diff options
author | Matt Johnston <matt@ucc.asn.au> | 2012-04-12 21:57:30 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2012-04-12 21:57:30 +0800 |
commit | 3e2b6a18211671b42f4a7803ff33401ae0785ee3 (patch) | |
tree | 182f7e6b66a893663743778326b215bcb60e454a | |
parent | 4d009daaa0fc6bfa3e809043b3a410dd17209a09 (diff) |
Improve comment about sha1-96
-rw-r--r-- | options.h | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -99,16 +99,17 @@ much traffic. */ /* Message Integrity - at least one required. * Protocol RFC requires sha1 and recommends sha1-96. - * sha1-96 may be of use for slow links, as it has a smaller overhead. + * sha1-96 is of use for slow links as it has a smaller overhead. * - * Note: there's no point disabling sha1 to save space, since it's used - * for the random number generator and public-key cryptography anyway. + * There's no reason to disable sha1 or sha1-96 to save space since it's + * used for the random number generator and public-key cryptography anyway. * Disabling it here will just stop it from being used as the integrity portion * of the ssh protocol. * * These hashes are also used for public key fingerprints in logs. * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, * which are not the standard form. */ + #define DROPBEAR_SHA1_HMAC #define DROPBEAR_SHA1_96_HMAC #define DROPBEAR_MD5_HMAC |