Mercurial > dropbear
comparison options.h @ 989:73ea0dce9a57 pam
Merge up to date
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Fri, 23 Jan 2015 21:38:47 +0800 |
parents | bae0b34bc059 6c0fb5428aaa |
children | 2fa71c3b2827 |
comparison
equal
deleted
inserted
replaced
925:bae0b34bc059 | 989:73ea0dce9a57 |
---|---|
121 * These hashes are also used for public key fingerprints in logs. | 121 * These hashes are also used for public key fingerprints in logs. |
122 * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, | 122 * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, |
123 * which are not the standard form. */ | 123 * which are not the standard form. */ |
124 #define DROPBEAR_SHA1_HMAC | 124 #define DROPBEAR_SHA1_HMAC |
125 #define DROPBEAR_SHA1_96_HMAC | 125 #define DROPBEAR_SHA1_96_HMAC |
126 /*#define DROPBEAR_SHA2_256_HMAC*/ | 126 #define DROPBEAR_SHA2_256_HMAC |
127 /*#define DROPBEAR_SHA2_512_HMAC*/ | 127 #define DROPBEAR_SHA2_512_HMAC |
128 #define DROPBEAR_MD5_HMAC | 128 #define DROPBEAR_MD5_HMAC |
129 | 129 |
130 /* You can also disable integrity. Don't bother disabling this if you're | 130 /* You can also disable integrity. Don't bother disabling this if you're |
131 * still using a cipher, it's relatively cheap. If you disable this it's dead | 131 * still using a cipher, it's relatively cheap. If you disable this it's dead |
132 * simple for an attacker to run arbitrary commands on the remote host. Beware. */ | 132 * simple for an attacker to run arbitrary commands on the remote host. Beware. */ |
255 #endif | 255 #endif |
256 | 256 |
257 /* The command to invoke for xauth when using X11 forwarding. | 257 /* The command to invoke for xauth when using X11 forwarding. |
258 * "-q" for quiet */ | 258 * "-q" for quiet */ |
259 #ifndef XAUTH_COMMAND | 259 #ifndef XAUTH_COMMAND |
260 #define XAUTH_COMMAND "/usr/bin/X11/xauth -q" | 260 #define XAUTH_COMMAND "/usr/bin/xauth -q" |
261 #endif | 261 #endif |
262 | 262 |
263 /* if you want to enable running an sftp server (such as the one included with | 263 /* if you want to enable running an sftp server (such as the one included with |
264 * OpenSSH), set the path below. If the path isn't defined, sftp will not | 264 * OpenSSH), set the path below. If the path isn't defined, sftp will not |
265 * be enabled */ | 265 * be enabled */ |
299 | 299 |
300 /* Ensure that data is transmitted every KEEPALIVE seconds. This can | 300 /* Ensure that data is transmitted every KEEPALIVE seconds. This can |
301 be overridden at runtime with -K. 0 disables keepalives */ | 301 be overridden at runtime with -K. 0 disables keepalives */ |
302 #define DEFAULT_KEEPALIVE 0 | 302 #define DEFAULT_KEEPALIVE 0 |
303 | 303 |
304 /* If this many KEEPALIVES are sent with no packets received from the | |
305 other side, exit. Not run-time configurable - if you have a need | |
306 for runtime configuration please mail the Dropbear list */ | |
307 #define DEFAULT_KEEPALIVE_LIMIT 3 | |
308 | |
304 /* Ensure that data is received within IDLE_TIMEOUT seconds. This can | 309 /* Ensure that data is received within IDLE_TIMEOUT seconds. This can |
305 be overridden at runtime with -I. 0 disables idle timeouts */ | 310 be overridden at runtime with -I. 0 disables idle timeouts */ |
306 #define DEFAULT_IDLE_TIMEOUT 0 | 311 #define DEFAULT_IDLE_TIMEOUT 0 |
307 | 312 |
308 /* The default path. This will often get replaced by the shell */ | 313 /* The default path. This will often get replaced by the shell */ |