Mercurial > dropbear

comparison options.h @ 685:5af8993f7529 insecure-nocrypto

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add ALLOW_NONE_PASSWORD_AUTH option
author Matt Johnston <matt@ucc.asn.au>
date Thu, 17 May 2012 08:33:11 +0800
parents c37857676924
children 983a817f8e41
comparison
equal deleted inserted replaced
684:c37857676924 685:5af8993f7529
101 #define DROPBEAR_ENABLE_CTR_MODE 101 #define DROPBEAR_ENABLE_CTR_MODE
102 102
103 /* You can compile with no encryption if you want. In some circumstances 103 /* You can compile with no encryption if you want. In some circumstances
104 * this could be safe security-wise, though make sure you know what 104 * this could be safe security-wise, though make sure you know what
105 * you're doing. Anyone can see everything that goes over the wire, so 105 * you're doing. Anyone can see everything that goes over the wire, so
106 * the only safe auth method is public key. You'll have to disable all other 106 * the only safe auth method is public key. */
107 * ciphers above in the client if you want to use this, or implement cipher
108 * prioritisation in cli-runopts.
109 *
110 * The best way to do things is probably make normal compile of dropbear with
111 * all ciphers including "none" as the server, then recompile a special
112 * "dbclient-insecure" client. */
113 #define DROPBEAR_NONE_CIPHER 107 #define DROPBEAR_NONE_CIPHER
108
109 /* Define this to allow password authentication even when no encryption
110 * is being used. This can be unsafe */
111 #define ALLOW_NONE_PASSWORD_AUTH
114 112
115 /* Message Integrity - at least one required. 113 /* Message Integrity - at least one required.
116 * Protocol RFC requires sha1 and recommends sha1-96. 114 * Protocol RFC requires sha1 and recommends sha1-96.
117 * sha1-96 is of use for slow links as it has a smaller overhead. 115 * sha1-96 is of use for slow links as it has a smaller overhead.
118 * 116 *