ssh2/README

libssh2 - SSH2 library
======================

libssh2 is a library implementing the SSH2 protocol, available under
the revised BSD license.

Web site: http://www.libssh2.org/

Mailing list: http://cool.haxx.se/mailman/listinfo/libssh2-devel

Generic installation instructions are in INSTALL.  Some ./configure
options deserve additional comments:

	* --enable-crypt-none

		The SSH2 Transport allows for unencrypted data
		transmission using the "none" cipher.  Because this is
		such a huge security hole, it is typically disabled on
		SSH2 implementations and is disabled in libssh2 by
		default as well.

		Enabling this option will allow for "none" as a
		negotiable method, however it still requires that the
		method be advertized by the remote end and that no
		more-preferable methods are available.

	* --enable-mac-none

		The SSH2 Transport also allows implementations to
		forego a message authentication code.  While this is
		less of a security risk than using a "none" cipher, it
		is still not recommended as disabling MAC hashes
		removes a layer of security.

		Enabling this option will allow for "none" as a
		negotiable method, however it still requires that the
		method be advertized by the remote end and that no
		more-preferable methods are available.

	* --disable-gex-new

		The diffie-hellman-group-exchange-sha1 (dh-gex) key
		exchange method originally defined an exchange
		negotiation using packet type 30 to request a
		generation pair based on a single target value.  Later
		refinement of dh-gex provided for range and target
		values.  By default libssh2 will use the newer range
		method.

		If you experience trouble connecting to an old SSH
		server using dh-gex, try this option to fallback on
		the older more reliable method.

  	* --with-libgcrypt
  	* --without-libgcrypt
	* --with-libgcrypt-prefix=DIR

		libssh2 can use the Libgcrypt library
		(http://www.gnupg.org/) for cryptographic operations.
		Either Libgcrypt or OpenSSL is required.

		Configure will attempt to locate Libgcrypt
		automatically.

 		If your installation of Libgcrypt is in another
		location, specify it using --with-libgcrypt-prefix.

	* --with-openssl
	* --without-openssl
	* --with-libssl-prefix=[DIR]

		libssh2 can use the OpenSSL library
		(http://www.openssl.org) for cryptographic operations.
		Either Libgcrypt or OpenSSL is required.

		Configure will attempt to locate OpenSSL in the
		default location.

		If your installation of OpenSSL is in another
		location, specify it using --with-libssl-prefix.

	* --with-libz
	* --without-libz
	* --with-libz-prefix=[DIR]

		If present, libssh2 will attempt to use the zlib
		(http://www.zlib.org) for payload compression, however
		zlib is not required.

		If your installation of Libz is in another location,
		specify it using --with-libz-prefix.

	* --enable-debug

		Will make the build use more pedantic and strict compiler
		options as well as enable the libssh2_trace() function (for
		showing debug traces).
Initial revision 2004-12-07 22:17:20 +01:00			`libssh2 - SSH2 library`
			`======================`

Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`libssh2 is a library implementing the SSH2 protocol, available under`
			`the revised BSD license.`
mention a few recent changes 2006-11-24 11:14:31 +01:00
mention web site and mailing list, as I think they're not mentioned anywhere else in the package! 2008-12-23 00:39:46 +01:00			`Web site: http://www.libssh2.org/`

