mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-25 08:21:14 +00:00
01964148c6
- limit ECC support to ec*-sha2-nistp256: * DROPBEAR_ECC now provides only basic support for ECC - provide full ECC support as an option: * DROPBEAR_ECC_FULL brings back support for ec{dh,dsa}-sha2-nistp{384,521} - update feature costs in binary size Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
77 lines
1.8 KiB
Plaintext
77 lines
1.8 KiB
Plaintext
menu "Configuration"
|
|
depends on PACKAGE_dropbear
|
|
|
|
config DROPBEAR_CURVE25519
|
|
bool "Curve25519 support"
|
|
default y
|
|
help
|
|
This enables the following key exchange algorithm:
|
|
curve25519-sha256@libssh.org
|
|
|
|
Increases binary size by about 8 kB uncompressed (MIPS).
|
|
|
|
config DROPBEAR_ECC
|
|
bool "Elliptic curve cryptography (ECC)"
|
|
default n
|
|
help
|
|
Enables basic support for elliptic curve cryptography (ECC)
|
|
in key exchange and public key authentication.
|
|
|
|
Key exchange algorithms:
|
|
ecdh-sha2-nistp256
|
|
|
|
Public key algorithms:
|
|
ecdsa-sha2-nistp256
|
|
|
|
Increases binary size by about 24 kB (MIPS).
|
|
|
|
If full ECC support is required, also select DROPBEAR_ECC_FULL.
|
|
|
|
config DROPBEAR_ECC_FULL
|
|
bool "Elliptic curve cryptography (ECC), full support"
|
|
default n
|
|
depends on DROPBEAR_ECC
|
|
help
|
|
Enables full support for elliptic curve cryptography (ECC)
|
|
in key exchange and public key authentication.
|
|
|
|
Key exchange algorithms:
|
|
ecdh-sha2-nistp256 (*)
|
|
ecdh-sha2-nistp384
|
|
ecdh-sha2-nistp521
|
|
|
|
Public key algorithms:
|
|
ecdsa-sha2-nistp256 (*)
|
|
ecdsa-sha2-nistp384
|
|
ecdsa-sha2-nistp521
|
|
|
|
(*) - basic ECC support; provided by DROPBEAR_ECC.
|
|
|
|
Increases binary size by about 4 kB (MIPS).
|
|
|
|
config DROPBEAR_ZLIB
|
|
bool "Enable compression"
|
|
default n
|
|
help
|
|
Enables compression using shared zlib library.
|
|
|
|
Increases binary size by about 0.1 kB (MIPS) and requires additional 62 kB (MIPS)
|
|
for a shared zlib library.
|
|
|
|
config DROPBEAR_UTMP
|
|
bool "Utmp support"
|
|
default n
|
|
depends on BUSYBOX_CONFIG_FEATURE_UTMP
|
|
help
|
|
This enables dropbear utmp support, the file /var/run/utmp is used to
|
|
track who is currently logged in.
|
|
|
|
config DROPBEAR_PUTUTLINE
|
|
bool "Pututline support"
|
|
default n
|
|
depends on DROPBEAR_UTMP
|
|
help
|
|
Dropbear will use pututline() to write the utmp structure into the utmp file.
|
|
|
|
endmenu
|