Mercurial > dropbear
comparison options.h @ 713:e22d5f5f6e37
Fix "-c none" so that it allows aes during authentication
Default for options.h shouldn't allow "none"
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 20 Mar 2013 23:52:49 +0800 |
| parents | 91dd8328a3ff |
| children | 3062da90dab8 b07eb3dc23ec |
comparison
equal
deleted
inserted
replaced
| 712:bf0ac0512ef7 | 713:e22d5f5f6e37 |
|---|---|
| 102 | 102 |
| 103 /* You can compile with no encryption if you want. In some circumstances | 103 /* You can compile with no encryption if you want. In some circumstances |
| 104 * this could be safe security-wise, though make sure you know what | 104 * this could be safe security-wise, though make sure you know what |
| 105 * you're doing. Anyone can see everything that goes over the wire, so | 105 * you're doing. Anyone can see everything that goes over the wire, so |
| 106 * the only safe auth method is public key. */ | 106 * the only safe auth method is public key. */ |
| 107 #define DROPBEAR_NONE_CIPHER | 107 /* #define DROPBEAR_NONE_CIPHER */ |
| 108 | 108 |
| 109 /* Message Integrity - at least one required. | 109 /* Message Integrity - at least one required. |
| 110 * Protocol RFC requires sha1 and recommends sha1-96. | 110 * Protocol RFC requires sha1 and recommends sha1-96. |
| 111 * sha1-96 is of use for slow links as it has a smaller overhead. | 111 * sha1-96 is of use for slow links as it has a smaller overhead. |
| 112 * | 112 * |
| 124 /*#define DROPBEAR_SHA2_512_HMAC*/ | 124 /*#define DROPBEAR_SHA2_512_HMAC*/ |
| 125 #define DROPBEAR_MD5_HMAC | 125 #define DROPBEAR_MD5_HMAC |
| 126 | 126 |
| 127 /* You can also disable integrity. Don't bother disabling this if you're | 127 /* You can also disable integrity. Don't bother disabling this if you're |
| 128 * still using a cipher, it's relatively cheap. If you disable this it's dead | 128 * still using a cipher, it's relatively cheap. If you disable this it's dead |
| 129 * simple to run arbitrary commands on the remote host. Beware. | 129 * simple to run arbitrary commands on the remote host. Beware. */ |
| 130 * Note again, for the client you will have to disable other hashes above | 130 /* #define DROPBEAR_NONE_INTEGRITY */ |
| 131 * to use this. */ | |
| 132 #define DROPBEAR_NONE_INTEGRITY | |
| 133 | 131 |
| 134 /* Hostkey/public key algorithms - at least one required, these are used | 132 /* Hostkey/public key algorithms - at least one required, these are used |
| 135 * for hostkey as well as for verifying signatures with pubkey auth. | 133 * for hostkey as well as for verifying signatures with pubkey auth. |
| 136 * Removing either of these won't save very much space. | 134 * Removing either of these won't save very much space. |
| 137 * SSH2 RFC Draft requires dss, recommends rsa */ | 135 * SSH2 RFC Draft requires dss, recommends rsa */ |