kumquat-buildroot/package/dropbear/Config.in

70 lines
2.1 KiB
Plaintext
Raw Normal View History

2005-10-29 09:01:33 +02:00
config BR2_PACKAGE_DROPBEAR
bool "dropbear"
select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL
select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL
2004-10-09 08:13:40 +02:00
help
2004-10-14 22:33:45 +02:00
A small SSH 2 server designed for small memory environments.
2004-10-09 08:13:40 +02:00
Note that dropbear requires a per-device unique host key. The
key will be generated when dropbear starts, but it is not
persistent over reboot (if you have a read-only rootfs) or
upgrade (if you have a read-write rootfs). To make the key
persistent, replace /etc/dropbear with a symlink to a
directory on a persistent, writeable filesystem.
Alternatively, mount a persistent unionfs over your root
filesystem.
https://matt.ucc.asn.au/dropbear/dropbear.html
if BR2_PACKAGE_DROPBEAR
config BR2_PACKAGE_DROPBEAR_CLIENT
bool "client programs"
default y
help
Provides the programs: dbclient, ssh
Note that the following programs are also used server-side
and are therefore always build regardless this setting:
dropbear, dropbearkey, dropbearconvert, scp
config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS
bool "disable reverse DNS lookups"
help
Disable reverse DNS lookups on connection. This can be handy
on systems without working DNS, as connections otherwise
stall until DNS times out.
config BR2_PACKAGE_DROPBEAR_SMALL
bool "optimize for size"
default y
help
Compile dropbear for the smallest possible binary size.
Tradeoffs are slower hashes and ciphers, and disabling of the
blowfish cipher and zlib.
config BR2_PACKAGE_DROPBEAR_WTMP
bool "log dropbear access to wtmp"
help
Enable logging of dropbear access to wtmp. Notice that
Buildroot does not generate wtmp by default.
config BR2_PACKAGE_DROPBEAR_LASTLOG
bool "log dropbear access to lastlog"
help
Enable logging of dropbear access to lastlog. Notice that
Buildroot does not generate lastlog by default.
config BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO
bool "enable legacy crypto"
help
Enable legacy and possibly insecure algorithms:
3DES encryption
SHA1-96 message integrity
CBC encryption mode
DSA public keys
Diffie-Hellman Group1 key exchange
endif