# HG changeset patch # User Matt Johnston # Date 1518964071 -28800 # Node ID 7c7c5326ad736b7445642f8b5b5237fc7a5e02b7 # Parent 33b872649eb727ffa63b7b76f6d0878bea06d435 clean up some default options - move hmac-sha2-512, hmac-md5, twofish_ctr to sysoptions.h, off by default - try and improve text for KEX methods diff -r 33b872649eb7 -r 7c7c5326ad73 default_options.h.in --- a/default_options.h.in Sun Feb 18 15:12:15 2018 +0800 +++ b/default_options.h.in Sun Feb 18 22:27:51 2018 +0800 @@ -9,9 +9,9 @@ used if it exists. Options defined there will override any options in this file. -Options can also be defined with -DDROPBEAR_XXX in Makefile CFLAGS +Options can also be defined with -DDROPBEAR_XXX=[0,1] in Makefile CFLAGS -IMPORTANT: Many options will require "make clean" after changes */ +IMPORTANT: Some options will require "make clean" after changes */ #define DROPBEAR_DEFPORT "22" @@ -41,9 +41,9 @@ #define DEBUG_TRACE 0 /* Set this if you want to use the DROPBEAR_SMALL_CODE option. This can save -several kB in binary size however will make the symmetrical ciphers and hashes -slower, perhaps by 50%. Recommended for small systems that aren't doing -much traffic. */ + * several kB in binary size however will make the symmetrical ciphers and hashes + * slower, perhaps by 50%. Recommended for small systems that aren't doing + * much traffic. */ #define DROPBEAR_SMALL_CODE 1 /* Enable X11 Forwarding - server only */ @@ -52,7 +52,6 @@ /* Enable TCP Fowarding */ /* 'Local' is "-L" style (client listening port forwarded via server) * 'Remote' is "-R" style (server listening port forwarded via client) */ - #define DROPBEAR_CLI_LOCALTCPFWD 1 #define DROPBEAR_CLI_REMOTETCPFWD 1 @@ -85,8 +84,8 @@ #define DROPBEAR_AES128 1 #define DROPBEAR_3DES 1 #define DROPBEAR_AES256 1 -#define DROPBEAR_TWOFISH256 1 -#define DROPBEAR_TWOFISH128 1 +#define DROPBEAR_TWOFISH256 0 +#define DROPBEAR_TWOFISH128 0 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ #define DROPBEAR_BLOWFISH 0 @@ -99,21 +98,11 @@ * and forwards compatibility */ #define DROPBEAR_ENABLE_CTR_MODE 1 -/* Twofish counter mode is disabled by default because it -has not been tested for interoperability with other SSH implementations. -If you test it please contact the Dropbear author */ -#define DROPBEAR_TWOFISH_CTR 0 - /* Message integrity. sha2-256 is recommended as a default, sha1 for compatibility */ #define DROPBEAR_SHA1_HMAC 1 #define DROPBEAR_SHA1_96_HMAC 1 #define DROPBEAR_SHA2_256_HMAC 1 -/* Default is to include it if sha512 is being compiled in for ECDSA */ -#define DROPBEAR_SHA2_512_HMAC (DROPBEAR_ECDSA) - -/* XXX needed for fingerprints */ -#define DROPBEAR_MD5_HMAC 0 /* Hostkey/public key algorithms - at least one required, these are used * for hostkey as well as for verifying signatures with pubkey auth. @@ -139,30 +128,33 @@ with badly seeded /dev/urandom when systems first boot. */ #define DROPBEAR_DELAY_HOSTKEY 1 -/* Enable Curve25519 for key exchange. This is another elliptic - * curve method with good security properties. Increases binary size - * by ~8kB on x86-64 */ -#define DROPBEAR_CURVE25519 1 - -/* Enable elliptic curve Diffie Hellman key exchange, see note about - * ECDSA above */ -#define DROPBEAR_ECDH 1 /* Key exchange algorithm. + * group14_sha1 - 2048 bit, sha1 * group14_sha256 - 2048 bit, sha2-256 * group16 - 4096 bit, sha2-512 * group1 - 1024 bit, sha1 + * curve25519 - elliptic curve DH + * ecdh - NIST elliptic curve DH (256, 384, 521) * + * group1 is too small for security though is necessary if you need + compatibility with some implementations such as Dropbear versions < 0.53 * group14 is supported by most implementations. * group16 provides a greater strength level but is slower and increases binary size - * group1 is too small for security though is necessary if you need - compatibility with some implementations such as Dropbear versions < 0.53 + * curve25519 and ecdh algorithms are faster than non-elliptic curve methods + * curve25519 increases binary size by ~8kB on x86-64 + * including either ECDH or ECDSA increases binary size by ~30kB on x86-64 + + * Small systems should generally include either curve25519 or ecdh for performance. + * curve25519 is less widely supported but is faster */ #define DROPBEAR_DH_GROUP1 1 #define DROPBEAR_DH_GROUP14_SHA1 1 #define DROPBEAR_DH_GROUP14_SHA256 1 #define DROPBEAR_DH_GROUP16 0 +#define DROPBEAR_CURVE25519 1 +#define DROPBEAR_ECDH 1 /* Control the memory/performance/compression tradeoff for zlib. * Set windowBits=8 for least memory usage, see your system's @@ -178,8 +170,6 @@ /* Whether to print the message of the day (MOTD). */ #define DO_MOTD 0 - -/* The MOTD file path */ #define MOTD_FILENAME "/etc/motd" /* Authentication Types - at least one required. @@ -223,7 +213,7 @@ /* Save a network roundtrip by sendng a real auth request immediately after * sending a query for the available methods. This is not yet enabled by default since it could cause problems with non-compliant servers */ - #define DROPBEAR_CLI_IMMEDIATE_AUTH 0 +#define DROPBEAR_CLI_IMMEDIATE_AUTH 0 /* Set this to use PRNGD or EGD instead of /dev/urandom */ #define DROPBEAR_USE_PRNGD 0 diff -r 33b872649eb7 -r 7c7c5326ad73 sysoptions.h --- a/sysoptions.h Sun Feb 18 15:12:15 2018 +0800 +++ b/sysoptions.h Sun Feb 18 22:27:51 2018 +0800 @@ -99,6 +99,23 @@ #define MAX_MAC_LEN 20 #endif +/* sha2-512 is not necessary unless unforseen problems arise with sha2-256 */ +#ifndef DROPBEAR_SHA2_512_HMAC +#define DROPBEAR_SHA2_512_HMAC 0 +#endif + +/* might be needed for compatibility with very old implementations */ +#ifndef DROPBEAR_MD5_HMAC +#define DROPBEAR_MD5_HMAC 0 +#endif + +/* Twofish counter mode is disabled by default because it +has not been tested for interoperability with other SSH implementations. +If you test it please contact the Dropbear author */ +#ifndef DROPBEAR_TWOFISH_CTR +#define DROPBEAR_TWOFISH_CTR 0 +#endif + #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA))