comparison CHANGES @ 1004:d63b569a7c86

changes for 2015.67
author Matt Johnston <matt@ucc.asn.au>
date Wed, 28 Jan 2015 22:49:28 +0800
parents 735511a4c761
children 9a5677293671
comparison
equal deleted inserted replaced
1003:7668ca9ae132 1004:d63b569a7c86
1 2015.67 - Wednesday 28 January 2015
2
3 - Call fsync() after generating private keys to ensure they aren't lost if a
4 reboot occurs. Thanks to Peter Korsgaard
5
6 - Disable non-delayed zlib compression by default on the server. Can be
7 enabled if required for old clients with DROPBEAR_SERVER_DELAY_ZLIB
8
9 - Default client key path ~/.ssh/id_dropbear
10
11 - Prefer stronger algorithms by default, from Fedor Brunner.
12 AES256 over 3DES
13 Diffie-hellman group14 over group1
14
15 - Add option to disable CBC ciphers.
16
17 - Disable twofish in default options.h
18
19 - Enable sha2 HMAC algorithms by default, the code was already required
20 for ECC key exchange. sha1 is the first preference still for performance.
21
22 - Fix installing dropbear.8 in a separate build directory, from Like Ma
23
24 - Allow configure to succeed if libtomcrypt/libtommath are missing, from Elan Ruusamäe
25
26 - Don't crash if ssh-agent provides an unknown type of key. From Catalin Patulea
27
28 - Minor bug fixes, a few issues found by Coverity scan
29
1 2014.66 - Thursday 23 October 2014 30 2014.66 - Thursday 23 October 2014
2 31
3 - Use the same keepalive handling behaviour as OpenSSH. This will work better 32 - Use the same keepalive handling behaviour as OpenSSH. This will work better
4 with some SSH implementations that have different behaviour with unknown 33 with some SSH implementations that have different behaviour with unknown
5 message types. 34 message types.