diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2004-06-01 02:46:09 +0000 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2004-06-01 02:46:09 +0000 |
| commit | 674a60748884dc55ee7091b7c23a41240e75f73c (patch) | |
| tree | 3b5a173c356f867b94df3873b57ff36d33129ea7 /SMALL | |
Makefile.in contains updated files required
--HG--
extra : convert_revision : cc8a8c49dc70e632c352853a39801089b08149be
Diffstat (limited to 'SMALL')
| -rw-r--r-- | SMALL | 42 |
1 files changed, 42 insertions, 0 deletions
@@ -0,0 +1,42 @@ +Tips for a small system: + +The following are set in options.h + +- You can safely disable blowfish and twofish ciphers, and MD5 hmac, without + affecting interoperability + +- If you're compiling statically, you can turn off host lookups + +- You can disable either password or public-key authentication, though note + that the IETF draft states that pubkey authentication is required. + +- Similarly with DSS and RSA, you can disable one of these if you know that + all clients will be able to support a particular one. The IETF draft + states that DSS is required, however you may prefer to use RSA. + DON'T disable either of these on systems where you aren't 100% sure about + who will be connecting and what clients they will be using. + +- Disabling the MOTD code and SFTP-SERVER may save a small amount of codesize + +- You can disable x11, tcp and agent forwarding as desired. None of these are + essential, although agent-forwarding is often useful even on firewall boxes. + +If you are compiling statically, you may want to disable zlib, as it will use +a few tens of kB of binary-size (./configure --disable-zlib). + +You can create a combined binary, see the file MULTI, which will put all +the functions into one binary, avoiding repeated code. + +If you're compiling with gcc, you might want to look at gcc's options for +stripping unused code. The relevant vars to set before configure are: + +LDFLAGS=-Wl,--gc-sections +CFLAGS="-ffunction-sections -fdata-sections" + +You can also experiment with optimisation flags such as -Os, note that in some +cases these flags actually seem to increase size, so experiment before +deciding. + +Of course using small C libraries such as uClibc and dietlibc can also help. + +If you have any queries, mail me and I'll see if I can help. |