Mercurial > dropbear
comparison options.h @ 66:38c3146aa23d
Some more sanity-checking of args, and just warn and ignore OpenSSH args
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 12 Aug 2004 14:19:05 +0000 |
| parents | 02e4a7f614f8 |
| children | eee77ac31ccc |
comparison
equal
deleted
inserted
replaced
| 65:02e4a7f614f8 | 66:38c3146aa23d |
|---|---|
| 45 /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is | 45 /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is |
| 46 * perhaps 20% slower for pubkey operations (it is probably worth experimenting | 46 * perhaps 20% slower for pubkey operations (it is probably worth experimenting |
| 47 * if you want to use this) */ | 47 * if you want to use this) */ |
| 48 /*#define NO_FAST_EXPTMOD*/ | 48 /*#define NO_FAST_EXPTMOD*/ |
| 49 | 49 |
| 50 /* Enable X11 Forwarding */ | 50 /* Enable X11 Forwarding - server only */ |
| 51 #define ENABLE_X11FWD | 51 #define ENABLE_X11FWD |
| 52 | 52 |
| 53 /* Enable TCP Fowarding */ | 53 /* Enable TCP Fowarding */ |
| 54 /* "-L" style forwarding (client listening port forwarded via server) */ | 54 /* 'Local' is "-L" style (client listening port forwarded via server) |
| 55 * 'Remote' is "-R" style (server listening port forwarded via client) */ | |
| 56 | |
| 55 #define ENABLE_CLI_LOCALTCPFWD | 57 #define ENABLE_CLI_LOCALTCPFWD |
| 56 /* "-R" style forwarding (server listening port forwarded via client) */ | |
| 57 #define ENABLE_CLI_REMOTETCPFWD | 58 #define ENABLE_CLI_REMOTETCPFWD |
| 58 | 59 |
| 59 #define ENABLE_SVR_LOCALTCPFWD | 60 #define ENABLE_SVR_LOCALTCPFWD |
| 60 #define ENABLE_SVR_REMOTETCPFWD | 61 #define ENABLE_SVR_REMOTETCPFWD |
| 61 | 62 |
| 62 /* Enable Authentication Agent Forwarding */ | 63 /* Enable Authentication Agent Forwarding - server only for now */ |
| 63 #define ENABLE_AGENTFWD | 64 #define ENABLE_AGENTFWD |
| 64 | 65 |
| 65 /* Encryption - at least one required. | 66 /* Encryption - at least one required. |
| 66 * RFC Draft requires 3DES, and recommends Blowfish, AES128 & Twofish128 */ | 67 * RFC Draft requires 3DES, and recommends Blowfish, AES128 & Twofish128 */ |
| 67 #define DROPBEAR_AES128_CBC | 68 #define DROPBEAR_AES128_CBC |
| 111 #define MOTD_FILENAME "/etc/motd" | 112 #define MOTD_FILENAME "/etc/motd" |
| 112 #endif | 113 #endif |
| 113 | 114 |
| 114 /* Authentication types to enable, at least one required. | 115 /* Authentication types to enable, at least one required. |
| 115 RFC Draft requires pubkey auth, and recommends password */ | 116 RFC Draft requires pubkey auth, and recommends password */ |
| 116 #define DROPBEAR_PASSWORD_AUTH | 117 #define DROPBEAR_SVR_PASSWORD_AUTH |
| 117 #define DROPBEAR_PUBKEY_AUTH | 118 #define DROPBEAR_SVR_PUBKEY_AUTH |
| 119 | |
| 120 #define DROPBEAR_CLI_PASSWORD_AUTH | |
| 121 #define DROPBEAR_CLI_PUBKEY_AUTH | |
| 118 | 122 |
| 119 /* Random device to use - you must specify _one only_. | 123 /* Random device to use - you must specify _one only_. |
| 120 * DEV_RANDOM is recommended on hosts with a good /dev/urandom, otherwise use | 124 * DEV_RANDOM is recommended on hosts with a good /dev/urandom, otherwise use |
| 121 * PRNGD and run prngd, specifying the socket. This device must be able to | 125 * PRNGD and run prngd, specifying the socket. This device must be able to |
| 122 * produce a large amount of random data, so using /dev/random or Entropy | 126 * produce a large amount of random data, so using /dev/random or Entropy |
| 134 * not yet authenticated. After this limit, connections are rejected */ | 138 * not yet authenticated. After this limit, connections are rejected */ |
| 135 #ifndef MAX_UNAUTH_CLIENTS | 139 #ifndef MAX_UNAUTH_CLIENTS |
| 136 #define MAX_UNAUTH_CLIENTS 30 | 140 #define MAX_UNAUTH_CLIENTS 30 |
| 137 #endif | 141 #endif |
| 138 | 142 |
| 139 /* Maximum number of failed authentication tries */ | 143 /* Maximum number of failed authentication tries (server option) */ |
| 140 #ifndef MAX_AUTH_TRIES | 144 #ifndef MAX_AUTH_TRIES |
| 141 #define MAX_AUTH_TRIES 10 | 145 #define MAX_AUTH_TRIES 10 |
| 142 #endif | 146 #endif |
| 143 | 147 |
| 144 /* The file to store the daemon's process ID, for shutdown scripts etc */ | 148 /* The file to store the daemon's process ID, for shutdown scripts etc */ |
| 157 * be enabled */ | 161 * be enabled */ |
| 158 #ifndef SFTPSERVER_PATH | 162 #ifndef SFTPSERVER_PATH |
| 159 #define SFTPSERVER_PATH "/usr/libexec/sftp-server" | 163 #define SFTPSERVER_PATH "/usr/libexec/sftp-server" |
| 160 #endif | 164 #endif |
| 161 | 165 |
| 162 /* This is used by the scp binary when used as a client binary */ | 166 /* This is used by the scp binary when used as a client binary. If you're |
| 163 #define _PATH_SSH_PROGRAM "/usr/bin/ssh" | 167 * not using the Dropbear client, you'll need to change it */ |
| 168 #define _PATH_SSH_PROGRAM "/usr/bin/dbclient" | |
| 164 | 169 |
| 165 /* Multi-purpose binary configuration has now moved. Look at the top | 170 /* Multi-purpose binary configuration has now moved. Look at the top |
| 166 * of the Makefile for instructions, or INSTALL */ | 171 * of the Makefile for instructions, or INSTALL */ |
| 167 | 172 |
| 168 /******************************************************************* | 173 /******************************************************************* |