kumquat-buildroot/package/dropbear/Config.in
Alexandru Ardelean 26708469ad package/dropbear: add option to provide file with localoptions.h
As discussed in https://patchwork.ozlabs.org/patch/1104071/, this
commit adds a new option that allows the user to provide a file that
contains custom definitions to tweak the Dropbear configuration. It
will be appended to Dropbear's localoptions.h file before the build.

The patch was tested successfully with the DO_MOTD option.

Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
[Thomas: tweak commit log, rename config option.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-06-01 11:44:49 +02:00

77 lines
2.3 KiB
Plaintext

config BR2_PACKAGE_DROPBEAR
bool "dropbear"
select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL
select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL
help
A small SSH 2 server designed for small memory environments.
Note that dropbear requires a per-device unique host key. The
key will be generated when dropbear starts, but it is not
persistent over reboot (if you have a read-only rootfs) or
upgrade (if you have a read-write rootfs). To make the key
persistent, replace /etc/dropbear with a symlink to a
directory on a persistent, writeable filesystem.
Alternatively, mount a persistent unionfs over your root
filesystem.
https://matt.ucc.asn.au/dropbear/dropbear.html
if BR2_PACKAGE_DROPBEAR
config BR2_PACKAGE_DROPBEAR_CLIENT
bool "client programs"
default y
help
Provides the programs: dbclient, ssh
Note that the following programs are also used server-side
and are therefore always build regardless this setting:
dropbear, dropbearkey, dropbearconvert, scp
config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS
bool "disable reverse DNS lookups"
help
Disable reverse DNS lookups on connection. This can be handy
on systems without working DNS, as connections otherwise
stall until DNS times out.
config BR2_PACKAGE_DROPBEAR_SMALL
bool "optimize for size"
default y
help
Compile dropbear for the smallest possible binary size.
Tradeoffs are slower hashes and ciphers, and disabling of the
blowfish cipher and zlib.
config BR2_PACKAGE_DROPBEAR_WTMP
bool "log dropbear access to wtmp"
help
Enable logging of dropbear access to wtmp. Notice that
Buildroot does not generate wtmp by default.
config BR2_PACKAGE_DROPBEAR_LASTLOG
bool "log dropbear access to lastlog"
help
Enable logging of dropbear access to lastlog. Notice that
Buildroot does not generate lastlog by default.
config BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO
bool "enable legacy crypto"
help
Enable legacy and possibly insecure algorithms:
3DES encryption
SHA1-96 message integrity
CBC encryption mode
DSA public keys
Diffie-Hellman Group1 key exchange
config BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE
string "path to custom localoptions.h definitions file"
help
Path to a file whose contents will be appended to Dropbear
localoptions.h. It can be used to tweak the Dropbear
configuration.
endif