make ssh client-side compression configurable

[aqw]

It came as a big surprise to me that the client configuration hardcodes compression by default.

This makes it configurable, and sets it to false by default. This is a change in behavior, but I think is the correct one. It brings it in line with upstream SSH defaults, and compression has little to do with security (which is the primary goal of this role).

I chose not to rename ssh_compression to ssh_server_compression because I did not want to cause breakage for those already using it. Please feel free to adjust this PR if you would prefer the more specific naming.

[aqw]

The failure seems unrelated to this change, and is the introduction of an additional cipher (sntrup4591761x25519-sha512@tinyssh.org) on Fedora.

 ×  ssh-09: Client: Check for secure ssh Key-Exchange Algorithm
     ×  SSH Configuration KexAlgorithms is expected to eq "curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256"

     expected: "curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256"
          got: "sntrup4591761x25519-sha512@tinyssh.org,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256"

[rndmh3ro]

Thanks @aqw!

You're absolutely right about all points.

Can you please sign-off your commits?

[aqw]

@rndmh3ro Done. I've been meaning to set that up for ages. Thanks for the kick. :-)

[aqw]

I just realized you were asking for the commit to be signed-off, not necessarily signed with GPG.

In any case, both have now been done.