Subject: Re: FYI: Redhat switched to curl built with libssh...

Re: FYI: Redhat switched to curl built with libssh...

From: Pan K <zuboci_at_yandex.com>
Date: Wed, 06 Jun 2018 16:50:18 +0100
I'd also be interested in adding GSS-API support in libssh2. Have some time off coming up in the next month so might be some progress on that.
 
My 2 cents is that the packages for libssh2 in most distributions, redhat especially, really need updating to at least 1.6. RHEL 7 only ships with 1.4.3 as standard which dates from 2012 and is not thread safe, among other things.
 
OTOH, the libssh package is at 0.6.3 in RHEL 7 which, while not the latest, is much newer than the 6 year old libssh2.
 
This detracts from perception of libssh2, through no fault of the authors and maintainers.
 
On the bright side now there is a fully featured libssh2 wrapper for python available, the project is getting more attention (python devs outnumber most everyone by orders of magnitude). The python package distribution system allows for binary packages to be distributed and easily installed, and these include absolute latest libssh2. Unfortunately building from source is subject to out of date libssh2 due to the above.
 
There is room for both to co-exist and we need more choices, not less. With a lack of choices we have de-facto standards and that quickly leads to complacency, feature creep and instability. See paramiko python ssh library - ironically what made me interested in both libssh2 and libssh.
 
(shameless bump) As a side note there is an agent forwarding implementation pull request that is pending review for anyone available.
 
Regards
 
05.05.2018, 22:29, "Daniel Stenberg" <daniel@haxx.se>:

On Sat, 5 May 2018, Antenore wrote:
 

 Maybe asks publicly what are the reasons, so that if are just technical, you
 can push for improvements.


The reasons are actually stated in the page I linked to: libssh has some
features that libssh2 lacks (I think that refers to crypto algos) and
apparently curl was about the only package left in Redhat that used libssh2.

Redhat put in a lot of effort when they provided the libssh-using backend to
curl a while back so that we can now chose to use either library at build-time
and curl works just the same for SCP and SFTP transfers.

I personally don't have any actual technical argument against this decision. I
have an emotional attachment to and argument for libssh2 of course but I don't
think that's very helpful...
 

--


  / daniel.haxx.se
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2018-06-06