diff SMALL @ 4:fe6bca95afa7

Makefile.in contains updated files required
author Matt Johnston <matt@ucc.asn.au>
date Tue, 01 Jun 2004 02:46:09 +0000
children b9d3f725e00b
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/SMALL	Tue Jun 01 02:46:09 2004 +0000
@@ -0,0 +1,42 @@
+Tips for a small system:
+The following are set in options.h
+- You can safely disable blowfish and twofish ciphers, and MD5 hmac, without
+  affecting interoperability
+- If you're compiling statically, you can turn off host lookups
+- You can disable either password or public-key authentication, though note
+  that the IETF draft states that pubkey authentication is required.
+- Similarly with DSS and RSA, you can disable one of these if you know that
+  all clients will be able to support a particular one. The IETF draft
+  states that DSS is required, however you may prefer to use RSA. 
+  DON'T disable either of these on systems where you aren't 100% sure about
+  who will be connecting and what clients they will be using.
+- Disabling the MOTD code and SFTP-SERVER may save a small amount of codesize
+- You can disable x11, tcp and agent forwarding as desired. None of these are
+  essential, although agent-forwarding is often useful even on firewall boxes.
+If you are compiling statically, you may want to disable zlib, as it will use
+a few tens of kB of binary-size (./configure --disable-zlib).
+You can create a combined binary, see the file MULTI, which will put all
+the functions into one binary, avoiding repeated code.
+If you're compiling with gcc, you might want to look at gcc's options for
+stripping unused code. The relevant vars to set before configure are:
+CFLAGS="-ffunction-sections -fdata-sections"
+You can also experiment with optimisation flags such as -Os, note that in some
+cases these flags actually seem to increase size, so experiment before
+Of course using small C libraries such as uClibc and dietlibc can also help.
+If you have any queries, mail me and I'll see if I can help.