61 lines
2.4 KiB
Plaintext
61 lines
2.4 KiB
Plaintext
Installing libssh2
|
|
==================
|
|
|
|
* Untar this tarball (which, if you're reading this, you've already done)
|
|
|
|
* Run: ./configure (passing additional options as desired)
|
|
|
|
In addition the the standard set of ./configure options (e.g. --prefix)
|
|
there are five switches which you may wish to pay attention to:
|
|
|
|
* --with-openssl=[DIR]
|
|
|
|
libssh2 requires the OpenSSL library (http://www.openssl.org) for
|
|
cipher and hash method implementations.
|
|
|
|
./configure will attempt to locate OpenSSL in a number of default locations:
|
|
/usr/local/ssl /usr/local /usr /usr/local/openssl
|
|
If your installation of OpenSSL is in another location, specify it here.
|
|
|
|
* --with-zlib=[DIR]
|
|
|
|
If present, libssh2 will attempt to use the zlib (http://www.zlib.org)
|
|
for payload compression, however zlib is not required.
|
|
|
|
./configure will attempt to location a zlib installation in a number of default locations:
|
|
/usr/local /usr /usr/local/libz /usr/libz /usr/local/zlib /usr/zlib
|
|
If your installation of zlib is in another location, you may specify it here.
|
|
|
|
* --enable-crypt-none
|
|
|
|
The SSH2 Transport allows for unencrypted data transmission using the "none" cipher.
|
|
Because this is such a huge security hole, it is typically disabled on
|
|
SSH2 implementations and is diabled in libssh2 by default as well.
|
|
|
|
Enabling this option will allow for "none" as a negotiable method,
|
|
however it still requires that the method be advertized by the remote end
|
|
and that no more-prefferable methods are available.
|
|
|
|
* --enable-mac-none
|
|
|
|
The SSH2 Transport also allows implementations to forego a message authentication code.
|
|
While this is less of a security risk than using a "none" cipher, it is still not
|
|
recommended as disabling MAC hashes removes a layer of security.
|
|
|
|
Enabling this option will allow for "none" as a negotiable method,
|
|
however it still requires that the method be advertized by the remote end
|
|
and that no more-prefferable methods are available.
|
|
|
|
* --disable-gex-new
|
|
|
|
The diffie-hellman-group-exchange-sha1 (dh-gex) key exchange method originally defined
|
|
an exchange negotiation using packet type 30 to request a generation pair based
|
|
on a single target value. Later refinement of dh-gex provided for range and target
|
|
values. By default libssh2 will use the newer range method.
|
|
|
|
If you experience trouble connecting to an old SSH server using dh-gex,
|
|
try this option to fallback on the older more reliable method.
|
|
|
|
* Run: make all install
|
|
|