--- a/default_options.h	Thu Mar 21 23:28:59 2019 +0800
+++ b/default_options.h	Fri Jun 26 21:07:34 2020 +0800
@@ -22,6 +22,7 @@
 #define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key"
 #define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key"
 #define ECDSA_PRIV_FILENAME "/etc/dropbear/dropbear_ecdsa_host_key"
+#define ED25519_PRIV_FILENAME "/etc/dropbear/dropbear_ed25519_host_key"
 
 /* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens
  * on chosen ports and keeps accepting connections. This is the default.
@@ -47,7 +48,7 @@
 #define DROPBEAR_SMALL_CODE 1
 
 /* Enable X11 Forwarding - server only */
-#define DROPBEAR_X11FWD 1
+#define DROPBEAR_X11FWD 0
 
 /* Enable TCP Fowarding */
 /* 'Local' is "-L" style (client listening port forwarded via server)
@@ -82,27 +83,36 @@
  * Including both AES keysize variants (128 and 256) will result in 
  * a minimal size increase */
 #define DROPBEAR_AES128 1
-#define DROPBEAR_3DES 1
 #define DROPBEAR_AES256 1
+#define DROPBEAR_3DES 0
 #define DROPBEAR_TWOFISH256 0
 #define DROPBEAR_TWOFISH128 0
-/* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
-#define DROPBEAR_BLOWFISH 0
+
+/* Enable Chacha20-Poly1305 authenticated encryption mode. This is
+ * generally faster than AES256 on CPU w/o dedicated AES instructions,
+ * having the same key size. Recommended.
+ * Compiling in will add ~5,5kB to binary size on x86-64 */
+#define DROPBEAR_CHACHA20POLY1305 1
+
+/* Enable "Counter Mode" for ciphers. Recommended. */
+#define DROPBEAR_ENABLE_CTR_MODE 1
 
 /* Enable CBC mode for ciphers. This has security issues though
- * is the most compatible with older SSH implementations */
-#define DROPBEAR_ENABLE_CBC_MODE 1
+   may be required for compatibility with old implementations */
+#define DROPBEAR_ENABLE_CBC_MODE 0
 
-/* Enable "Counter Mode" for ciphers. This is more secure than
- * CBC mode against certain attacks. It is recommended for security
- * and forwards compatibility */
-#define DROPBEAR_ENABLE_CTR_MODE 1
+/* Enable "Galois/Counter Mode" for ciphers. This authenticated
+ * encryption mode is combination of CTR mode and GHASH. Recommended
+ * for security and forwards compatibility, but slower than CTR on
+ * CPU w/o dedicated AES/GHASH instructions.
+ * Compiling in will add ~6kB to binary size on x86-64 */
+#define DROPBEAR_ENABLE_GCM_MODE 0
 
 /* Message integrity. sha2-256 is recommended as a default, 
    sha1 for compatibility */
 #define DROPBEAR_SHA1_HMAC 1
-#define DROPBEAR_SHA1_96_HMAC 1
 #define DROPBEAR_SHA2_256_HMAC 1
+#define DROPBEAR_SHA1_96_HMAC 0
 
 /* Hostkey/public key algorithms - at least one required, these are used
  * for hostkey as well as for verifying signatures with pubkey auth.
@@ -116,11 +126,15 @@
  * code (either ECDSA or ECDH) increases binary size - around 30kB
  * on x86-64 */
 #define DROPBEAR_ECDSA 1
+/* Ed25519 is faster than ECDSA. Compiling in Ed25519 code increases
+   binary size - around 7,5kB on x86-64 */
+#define DROPBEAR_ED25519 1
 
 /* RSA must be >=1024 */
 #define DROPBEAR_DEFAULT_RSA_SIZE 2048
 /* DSS is always 1024 */
 /* ECDSA defaults to largest size configured, usually 521 */
+/* Ed25519 is always 256 */
 
 /* Add runtime flag "-R" to generate hostkeys as-needed when the first 
    connection using that key type occurs.
@@ -143,7 +157,7 @@
  * group14 is supported by most implementations.
  * group16 provides a greater strength level but is slower and increases binary size
  * curve25519 and ecdh algorithms are faster than non-elliptic curve methods
- * curve25519 increases binary size by ~8kB on x86-64
+ * curve25519 increases binary size by ~2,5kB on x86-64
  * including either ECDH or ECDSA increases binary size by ~30kB on x86-64
 
  * Small systems should generally include either curve25519 or ecdh for performance.
@@ -174,7 +188,7 @@
 #define DO_HOST_LOOKUP 0
 
 /* Whether to print the message of the day (MOTD). */
-#define DO_MOTD 0
+#define DO_MOTD 1
 #define MOTD_FILENAME "/etc/motd"
 
 /* Authentication Types - at least one required.