| Installing libssh2 |
| ================== |
| |
| * Untar this tarball (which, if you're reading this, you've already done) |
| |
| * Run: ./configure (passing additional options as desired) |
| |
| In addition the the standard set of ./configure options (e.g. --prefix) |
| there are five switches which you may wish to pay attention to: |
| |
| * --with-openssl=[DIR] |
| |
| libssh2 requires the OpenSSL library (http://www.openssl.org) for |
| cipher and hash method implementations. |
| |
| ./configure will attempt to locate OpenSSL in a number of default locations: |
| /usr/local/ssl /usr/local /usr /usr/local/openssl |
| If your installation of OpenSSL is in another location, specify it here. |
| |
| * --with-zlib=[DIR] |
| |
| If present, libssh2 will attempt to use the zlib (http://www.zlib.org) |
| for payload compression, however zlib is not required. |
| |
| ./configure will attempt to location a zlib installation in a number of default locations: |
| /usr/local /usr /usr/local/libz /usr/libz /usr/local/zlib /usr/zlib |
| If your installation of zlib is in another location, you may specify it here. |
| |
| * --enable-crypt-none |
| |
| The SSH2 Transport allows for unencrypted data transmission using the "none" cipher. |
| Because this is such a huge security hole, it is typically disabled on |
| SSH2 implementations and is diabled in libssh2 by default as well. |
| |
| Enabling this option will allow for "none" as a negotiable method, |
| however it still requires that the method be advertized by the remote end |
| and that no more-prefferable methods are available. |
| |
| * --enable-mac-none |
| |
| The SSH2 Transport also allows implementations to forego a message authentication code. |
| While this is less of a security risk than using a "none" cipher, it is still not |
| recommended as disabling MAC hashes removes a layer of security. |
| |
| Enabling this option will allow for "none" as a negotiable method, |
| however it still requires that the method be advertized by the remote end |
| and that no more-prefferable methods are available. |
| |
| * --disable-gex-new |
| |
| The diffie-hellman-group-exchange-sha1 (dh-gex) key exchange method originally defined |
| an exchange negotiation using packet type 30 to request a generation pair based |
| on a single target value. Later refinement of dh-gex provided for range and target |
| values. By default libssh2 will use the newer range method. |
| |
| If you experience trouble connecting to an old SSH server using dh-gex, |
| try this option to fallback on the older more reliable method. |
| |
| * Run: make all install |
| |