
---|
352 | |
---|
353 | The server has a list of host keys stored in /etc/ssh_known_host, and |
---|
354 | additionally each user has host keys in $HOME/.ssh/known_hosts. Ssh |
---|
355 | uses the name servers to obtain the canonical name of the client host, |
---|
356 | looks for its public key in its known host files, and requires the |
---|
357 | client to prove that it knows the private host key. This prevents IP |
---|
358 | and routing spoofing attacks (as long as the client machine private |
---|
359 | host key has not been compromised), but is still vulnerable to DNS |
---|
360 | attacks (to a limited extent), and relies on the integrity of the |
---|
361 | client machine as to who is requesting to log in. This prevents |
---|
362 | outsiders from attacking, but does not protect against very powerful |
---|
363 | attackers. If maximal security is desired, only RSA authentication |
---|
364 | should be used. |
---|
365 | |
---|
366 | It is possible to enable conventional .rhosts and /etc/hosts.equiv |
---|
367 | authentication (without host authentication) at compile time by giving |
---|
368 | the option --with-rhosts to configure. However, this is not |
---|
369 | recommended, and is not done by default. |
---|
370 | |
---|
371 | These weaknesses are present in rsh and rlogin. No improvement in |
---|
372 | security will be obtained unless rlogin and rsh are completely |
---|
373 | disabled (commented out in /etc/inetd.conf). This is highly |
---|
374 | recommended. |
---|
375 | |
---|
376 | |
---|
377 | LEGAL ISSUES |
---|
378 | |
---|
379 | See the file COPYING for distribution conditions. To summarize, you |
---|
380 | can use this software freely for non-commercial purposes. However, |
---|
381 | this software cannot be sold or used for directly revenue-generating |
---|
382 | purposes without licensing. THERE IS NO WARRANTY FOR THIS PROGRAM. |
---|
383 | |
---|
384 | In some countries, particularly Russia, Iraq, Pakistan, and France, it |
---|
385 | may be illegal to use any encryption at all without a special permit. |
---|
386 | |
---|
387 | This software may be freely imported into the United States; however, |
---|
388 | the United States Government may consider re-exporting it a criminal |
---|
389 | offense. Thus, if you are outside the US, please retrieve this |
---|
390 | software from outside the US. |
---|
391 | |
---|
392 | Note that any information and cryptographic algorithms used in this |
---|
393 | software are publicly available on the Internet and at any major |
---|
394 | bookstore, scientific library, or patent office worldwide. |
---|
395 | |
---|
396 | |
---|
397 | MAILING LISTS AND OTHER INFORMATION |
---|
398 | |
---|
399 | There is a mailing list for ssh. It is ssh@clinet.fi. If you would |
---|
400 | like to join, send a message to majordomo@clinet.fi with "subscribe |
---|
401 | ssh" in body. |
---|
402 | |
---|
403 | The WWW home page for ssh is http://www.cs.hut.fi/ssh. It contains an |
---|
404 | archive of the mailing list, and detailed information about new |
---|
405 | releases, mailing lists, and other relevant issues. |
---|
406 | |
---|
407 | For information about Windows, Macintosh, and commercial licensing, |
---|
408 | see http://www.datafellows.com/f-secure, or mail to |
---|
409 | f-secure-ssh-sales@datafellows.com. |
---|
410 | |
---|
411 | Bug reports should be sent to ssh-bugs@cs.hut.fi. |
---|
412 | |
---|
413 | |
---|
414 | ABOUT THE AUTHOR |