Update mailing list URL to new address 2009-07-10 16:28:28 +02:00			`Mailing list: http://cool.haxx.se/mailman/listinfo/libssh2-devel`
mention web site and mailing list, as I think they're not mentioned anywhere else in the package! 2008-12-23 00:39:46 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`Generic installation instructions are in INSTALL. Some ./configure`
			`options deserve additional comments:`
mention a few recent changes 2006-11-24 11:14:31 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`* --enable-crypt-none`
non-blocking and man pages 2007-02-02 23:28:48 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`The SSH2 Transport allows for unencrypted data`
			`transmission using the "none" cipher. Because this is`
			`such a huge security hole, it is typically disabled on`
Fixed some spelling mistakes in documentation. 2007-04-12 23:30:03 +02:00			`SSH2 implementations and is disabled in libssh2 by`
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`default as well.`
non-blocking and man pages 2007-02-02 23:28:48 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`Enabling this option will allow for "none" as a`
			`negotiable method, however it still requires that the`
			`method be advertized by the remote end and that no`
Fixed some spelling mistakes in documentation. 2007-04-12 23:30:03 +02:00			`more-preferable methods are available.`
mention a few recent changes 2006-11-24 11:14:31 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`* --enable-mac-none`
mention a few recent changes 2006-11-24 11:14:31 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`The SSH2 Transport also allows implementations to`
			`forego a message authentication code. While this is`
			`less of a security risk than using a "none" cipher, it`
			`is still not recommended as disabling MAC hashes`
			`removes a layer of security.`
mention a few recent changes 2006-11-24 11:14:31 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`Enabling this option will allow for "none" as a`
			`negotiable method, however it still requires that the`
			`method be advertized by the remote end and that no`
Fixed some spelling mistakes in documentation. 2007-04-12 23:30:03 +02:00			`more-preferable methods are available.`
Add. 2007-01-16 16:36:43 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`* --disable-gex-new`
Add. 2007-01-16 16:36:43 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`The diffie-hellman-group-exchange-sha1 (dh-gex) key`
			`exchange method originally defined an exchange`
			`negotiation using packet type 30 to request a`
			`generation pair based on a single target value. Later`
			`refinement of dh-gex provided for range and target`
			`values. By default libssh2 will use the newer range`
			`method.`
give credit to those who made the changes 2007-03-15 21:57:11 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`If you experience trouble connecting to an old SSH`
			`server using dh-gex, try this option to fallback on`
			`the older more reliable method.`
give credit to those who made the changes 2007-03-15 21:57:11 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`* --with-libgcrypt`
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`* --without-libgcrypt`
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`* --with-libgcrypt-prefix=DIR`
mention a few recent changes 2006-11-24 11:14:31 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`libssh2 can use the Libgcrypt library`
			`(http://www.gnupg.org/) for cryptographic operations.`
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`Either Libgcrypt or OpenSSL is required.`
Allow socket_fd == 0 in libssh2_session_startup() 2006-03-08 20:10:53 +01:00
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`Configure will attempt to locate Libgcrypt`
			`automatically.`
Plug leaks caused by not using OpenSSL's EVP interface correctly 2006-04-06 23:50:37 +02:00
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`If your installation of Libgcrypt is in another`
			`location, specify it using --with-libgcrypt-prefix.`

			`* --with-openssl`
			`* --without-openssl`
			`* --with-libssl-prefix=[DIR]`
Allow socket_fd == 0 in libssh2_session_startup() 2006-03-08 20:10:53 +01:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`libssh2 can use the OpenSSL library`
			`(http://www.openssl.org) for cryptographic operations.`
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`Either Libgcrypt or OpenSSL is required.`
Swap ordering of packet_add/packet-inspection to avoid inspect after free. Fix OpenSSL detection using pkg-config. 2006-05-27 00:36:48 +02:00
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`Configure will attempt to locate OpenSSL in the`
			`default location.`
Don't wait for KEX_INIT prior to sending our own packet. Watch out for bad KEX_INIT guesses and burn packets if necessary. 2006-06-22 20:45:29 +02:00
Rewrite, based on INSTALL. 2007-03-27 14:22:22 +02:00			`If your installation of OpenSSL is in another`
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`location, specify it using --with-libssl-prefix.`
Fix miscellaneous bugs in src/channel.c and src/packet.c Courtessy David Robins 2005-11-02 01:26:24 +01:00
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`* --with-libz`
			`* --without-libz`
			`* --with-libz-prefix=[DIR]`
Fix miscellaneous bugs in src/channel.c and src/packet.c Courtessy David Robins 2005-11-02 01:26:24 +01:00
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`If present, libssh2 will attempt to use the zlib`
			`(http://www.zlib.org) for payload compression, however`
			`zlib is not required.`
Fix make install on MacOSX 2006-01-06 18:34:03 +01:00
Rewrite OpenSSL+libz detection logic. 2008-11-19 12:10:48 +01:00			`If your installation of Libz is in another location,`
			`specify it using --with-libz-prefix.`
added --enable-debug 2007-04-12 23:40:22 +02:00
			`* --enable-debug`

			`Will make the build use more pedantic and strict compiler`
			`options as well as enable the libssh2_trace() function (for`
			`showing debug traces).`