From 67c4839ec95c3c27c0f1a30991ea9a77f2ac59d5 Mon Sep 17 00:00:00 2001 From: xvzcf Date: Tue, 8 Oct 2019 09:36:03 -0400 Subject: [PATCH] README fixes. (#46) --- README.md | 24 ++++-------------------- 1 file changed, 4 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index d6039971d16d..4291a2d1d2ce 100644 --- a/README.md +++ b/README.md @@ -98,12 +98,6 @@ On **Ubuntu**, you need to install the following packages: sudo apt install autoconf automake gcc libtool libssl-dev make unzip xsltproc zlib1g-dev -On **Ubuntu 18.04**, you need to downgrade the version of OpenSSL. (Ubuntu 18.04 bundles OpenSSL 1.1.0 by default, but OpenSSH only supports building against OpenSSL 1.0.2 at present.) - - sudo apt install openssl1.0 libssl1.0-dev - -Warning: this removes the existing libssl 1.1 development package. - On **Linux**, you also may need to do the following: - You may need to create the privilege separation directory: @@ -145,7 +139,7 @@ Then, build and install our fork of OpenSSH; First, run: export OPENSSH_INSTALL= autoreconf -Then, on **Ubuntu 16.04** and **macOS**, run the following: +Then, run the following: ./configure --with-ssl-dir=/include \ --with-ldflags=-L/lib \ @@ -156,16 +150,6 @@ Then, on **Ubuntu 16.04** and **macOS**, run the following: make -j make install -On **Ubuntu 18.04**, the steps are slightly different due to the default OpenSSL version: - - ./configure --with-ldflags=-L/usr/lib/ssl1.0 \ - --with-libs=-lm \ - --prefix=$OPENSSH_INSTALL \ - --sysconfdir=$OPENSSH_INSTALL \ - --with-liboqs-dir=$LIBOQS_INSTALL - make -j - make install - To test the build, run: make tests @@ -219,12 +203,12 @@ The server automatically supports all available hybrid and PQ-only key exchange In another terminal, run a client(the arguments between `[...]` can be omitted if only classical authentication is required): - /bin/ssh -l \ - -p 2222 localhost \ + /bin/ssh \ + -p 2222 localhost \ -o KexAlgorithms= \ [-o HostKeyAlgorithms= \ -o PubkeyAcceptedKeyTypes= \ - -o StrictHostKeyChecking=no \ + -o StrictHostKeyChecking=no \ -i ~/ssh_client/id_] The `StrictHostKeyChecking` option is used to allow trusting the newly generated server key; alternatively, the key could be added manually to the client's trusted keys.