kumquat-buildroot/package/dropbear
Stefan Sørensen 72d4d098b0 dropbear: Disable legacy/insecure options
Dropbear by default enables a number of algorithms that are now considered
insecure and should only be used when legacy support is required:
   3DES encryption
   Blowfish encryption
   SHA1-96 message integrity
   CBC encryption mode
   DSA public keys
   Diffie-Hellman Group1 key exchange

So disable them by default, but add a config option for bringing them back.
Furthermore the Blowfish legacy algorithm is unconditionally disabled

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-07-04 21:43:55 +02:00
..
0001-only-advertise-single-server-ecdsa-key-when-R-is-used.patch dropbear: Fix host key loading with 521 bit ecdsa keys 2018-05-05 09:13:15 +02:00
Config.in dropbear: Disable legacy/insecure options 2018-07-04 21:43:55 +02:00
dropbear.hash
dropbear.mk dropbear: Disable legacy/insecure options 2018-07-04 21:43:55 +02:00
dropbear.service
etc-pam.d-sshd dropbear: enable PAM authentication if linux-pam is selected 2018-06-30 18:28:23 +02:00
S50dropbear