dropbear: options.h comparison

Just use /dev/urandom since that's what everyone ends up using anyway. Make -u a nop.

comparison

equal deleted inserted replaced

-:edbee0596531
+:2cd2edfa11ee
 * DROPBEAR_RANDOM_DEV is recommended on hosts with a good /dev/(u)random,
 * otherwise use run prngd (or egd if you want), specifying the socket.
 * The device will be queried for a few dozen bytes of seed a couple of times
 * per session (or more for very long-lived sessions). */
-/* If you are lacking entropy on the system then using /dev/urandom
+/* We'll use /dev/urandom by default, since /dev/random is too much hassle.
-* will prevent Dropbear from blocking on the device. This could
+* If system developers aren't keeping seeds between boots nor getting
-* however significantly reduce the security of your ssh connections
+* any entropy from somewhere it's their own fault. */
-* if the PRNG state becomes guessable - make sure you know what you are
+#define DROPBEAR_RANDOM_DEV "/dev/urandom"
-* doing if you change this. */
-#define DROPBEAR_RANDOM_DEV "/dev/random"
-/* The -u flag on the commandline can also be used */
-#define DROPBEAR_URANDOM_DEV "/dev/urandom"
 /* prngd must be manually set up to produce output */
 /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
 /* Specify the number of clients we will allow to be connected but

Mercurial > dropbear