Mercurial > dropbear
comparison options.h @ 1225:6a7938ba004a
add dh group15 and group16, disabled by default
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 15 Jan 2016 00:19:11 +0800 |
| parents | f567a4152c14 |
| children | 739b3909c499 |
comparison
equal
deleted
inserted
replaced
| 1224:82e2037d34ea | 1225:6a7938ba004a |
|---|---|
| 150 /* ECDSA is significantly faster than RSA or DSS. Compiling in ECC | 150 /* ECDSA is significantly faster than RSA or DSS. Compiling in ECC |
| 151 * code (either ECDSA or ECDH) increases binary size - around 30kB | 151 * code (either ECDSA or ECDH) increases binary size - around 30kB |
| 152 * on x86-64 */ | 152 * on x86-64 */ |
| 153 #define DROPBEAR_ECDSA | 153 #define DROPBEAR_ECDSA |
| 154 | 154 |
| 155 /* These larger DH groups (3072 and 4096 bit respectively) add to binary size | |
| 156 and may be significantly slower. Usually ECDH or curve25519 will be a better option */ | |
| 157 /*#define DROPBEAR_DH_GROUP15*/ | |
| 158 /*#define DROPBEAR_DH_GROUP16*/ | |
| 159 | |
| 155 /* Generate hostkeys as-needed when the first connection using that key type occurs. | 160 /* Generate hostkeys as-needed when the first connection using that key type occurs. |
| 156 This avoids the need to otherwise run "dropbearkey" and avoids some problems | 161 This avoids the need to otherwise run "dropbearkey" and avoids some problems |
| 157 with badly seeded /dev/urandom when systems first boot. | 162 with badly seeded /dev/urandom when systems first boot. |
| 158 This also requires a runtime flag "-R". This adds ~4kB to binary size (or hardly | 163 This also requires a runtime flag "-R". This adds ~4kB to binary size (or hardly |
| 159 anything if dropbearkey is linked in a "dropbearmulti" binary) */ | 164 anything if dropbearkey is linked in a "dropbearmulti" binary) */ |