summaryrefslogtreecommitdiffhomepage
path: root/options.h
AgeCommit message (Collapse)Author
2016-05-04Convert #ifdef to #if, other build changesMatt Johnston
2016-05-02options for disabling "normal" DHMatt Johnston
2016-05-02move group14 and group16 to options.h, group14-sha256 on by defaultMatt Johnston
2016-03-12Get rid of group15, move group16 to sha512.Matt Johnston
New groups are disabled by default pending draft-ietf-curdle-ssh-kex-sha2-02 being finalised
2016-01-15add dh group15 and group16, disabled by defaultMatt Johnston
2015-10-21Test for crypt() rather than crypt.hMatt Johnston
Print a message from configure if getpass() or crypt() were missing
2015-10-21fix default build when getpass() is unavailableMike Frysinger
if the system doesn't support getpass, we still default on the options that require it which causes a build failure. instead, only default enable these when getpass is available.
2015-10-21fix default build when crypt() is unavailableMike Frysinger
if the system doesn't support crypt.h/crypt, then ENABLE_SVR_PASSWORD_AUTH cannot work. rather than default this to on all the time, do so only when support for the header is found.
2015-08-03change DROPBEAR_DEFAULT_CLI_AUTHKEY to just prepend homedirMatt Johnston
rather than doing ~ expansion
2015-06-03Disable twofish-ctr by default, add config optionMatt Johnston
2015-02-24DROPBEAR_ prefix for include guards to avoid collisionsThorsten Horstmann
2015-02-10Tighten validation of DH values. Odds of x==0 being generated areMatt Johnston
improbable, roughly 2**-1023 Regression in 0.49
2015-01-28Disable non-delayed zlib for serverMatt Johnston
2015-01-24Default client key path ~/.ssh/id_dropbearMatt Johnston
2015-01-23Add config option to disable cbc. Disable twofish by defaultMatt Johnston
2015-01-13Enable sha2 HMACs by default, they're required for ecdsa alreadyMatt Johnston
2014-08-01use xauth in /usr/binMike Frysinger
Since the x.org rework, X has been installed into standard paths and not its own random prefixes. I think it's time we update the default paths accordingly.
2014-07-09Make -K keepalive behave like OpenSSH's ServerAliveIntervalMatt Johnston
2014-02-19CHANGES for 2014.63Matt Johnston
2014-01-17DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by defaultMatt Johnston
2013-11-14use oldstyle commentsMatt Johnston
2013-11-09comments, turn off debugging optionsMatt Johnston
--HG-- branch : ecc
2013-11-09- Make curve25519 work after fixing a typo, interoperates with OpenSSHMatt Johnston
- comment on ecc binary size effects --HG-- branch : ecc
2013-11-08MergeMatt Johnston
--HG-- branch : ecc
2013-11-08curve25519Matt Johnston
--HG-- branch : ecc
2013-11-07Add '-R' for delayed hostkey optionMatt Johnston
--HG-- branch : keyondemand
2013-11-07refactor key generation, make it generate as required.Matt Johnston
Needs UI in server command line options --HG-- branch : keyondemand
2013-05-21Enable SMALL_CODE by defaultMatt Johnston
--HG-- branch : ecc
2013-05-21merge in HEADMatt Johnston
--HG-- branch : ecc
2013-05-03ecdsa is workingMatt Johnston
--HG-- branch : ecc
2013-04-18Don't enable CLI_IMMEDIATE_AUTH by default, it breaks blank password loginsMatt Johnston
2013-04-09start on ecdsa keysMatt Johnston
--HG-- branch : ecc
2013-04-07ecc kind of works, needs fixing/testingMatt Johnston
--HG-- branch : ecc
2013-04-03Fix a few options and headersMatt Johnston
2013-03-29Add kexguess2 behaviourMatt Johnston
--HG-- branch : kexguess
2013-03-26refactor kexdh code a bit, start working on ecdh etcMatt Johnston
--HG-- branch : ecc
2013-03-20Fix "-c none" so that it allows aes during authenticationMatt Johnston
Default for options.h shouldn't allow "none"
2013-03-20Merge "none" cipher/MAC branch. Also adds sha256 and sha512Matt Johnston
2013-02-23DSS_PROTOK is not necessary now that private keys are includedMatt Johnston
in the random generation input
2013-02-12Allow configuring "allow blank password option" at runtimePaul Eggleton
Changes this from a compile-time switch to a command-line option. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2012-06-29Improve RNG seeding.Matt Johnston
Try to read from /dev/urandom multiple times, take input from extra sources, and use /dev/random when generating private keys
2012-05-17- Only request "none" cipher after auth has succeededMatt Johnston
--HG-- branch : insecure-nocrypto
2012-05-17Add ALLOW_NONE_PASSWORD_AUTH optionMatt Johnston
--HG-- branch : insecure-nocrypto
2012-05-17Merge in "-m"/"-c" codeMatt Johnston
--HG-- branch : insecure-nocrypto
2012-05-17ENABLE_USER_ALGO_LIST should work for the clientMatt Johnston
2012-05-17Add rough support for choosing ciphers/hashes with "-c" or "-m"Matt Johnston
2012-05-16Update insecure-nocrypto to current headMatt Johnston
--HG-- branch : insecure-nocrypto
2012-05-16Disable SHA256 and SHA512 by default in options.hMatt Johnston
--HG-- branch : sha2
2012-05-10- Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to beMatt Johnston
getting keyed incorrectly --HG-- branch : sha2
2012-05-09Fix empty password immediate loginMatt Johnston