Mercurial > dropbear
comparison options.h @ 685:5af8993f7529 insecure-nocrypto
Add ALLOW_NONE_PASSWORD_AUTH option
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 17 May 2012 08:33:11 +0800 |
parents | c37857676924 |
children | 983a817f8e41 |
comparison
equal
deleted
inserted
replaced
684:c37857676924 | 685:5af8993f7529 |
---|---|
101 #define DROPBEAR_ENABLE_CTR_MODE | 101 #define DROPBEAR_ENABLE_CTR_MODE |
102 | 102 |
103 /* You can compile with no encryption if you want. In some circumstances | 103 /* You can compile with no encryption if you want. In some circumstances |
104 * this could be safe security-wise, though make sure you know what | 104 * this could be safe security-wise, though make sure you know what |
105 * you're doing. Anyone can see everything that goes over the wire, so | 105 * you're doing. Anyone can see everything that goes over the wire, so |
106 * the only safe auth method is public key. You'll have to disable all other | 106 * the only safe auth method is public key. */ |
107 * ciphers above in the client if you want to use this, or implement cipher | |
108 * prioritisation in cli-runopts. | |
109 * | |
110 * The best way to do things is probably make normal compile of dropbear with | |
111 * all ciphers including "none" as the server, then recompile a special | |
112 * "dbclient-insecure" client. */ | |
113 #define DROPBEAR_NONE_CIPHER | 107 #define DROPBEAR_NONE_CIPHER |
108 | |
109 /* Define this to allow password authentication even when no encryption | |
110 * is being used. This can be unsafe */ | |
111 #define ALLOW_NONE_PASSWORD_AUTH | |
114 | 112 |
115 /* Message Integrity - at least one required. | 113 /* Message Integrity - at least one required. |
116 * Protocol RFC requires sha1 and recommends sha1-96. | 114 * Protocol RFC requires sha1 and recommends sha1-96. |
117 * sha1-96 is of use for slow links as it has a smaller overhead. | 115 * sha1-96 is of use for slow links as it has a smaller overhead. |
118 * | 116 * |