Mercurial > dropbear

comparison options.h @ 314:827f87dfbc22 ucc-axis-hack

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
*hack hack hack* get rid of a few more bits
author matt-ucc@ucc.asn.au
date Mon, 27 Mar 2006 08:36:44 +0000
parents 24056a5eb75b
children
comparison
equal deleted inserted replaced
313:fabcee551349 314:827f87dfbc22
37 * lasts for a single connection. Dropbear should be invoked with the -i flag 37 * lasts for a single connection. Dropbear should be invoked with the -i flag
38 * for inetd, and can only accept IPv4 connections. 38 * for inetd, and can only accept IPv4 connections.
39 * 39 *
40 * Both of these flags can be defined at once, don't compile without at least 40 * Both of these flags can be defined at once, don't compile without at least
41 * one of them. */ 41 * one of them. */
42 #define NON_INETD_MODE 42 //#define NON_INETD_MODE
43 #define INETD_MODE 43 #define INETD_MODE
44 44
45 /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is 45 /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
46 * perhaps 20% slower for pubkey operations (it is probably worth experimenting 46 * perhaps 20% slower for pubkey operations (it is probably worth experimenting
47 * if you want to use this) */ 47 * if you want to use this) */
57 57
58 /* Enable TCP Fowarding */ 58 /* Enable TCP Fowarding */
59 /* 'Local' is "-L" style (client listening port forwarded via server) 59 /* 'Local' is "-L" style (client listening port forwarded via server)
60 * 'Remote' is "-R" style (server listening port forwarded via client) */ 60 * 'Remote' is "-R" style (server listening port forwarded via client) */
61 61
62 #define ENABLE_CLI_LOCALTCPFWD 62 //#define ENABLE_CLI_LOCALTCPFWD
63 #define ENABLE_CLI_REMOTETCPFWD 63 //#define ENABLE_CLI_REMOTETCPFWD
64 64
65 #define ENABLE_SVR_LOCALTCPFWD 65 //#define ENABLE_SVR_LOCALTCPFWD
66 #define ENABLE_SVR_REMOTETCPFWD 66 //#define ENABLE_SVR_REMOTETCPFWD
67 67
68 /* Enable Authentication Agent Forwarding - server only for now */ 68 /* Enable Authentication Agent Forwarding - server only for now */
69 #define ENABLE_AGENTFWD 69 //#define ENABLE_AGENTFWD
70 70
71 /* Encryption - at least one required. 71 /* Encryption - at least one required.
72 * RFC Draft requires 3DES and recommends AES128 for interoperability. 72 * RFC Draft requires 3DES and recommends AES128 for interoperability.
73 * Including multiple keysize variants the same cipher 73 * Including multiple keysize variants the same cipher
74 * (eg AES256 as well as AES128) will result in a minimal size increase.*/ 74 * (eg AES256 as well as AES128) will result in a minimal size increase.*/
97 97
98 /* Hostkey/public key algorithms - at least one required, these are used 98 /* Hostkey/public key algorithms - at least one required, these are used
99 * for hostkey as well as for verifying signatures with pubkey auth. 99 * for hostkey as well as for verifying signatures with pubkey auth.
100 * Removing either of these won't save very much space. 100 * Removing either of these won't save very much space.
101 * SSH2 RFC Draft requires dss, recommends rsa */ 101 * SSH2 RFC Draft requires dss, recommends rsa */
102 #define DROPBEAR_RSA 102 //#define DROPBEAR_RSA
103 #define DROPBEAR_DSS 103 #define DROPBEAR_DSS
104 104
105 /* RSA can be vulnerable to timing attacks which use the time required for 105 /* RSA can be vulnerable to timing attacks which use the time required for
106 * signing to guess the private key. Blinding avoids this attack, though makes 106 * signing to guess the private key. Blinding avoids this attack, though makes
107 * signing operations slightly slower. */ 107 * signing operations slightly slower. */
134 * but there's an interface via a PAM module - don't bother using it otherwise. 134 * but there's an interface via a PAM module - don't bother using it otherwise.
135 * You can't enable both PASSWORD and PAM. */ 135 * You can't enable both PASSWORD and PAM. */
136 136
137 #define ENABLE_SVR_PASSWORD_AUTH 137 #define ENABLE_SVR_PASSWORD_AUTH
138 /* #define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */ 138 /* #define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */
139 #define ENABLE_SVR_PUBKEY_AUTH 139 //#define ENABLE_SVR_PUBKEY_AUTH
140 140
141 #define ENABLE_CLI_PASSWORD_AUTH 141 #define ENABLE_CLI_PASSWORD_AUTH
142 #define ENABLE_CLI_PUBKEY_AUTH 142 //#define ENABLE_CLI_PUBKEY_AUTH
143 #define ENABLE_CLI_INTERACT_AUTH 143 //#define ENABLE_CLI_INTERACT_AUTH
144 144
145 /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of 145 /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
146 * a helper program for the ssh client. The helper program should be 146 * a helper program for the ssh client. The helper program should be
147 * specified in the SSH_ASKPASS environment variable, and dbclient 147 * specified in the SSH_ASKPASS environment variable, and dbclient
148 * should be run with DISPLAY set and no tty. The program should 148 * should be run with DISPLAY set and no tty. The program should
197 197
198 /* if you want to enable running an sftp server (such as the one included with 198 /* if you want to enable running an sftp server (such as the one included with
199 * OpenSSH), set the path below. If the path isn't defined, sftp will not 199 * OpenSSH), set the path below. If the path isn't defined, sftp will not
200 * be enabled */ 200 * be enabled */
201 #ifndef SFTPSERVER_PATH 201 #ifndef SFTPSERVER_PATH
202 #define SFTPSERVER_PATH "/usr/libexec/sftp-server" 202 //#define SFTPSERVER_PATH "/usr/libexec/sftp-server"
203 #endif 203 #endif
204 204
205 /* This is used by the scp binary when used as a client binary. If you're 205 /* This is used by the scp binary when used as a client binary. If you're
206 * not using the Dropbear client, you'll need to change it */ 206 * not using the Dropbear client, you'll need to change it */
207 #define _PATH_SSH_PROGRAM "/usr/bin/dbclient" 207 #define _PATH_SSH_PROGRAM "/usr/bin/dbclient"