Debian considers switching curl to use libssh instead of libssh2

Andreas Schneider asn at
Fri Dec 31 09:08:17 CET 2021

On Friday, 31 December 2021 08:43:49 CET Tor Arntsen via libssh2-devel wrote:
> On Fri, 31 Dec 2021 at 02:13, Nicolas Mora via libssh2-devel
> The only part of the Fedora report which looks like an argument is this:
> "the libssh2 library uses outdated cryptographic algorithms and lacks
> important features, such as GSS-API authentication."
> (
> rity/index.html) Is this true, or more importantly, is it relevant?


I'm the maintainer of libssh. There are several reasons why distributions 
switched to libssh:

a) Required features like ciphers and GSSAPI support
a) Choose only one library you have to support (enterprise wise)
c) FIPS readiness
d) ...

So everything moved to libssh, even projects which used python implementations 
before, see

So the distro just needs to decide what users/customers need and what it wants 
to support. Probably this isn't relevant for Debian but might be for Ubuntu.

Best regards


More information about the libssh2-devel mailing list