98 lines
2.9 KiB
Plaintext
98 lines
2.9 KiB
Plaintext
libssh2 - SSH2 library
|
|
======================
|
|
|
|
libssh2 is a library implementing the SSH2 protocol, available under
|
|
the revised BSD license.
|
|
|
|
Web site: http://www.libssh2.org/
|
|
|
|
Mailing list: http://cool.haxx.se/mailman/listinfo/libssh2-devel
|
|
|
|
Generic installation instructions are in INSTALL. Some ./configure
|
|
options deserve additional comments:
|
|
|
|
* --enable-crypt-none
|
|
|
|
The SSH2 Transport allows for unencrypted data
|
|
transmission using the "none" cipher. Because this is
|
|
such a huge security hole, it is typically disabled on
|
|
SSH2 implementations and is disabled in libssh2 by
|
|
default as well.
|
|
|
|
Enabling this option will allow for "none" as a
|
|
negotiable method, however it still requires that the
|
|
method be advertized by the remote end and that no
|
|
more-preferable methods are available.
|
|
|
|
* --enable-mac-none
|
|
|
|
The SSH2 Transport also allows implementations to
|
|
forego a message authentication code. While this is
|
|
less of a security risk than using a "none" cipher, it
|
|
is still not recommended as disabling MAC hashes
|
|
removes a layer of security.
|
|
|
|
Enabling this option will allow for "none" as a
|
|
negotiable method, however it still requires that the
|
|
method be advertized by the remote end and that no
|
|
more-preferable methods are available.
|
|
|
|
* --disable-gex-new
|
|
|
|
The diffie-hellman-group-exchange-sha1 (dh-gex) key
|
|
exchange method originally defined an exchange
|
|
negotiation using packet type 30 to request a
|
|
generation pair based on a single target value. Later
|
|
refinement of dh-gex provided for range and target
|
|
values. By default libssh2 will use the newer range
|
|
method.
|
|
|
|
If you experience trouble connecting to an old SSH
|
|
server using dh-gex, try this option to fallback on
|
|
the older more reliable method.
|
|
|
|
* --with-libgcrypt
|
|
* --without-libgcrypt
|
|
* --with-libgcrypt-prefix=DIR
|
|
|
|
libssh2 can use the Libgcrypt library
|
|
(http://www.gnupg.org/) for cryptographic operations.
|
|
Either Libgcrypt or OpenSSL is required.
|
|
|
|
Configure will attempt to locate Libgcrypt
|
|
automatically.
|
|
|
|
If your installation of Libgcrypt is in another
|
|
location, specify it using --with-libgcrypt-prefix.
|
|
|
|
* --with-openssl
|
|
* --without-openssl
|
|
* --with-libssl-prefix=[DIR]
|
|
|
|
libssh2 can use the OpenSSL library
|
|
(http://www.openssl.org) for cryptographic operations.
|
|
Either Libgcrypt or OpenSSL is required.
|
|
|
|
Configure will attempt to locate OpenSSL in the
|
|
default location.
|
|
|
|
If your installation of OpenSSL is in another
|
|
location, specify it using --with-libssl-prefix.
|
|
|
|
* --with-libz
|
|
* --without-libz
|
|
* --with-libz-prefix=[DIR]
|
|
|
|
If present, libssh2 will attempt to use the zlib
|
|
(http://www.zlib.org) for payload compression, however
|
|
zlib is not required.
|
|
|
|
If your installation of Libz is in another location,
|
|
specify it using --with-libz-prefix.
|
|
|
|
* --enable-debug
|
|
|
|
Will make the build use more pedantic and strict compiler
|
|
options as well as enable the libssh2_trace() function (for
|
|
showing debug traces).
|