2005-10-29 09:01:33 +02:00
|
|
|
config BR2_PACKAGE_DROPBEAR
|
|
|
|
bool "dropbear"
|
2011-05-16 22:41:54 +02:00
|
|
|
select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL
|
2018-03-28 10:38:27 +02:00
|
|
|
select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL
|
2004-10-09 08:13:40 +02:00
|
|
|
help
|
2004-10-14 22:33:45 +02:00
|
|
|
A small SSH 2 server designed for small memory environments.
|
2004-10-09 08:13:40 +02:00
|
|
|
|
2016-01-09 02:15:53 +01:00
|
|
|
Note that dropbear requires a per-device unique host key. The
|
|
|
|
key will be generated when dropbear starts, but it is not
|
|
|
|
persistent over reboot (if you have a read-only rootfs) or
|
|
|
|
upgrade (if you have a read-write rootfs). To make the key
|
|
|
|
persistent, replace /etc/dropbear with a symlink to a
|
|
|
|
directory on a persistent, writeable filesystem.
|
|
|
|
Alternatively, mount a persistent unionfs over your root
|
|
|
|
filesystem.
|
|
|
|
|
2018-02-12 09:21:50 +01:00
|
|
|
https://matt.ucc.asn.au/dropbear/dropbear.html
|
2010-09-06 14:37:22 +02:00
|
|
|
|
2013-05-26 14:08:12 +02:00
|
|
|
if BR2_PACKAGE_DROPBEAR
|
|
|
|
|
2015-02-04 19:33:29 +01:00
|
|
|
config BR2_PACKAGE_DROPBEAR_CLIENT
|
|
|
|
bool "client programs"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Provides the programs: dbclient, ssh
|
|
|
|
|
|
|
|
Note that the following programs are also used server-side
|
|
|
|
and are therefore always build regardless this setting:
|
|
|
|
dropbear, dropbearkey, dropbearconvert, scp
|
|
|
|
|
2010-09-06 14:37:22 +02:00
|
|
|
config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS
|
|
|
|
bool "disable reverse DNS lookups"
|
|
|
|
help
|
|
|
|
Disable reverse DNS lookups on connection. This can be handy
|
|
|
|
on systems without working DNS, as connections otherwise
|
|
|
|
stall until DNS times out.
|
2011-03-04 15:22:26 +01:00
|
|
|
|
|
|
|
config BR2_PACKAGE_DROPBEAR_SMALL
|
|
|
|
bool "optimize for size"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Compile dropbear for the smallest possible binary size.
|
|
|
|
|
|
|
|
Tradeoffs are slower hashes and ciphers, and disabling of the
|
2011-05-16 22:41:54 +02:00
|
|
|
blowfish cipher and zlib.
|
2011-10-25 14:22:18 +02:00
|
|
|
|
|
|
|
config BR2_PACKAGE_DROPBEAR_WTMP
|
|
|
|
bool "log dropbear access to wtmp"
|
|
|
|
help
|
|
|
|
Enable logging of dropbear access to wtmp. Notice that
|
|
|
|
Buildroot does not generate wtmp by default.
|
|
|
|
|
|
|
|
config BR2_PACKAGE_DROPBEAR_LASTLOG
|
|
|
|
bool "log dropbear access to lastlog"
|
|
|
|
help
|
|
|
|
Enable logging of dropbear access to lastlog. Notice that
|
|
|
|
Buildroot does not generate lastlog by default.
|
2013-05-26 14:08:12 +02:00
|
|
|
|
2018-07-03 09:48:10 +02:00
|
|
|
config BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO
|
|
|
|
bool "enable legacy crypto"
|
|
|
|
help
|
|
|
|
Enable legacy and possibly insecure algorithms:
|
|
|
|
3DES encryption
|
|
|
|
SHA1-96 message integrity
|
|
|
|
CBC encryption mode
|
|
|
|
DSA public keys
|
|
|
|
Diffie-Hellman Group1 key exchange
|
|
|
|
|
2013-05-26 14:08:12 +02:00
|
|
|
endif
|