dropbear: TODO annotate

annotate TODO @ 994:5c5ade336926

Prefer stronger algorithms in algorithm negotiation. Prefer diffie-hellman-group14-sha1 (2048 bit) over diffie-hellman-group1-sha1 (1024 bit). Due to meet-in-the-middle attacks the effective key length of three key 3DES is 112 bits. AES is stronger and faster then 3DES. Prefer to delay the start of compression until after authentication has completed. This avoids exposing compression code to attacks from unauthenticated users. (github pull request #9)

author	Fedor Brunner <fedor.brunner@azet.sk>
date	Fri, 23 Jan 2015 23:00:25 +0800
parents	0cbe8f6dbf9e
children

rev	line source
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 Current:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2
69 59d16db56e9f Simple text changes Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	3 Things which might need doing:
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4
215 aad4b3f58556 rename PubkeyList to SignKeyList for clarity Matt Johnston <matt@ucc.asn.au> parents: 193 diff changeset	5 - default private dbclient keys
aad4b3f58556 rename PubkeyList to SignKeyList for clarity Matt Johnston <matt@ucc.asn.au> parents: 193 diff changeset	6
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 - Make options.h generated from configure perhaps?
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8
90 c2ac796b130e merge of 00b67a11e33c3ed390556805ed6d1078528bee70 Matt Johnston <matt@ucc.asn.au> parents: 75 diff changeset	9 - handle /etc/environment in AIX
c2ac796b130e merge of 00b67a11e33c3ed390556805ed6d1078528bee70 Matt Johnston <matt@ucc.asn.au> parents: 75 diff changeset	10
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 - check that there aren't timing issues with valid/invalid user authentication
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 feedback.
280 59400faa4b44 Re-import libtomcrypt 1.05 for cleaner propagating. Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13
69 59d16db56e9f Simple text changes Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	14 - Binding to different interfaces
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15
193 ca6a7c7a925c Preparing for 0.46 Matt Johnston <matt@ucc.asn.au> parents: 185 diff changeset	16 - CTR mode
ca6a7c7a925c Preparing for 0.46 Matt Johnston <matt@ucc.asn.au> parents: 185 diff changeset	17 - SSH_MSG_IGNORE sending to improve CBC security
69 59d16db56e9f Simple text changes Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	18 - DH Group Exchange possibly, or just add group14 (whatever it's called today)
380 d5faf4814ddb Update to LibTomCrypt 1.16 Matt Johnston <matt@ucc.asn.au> parents: 280 diff changeset	19
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 - fix scp.c for IRIX
75 a54d20c96178 Some documentation touchups Matt Johnston <matt@ucc.asn.au> parents: 69 diff changeset	21
a54d20c96178 Some documentation touchups Matt Johnston <matt@ucc.asn.au> parents: 69 diff changeset	22 - Be able to use OpenSSH keys for the client? or at least have some form of
a54d20c96178 Some documentation touchups Matt Johnston <matt@ucc.asn.au> parents: 69 diff changeset	23 encrypted keys.
161 b9d3f725e00b 0.44 release changes Matt Johnston <matt@ucc.asn.au> parents: 111 diff changeset	24
75 a54d20c96178 Some documentation touchups Matt Johnston <matt@ucc.asn.au> parents: 69 diff changeset	25 - Client agent forwarding
161 b9d3f725e00b 0.44 release changes Matt Johnston <matt@ucc.asn.au> parents: 111 diff changeset	26
b9d3f725e00b 0.44 release changes Matt Johnston <matt@ucc.asn.au> parents: 111 diff changeset	27 - Handle restrictions in ~/.ssh/authorized_keys ?

Mercurial > dropbear

annotate TODO @ 994:5c5ade336926