diff options
author | Paul Spooren <mail@aparcar.org> | 2020-09-01 09:13:28 -1000 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2020-09-06 23:19:20 +0200 |
commit | d0f295837a03f7f52000ae6d395827bdde7996a4 (patch) | |
tree | 28786a383270e6cb6782d43fbdfcaad2902668b9 | |
parent | 83e946d7183f6123fd8da492652a6aad1fb414fa (diff) | |
download | upstream-d0f295837a03f7f52000ae6d395827bdde7996a4.tar.gz upstream-d0f295837a03f7f52000ae6d395827bdde7996a4.tar.bz2 upstream-d0f295837a03f7f52000ae6d395827bdde7996a4.zip |
dropbear: Enable Ed25519 for normal devices
The Ed25519 key pairs are much shorter than RSA pairs and are supported
by default in OpenSSH. Looking at websites explaining how to create new
SSH keys, many suggest using Ed25519 rather than RSA, however consider
the former as not yet widely established. OpenWrt likely has a positive
influence on that development.
As enabling Ed25519 is a compile time option, it is currently not
possible to install the feature via `opkg` nor select that option in an
ImageBuilder.
Due to the size impact of **12kB** the option should only be enabled for
devices with `!SMALL_FLASH`.
This approach seems cleaner than splitting `dropbear` into two packages
like `dropbear` and `dropbear-ed25519`.
Signed-off-by: Paul Spooren <mail@aparcar.org>
-rw-r--r-- | package/network/services/dropbear/Config.in | 2 | ||||
-rw-r--r-- | package/network/services/dropbear/Makefile | 5 |
2 files changed, 4 insertions, 3 deletions
diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in index 108b80376b..6aa5a7e4e1 100644 --- a/package/network/services/dropbear/Config.in +++ b/package/network/services/dropbear/Config.in @@ -51,7 +51,7 @@ config DROPBEAR_ECC_FULL config DROPBEAR_ED25519 bool "Ed25519 support" - default n + default y if !SMALL_FLASH help This enables the following public key algorithm: ssh-ed25519 diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index 1cda98bf7e..6c97d3e77b 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2016 OpenWrt.org +# Copyright (C) 2006-2020 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear PKG_VERSION:=2020.80 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ @@ -25,6 +25,7 @@ PKG_BUILD_PARALLEL:=1 PKG_ASLR_PIE_REGULAR:=1 PKG_USE_MIPS16:=0 PKG_FIXUP:=autoreconf +PKG_FLAGS:=nonshared PKG_CONFIG_DEPENDS:= \ CONFIG_TARGET_INIT_PATH CONFIG_DROPBEAR_ECC CONFIG_DROPBEAR_ECC_FULL \ |