OpenSSH 3.9 released (fwd)

Bob Rasmussen ras at anzio.com
Wed Aug 18 17:10:51 PDT 2004


On Wed, 18 Aug 2004, Kenneth Brody wrote:

> In case anyone hasn't noticed...
>
> Haven't you wondered how TERM gets set when you telnet in, when the host
> has no idea what type of terminal you're using?  The telnet init protocol
> has the ability to tell the server the value of TERM, which it then adds
> to the environment.  (I'm not sure if it allows other variables to be set.)
>
> I assume that Bob is saying that it now supports the setting of any
> environment variable "name=value" pair?

Both the telnet protocol and the ssh protocol have mechanisms defined by
which the client can tell the server the TERM variable. This is essential
to any reasonable operation in a character-based environment.

Both protocols also allow for the client to send arbitrary
"variable=value" pairs. It is up to the daemon (telnetd, sshd) to
determine which of these to pass on into the environment of the created
process. Originally telnetd was wide open on this, but then people figured
out that they could, for instance, violate restricted-shell configurations
on the server by setting a PATH variable, etc. So over time the telnetd
implementations were more and more restrictive. Current versions may allow
only DISPLAY to be passed. Implementations of sshd have until now taken
this restrictive approach.

What is new in OpenSSH 3.9 is that the server can be configured to allow
certain other variables to be set.

Regards,
....Bob Rasmussen,   President,   Rasmussen Software, Inc.

personal e-mail: ras at anzio.com
 company e-mail: rsi at anzio.com
          voice: (US) 503-624-0360 (9:00-6:00 Pacific Time)
            fax: (US) 503-624-0760
            web: http://www.anzio.com


More information about the Filepro-list mailing list