72d4d098b0
Dropbear by default enables a number of algorithms that are now considered insecure and should only be used when legacy support is required: 3DES encryption Blowfish encryption SHA1-96 message integrity CBC encryption mode DSA public keys Diffie-Hellman Group1 key exchange So disable them by default, but add a config option for bringing them back. Furthermore the Blowfish legacy algorithm is unconditionally disabled Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com> Reviewed-by: Baruch Siach <baruch@tkos.co.il> Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> |
||
|---|---|---|
| .. | ||
| 0001-only-advertise-single-server-ecdsa-key-when-R-is-used.patch | ||
| Config.in | ||
| dropbear.hash | ||
| dropbear.mk | ||
| dropbear.service | ||
| etc-pam.d-sshd | ||
| S50dropbear | ||