---|
415 | |
---|
416 | This software was originally written by Tatu Ylonen <ylo@cs.hut.fi> in |
---|
417 | Finland. It is now being maintained by SSH Communications Security |
---|
418 | (http://www.ssh.fi) and Data Fellows (http://www.datafellows.com). |
---|
419 | |
---|
420 | |
---|
421 | ACKNOWLEDGEMENTS |
---|
422 | |
---|
423 | Many people have contributed to the development of this software. |
---|
424 | |
---|
425 | Martin Abadi, Jason Ackley, Satoshi Adachi, Tim Adam, Kazunori Ando, |
---|
426 | Andre April, Walker Aumann, E. Jay Barkenbilt, Steve Bellovin, Steve |
---|
427 | Birnbaum, Steve Bonds, Paul Borman, Stephane Bortzmeyer, Jim Bourne, |
---|
428 | Jurgen Botz, Hans-Werner Braun, Bill Broadley, Piete Brooks, Loren |
---|
429 | Buchanan, Donald Buczek, Joao Castro, Andrey Chernov, Adrian Colley, |
---|
430 | Michael Cooper, Brian Cully, Felix von Delius, David Dombek, Ian |
---|
431 | Donaldson, Sean Doran, Danek Duvall, Garance Drosehn, Niklas |
---|
432 | Edmundsson, Doug Engert, Jerome Etienne, Bill Fithen, Mike Friedman, |
---|
433 | Florian Fuchs, Mark Fullmer, Jean-Loup Gailly, Bert Gijsbers, Eivind |
---|
434 | Gjelseth, Bob Goellner, Ian Goldberg, Chuck Goodhart, Aaron Gowatch, |
---|
435 | Torbjorn Granlund, Teddy Grenman, Klaus Guntermann, Andreas |
---|
436 | Gustafsson, Kojima Hajime, Charles M. Hannum, Michael Henits, Ville |
---|
437 | Herva, Nick Hibma, Mark Horn, Ton Hospel, Antti Huima, Cedomir Igaly, |
---|
438 | Bradford W. Johnson, Steve Johnson, LaMont Jones, Arne Juul, Petri |
---|
439 | Kaukasoina, Charles Karney, Richard Kaszeta, Brendan Kehoe, Tero |
---|
440 | Kivinen, Philip Kizer, Mika Kojo, Georg-W. Koltermann, David Kågedal, |
---|
441 | Thomas König, Joseph Lappa, Felix Leitner, Ofer Licht, Gunnar |
---|
442 | Lindberg, Markus Linnala, Harald Lundberg, Glenn Machin, Andrew |
---|
443 | Macpherson, Marc Martinec, Paul Mauvais, David Mazieres, Harry |
---|
444 | McGavran Jr., Donald McKillican, Pedro Melo, Luke Mewburn, Leon |
---|
445 | Mlakar, Robert Muchsel, Kaj Mustikkamäki, Hannu Napari, Pekka |
---|
446 | Nikander, Bill O'Neill, Bryan O'Sullivan, John P.Speno, Andy Polyakov, |
---|
447 | Matt Power, Theo de Raadt, Andrew Raphael, Matt Richards, Michael |
---|
448 | Richardson, Timo Rinne, Ollivier Robert, Maciej W. Rozycki, Dima |
---|
449 | Ruban, Tomi Salo, Paul J. Sanchez, Corey Satten, Jakob Schlyter, Wayne |
---|
450 | Schroeder, Jay Schuster, Harry Shamansky, Janne Snabb, Harlan Stenn, |
---|
451 | Kevin Steves, Mikael Suokas, Heikki Suonsivu, Tomasz Surmacz, Holger |
---|
452 | Trapp, Mark Treacy, Andrew Tridgell, Rick Troxel, Dragan Vecerina, |
---|
453 | Wietse Venema, Witse Venema, Alvar Vinacua, Russell Vincent, Petri |
---|
454 | Virkkula, Michael Warfield, Brian Weaver, Peter Wemm, Raymund Will, |
---|
455 | Mike Williams, Christophe Wolfhugel and Craig Yap. |
---|
456 | |
---|
457 | My apologies to people whom I have forgotten to list. |
---|
458 | |
---|
459 | Thanks also go to Philip Zimmermann, whose PGP software and the |
---|
460 | associated legal battle provided inspiration, motivation, and many |
---|
461 | useful techniques, and to Bruce Schneier whose book Applied |
---|
462 | Cryptography has done a great service in widely distributing knowledge |
---|
463 | about cryptographic methods. |
---|
464 | |
---|
465 | |
---|
466 | Copyright (c) 1996,1997,1998 SSH Communications Security, Espoo, Finland. |
---|