diff options
author | Matt Johnston <matt@ucc.asn.au> | 2015-01-28 22:49:28 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2015-01-28 22:49:28 +0800 |
commit | 9d495ab2b5ab69ebb2cc65cc748a86d19d6be1d7 (patch) | |
tree | 601d89e90c39cfa7c53e01b6438945ce920f8717 | |
parent | 9174de47a9f8dfa817e65bea99fd3ee8b8f85511 (diff) |
changes for 2015.67
-rw-r--r-- | CHANGES | 29 |
1 files changed, 29 insertions, 0 deletions
@@ -1,3 +1,32 @@ +2015.67 - Wednesday 28 January 2015 + +- Call fsync() after generating private keys to ensure they aren't lost if a + reboot occurs. Thanks to Peter Korsgaard + +- Disable non-delayed zlib compression by default on the server. Can be + enabled if required for old clients with DROPBEAR_SERVER_DELAY_ZLIB + +- Default client key path ~/.ssh/id_dropbear + +- Prefer stronger algorithms by default, from Fedor Brunner. + AES256 over 3DES + Diffie-hellman group14 over group1 + +- Add option to disable CBC ciphers. + +- Disable twofish in default options.h + +- Enable sha2 HMAC algorithms by default, the code was already required + for ECC key exchange. sha1 is the first preference still for performance. + +- Fix installing dropbear.8 in a separate build directory, from Like Ma + +- Allow configure to succeed if libtomcrypt/libtommath are missing, from Elan Ruusamäe + +- Don't crash if ssh-agent provides an unknown type of key. From Catalin Patulea + +- Minor bug fixes, a few issues found by Coverity scan + 2014.66 - Thursday 23 October 2014 - Use the same keepalive handling behaviour as OpenSSH. This will work better |