forked from libssh2/libssh2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
93 lines (69 loc) · 2.68 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
libssh2 - SSH2 library
======================
libssh2 is a library implementing the SSH2 protocol, available under
the revised BSD license.
Generic installation instructions are in INSTALL. Some ./configure
options deserve additional comments:
* --enable-crypt-none
The SSH2 Transport allows for unencrypted data
transmission using the "none" cipher. Because this is
such a huge security hole, it is typically disabled on
SSH2 implementations and is disabled in libssh2 by
default as well.
Enabling this option will allow for "none" as a
negotiable method, however it still requires that the
method be advertized by the remote end and that no
more-preferable methods are available.
* --enable-mac-none
The SSH2 Transport also allows implementations to
forego a message authentication code. While this is
less of a security risk than using a "none" cipher, it
is still not recommended as disabling MAC hashes
removes a layer of security.
Enabling this option will allow for "none" as a
negotiable method, however it still requires that the
method be advertized by the remote end and that no
more-preferable methods are available.
* --disable-gex-new
The diffie-hellman-group-exchange-sha1 (dh-gex) key
exchange method originally defined an exchange
negotiation using packet type 30 to request a
generation pair based on a single target value. Later
refinement of dh-gex provided for range and target
values. By default libssh2 will use the newer range
method.
If you experience trouble connecting to an old SSH
server using dh-gex, try this option to fallback on
the older more reliable method.
* --with-libgcrypt
* --with-libgcrypt-prefix=DIR
libssh2 can use the Libgcrypt library
(http://www.gnupg.org/) for cryptographic operations.
Configure will attempt to locate Libgcrypt in the
default location, but if you have installed it
somewhere else, use the --with-libgrypt-prefix=DIR
parameter.
* --with-openssl=[DIR]
libssh2 can use the OpenSSL library
(http://www.openssl.org) for cryptographic operations.
Configure will attempt to locate OpenSSL in a number
of default locations:
/usr/local/ssl
/usr/local
/usr
/usr/local/openssl
If your installation of OpenSSL is in another
location, specify it here.
* --with-libz=[DIR]
If present, libssh2 will attempt to use the zlib (http://www.zlib.org)
for payload compression, however zlib is not required.
Configure will attempt to location a zlib installation
in a number of default locations:
/usr/local
/usr
/usr/local/libz
/usr/libz
/usr/local/zlib
/usr/zlib
If your installation of zlib is in another location,
you may specify it here.