Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-misc/openssh-contrib/metadata.xml
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc/openssh-contrib/metadata.xml')
-rw-r--r--net-misc/openssh-contrib/metadata.xml59
1 files changed, 59 insertions, 0 deletions
diff --git a/net-misc/openssh-contrib/metadata.xml b/net-misc/openssh-contrib/metadata.xml
new file mode 100644
index 000000000000..2982a0304511
--- /dev/null
+++ b/net-misc/openssh-contrib/metadata.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>chutzpah@gentoo.org</email>
+ <name>Patrick McLean</name>
+ </maintainer>
+ <maintainer type="person">
+ <email>robbat2@gentoo.org</email>
+ <name>Robin H. Johnson</name>
+ </maintainer>
+ <longdescription>
+ OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that
+ increasing numbers of people on the Internet are coming to rely on. Many users of telnet,
+ rlogin, ftp, and other such programs might not realize that their password is transmitted
+ across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords)
+ to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.
+ Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety
+ of authentication methods.
+
+ The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp which
+ replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of
+ the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan,
+ ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0.
+
+ This package represents an effort to extend upstream OpenSSH with three big patchsets.
+
+ WARNING: These patches are of lower quality than vanilla upstream OpenSSH and often have
+ correctness issues.
+
+ The patches are:
+
+ * HPN (High performance SSH/SCP) adds custom ciphers that allow for more aggressive
+ buffering and/or multithreading, leading to better network throughput. Many of these
+ optimizations are not relevant anymore due to AEAD ciphers changing MAC nesting or
+ because more CPU performant ciphers are being used in this day and age (ChaCha20).
+
+ WARNING: HPN's multi-threaded AES CTR cipher is known to be broken and should not be relied upon.
+
+ * SCTP patches by Patrick McLean. These enable SSH over SCTP.
+
+ * X509 patches by Roumen Petrov. OpenSSH upstream will never support standard PKIs for
+ authenticating users. This patch series adds support for X509 certificates.
+ </longdescription>
+ <use>
+ <flag name="hpn">Enable high performance ssh</flag>
+ <flag name="ldns">Use LDNS for DNSSEC/SSHFP validation.</flag>
+ <flag name="livecd">Enable root password logins for live-cd environment.</flag>
+ <flag name="security-key">Include builtin U2F/FIDO support</flag>
+ <flag name="ssl">Enable additional crypto algorithms via OpenSSL</flag>
+ <flag name="X509">Adds support for X.509 certificate authentication</flag>
+ <flag name="xmss">Enable XMSS post-quantum authentication algorithm</flag>
+ </use>
+ <upstream>
+ <remote-id type="cpe">cpe:/a:openbsd:openssh</remote-id>
+ <remote-id type="github">openssh/openssh-portable</remote-id>
+ <remote-id type="sourceforge">hpnssh</remote-id>
+ </upstream>
+</pkgmetadata>