Re: SSH Tunneling implementation

Hi

I have tested libssh2 authentication by setting *publickey* parameter to
NULL with prebuilt binaries which is compiled with other SSL library. Logic
didn't work. We will have to provide publickey file as parameter if libssh2
compiled with other SSL library.

I have tried it on my Ubuntu 10.04.4 LTS machine. But the problem is when I
have installed the prebuilt binaries, it installs 1.2.2 old version and the
code is not compiled. Then I have copied the prebuilt binaries and required
headers from Ubuntu 12 and found we will have to set the public key file.

Thoughts? Comments?

On Mon, Jul 9, 2012 at 7:12 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:

> On Mon, Jul 9, 2012 at 2:41 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
> > On Mon, Jul 9, 2012 at 2:38 PM, Akshay Joshi
> > <akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
> >>
> >>
> >> On Mon, Jul 9, 2012 at 3:53 PM, Magnus Hagander <magnus(at)hagander(dot)net>
> wrote:
> >>>
> >>> On Mon, Jul 9, 2012 at 12:15 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
> >>> > On Mon, Jul 9, 2012 at 10:51 AM, Magnus Hagander <
> magnus(at)hagander(dot)net>
> >>> > wrote:
> >>> >> On Mon, Jul 9, 2012 at 11:48 AM, Dave Page <dpage(at)pgadmin(dot)org>
> wrote:
> >>> >>>
> >>> >>> We've never supported anything other than OpenSSL.
> >>> >>
> >>> >> For the direct linking. But the question here is what *libssh2* is
> >>> >> built against, not what pgadmin is linked against.
> >>> >>
> >>> >> If you require the entire system to be built against openssl, then
> the
> >>> >> feature won't work on Debian. Or Ubuntu. Or RedHat. Or Fedora. Or
> >>> >> SuSE. Or any derived distros. Because they all made the decision to
> >>> >> move away from openssl for any packages that support other things
> >>> >> (though annoyingly enough, debian/ubuntu went towards gnutls and the
> >>> >> redhat style distros went towards libnss - but that's a different
> >>> >> story).
> >>> >
> >>> > Hmm, good point. In that case Akshay will need to figure out how to
> >>> > deal with this some other way.
> >>>
> >>> Or at least verify that it's not just a docu snafu - it might mean
> >>> "any external SSL library" or something like that.
> >>
> >>
> >> Unable to find the way to verify it. I haven't found prebuilt libssh2
> >> library on my CentOS and Ubuntu.
> >
> > I don't have Ubuntu to hand, but on RHEL 5 I see:
> >
> > [dpage(at)dominion ~]$ yum search libssh2
> > Loaded plugins: fastestmirror
> > base
> > | 1.1 kB 00:00
> > base
> > 2725/2725
> > epel
> > | 3.4 kB 00:00
> > extras
> > | 2.1 kB 00:00
> > updates
> > | 1.9 kB 00:00
> > =================================================== Matched: libssh2
> > ===================================================
> > libssh2.i386 : A library implementing the SSH2 protocol
> > libssh2-devel.i386 : Development files for libssh2
> > libssh2-docs.i386 : Documentation for libssh2
> >
> > And on RHEL 6:
> >
> > [dpage(at)sturgis ~]$ yum search libssh2
> > Loaded plugins: fastestmirror, priorities, security
> > Determining fastest mirrors
> > epel/metalink
> > | 18 kB 00:00
> > * base: centos.mirror.transip.nl
> > * epel: nl.mirror.eurid.eu
> > * extras: mirrors.coreix.net
> > * updates: mirrors.coreix.net
> > base
> > | 3.7 kB 00:00
> > epel
> > | 4.0 kB 00:00
> > epel/primary_db
> > | 4.6 MB 00:17
> > extras
> > | 3.5 kB 00:00
> > updates
> > | 3.5 kB 00:00
> > updates/primary_db
> > | 4.1 MB 00:18
> > ================================================= N/S Matched: libssh2
> > =================================================
> > libssh2-devel.i686 : Development files for libssh2
> > libssh2-devel.x86_64 : Development files for libssh2
> > libssh2-docs.x86_64 : Documentation for libssh2
> > libssh2.i686 : A library implementing the SSH2 protocol
> > libssh2.x86_64 : A library implementing the SSH2 protocol
> > php-pecl-ssh2.x86_64 : Bindings for the libssh2 library
> >
> > Name and summary matches only, use "search all" for everything.
>
> Sorry, they were both CentOS, not RHEL.
>
> --
> Dave Page
> Blog: http://pgsnake.blogspot.com
> Twitter: @pgsnake
>
> EnterpriseDB UK: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>

--
*Akshay Joshi
Senior Software Engineer
EnterpriseDB Corporation
The Enterprise PostgreSQL Company
Phone: +91 20-3058-9522
Mobile: +91 976-788-8246*