aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul Spooren <mail@aparcar.org>2020-09-01 09:13:28 -1000
committerHauke Mehrtens <hauke@hauke-m.de>2020-09-06 23:19:20 +0200
commitd0f295837a03f7f52000ae6d395827bdde7996a4 (patch)
tree28786a383270e6cb6782d43fbdfcaad2902668b9
parent83e946d7183f6123fd8da492652a6aad1fb414fa (diff)
downloadupstream-d0f295837a03f7f52000ae6d395827bdde7996a4.tar.gz
upstream-d0f295837a03f7f52000ae6d395827bdde7996a4.tar.bz2
upstream-d0f295837a03f7f52000ae6d395827bdde7996a4.zip
dropbear: Enable Ed25519 for normal devices
The Ed25519 key pairs are much shorter than RSA pairs and are supported by default in OpenSSH. Looking at websites explaining how to create new SSH keys, many suggest using Ed25519 rather than RSA, however consider the former as not yet widely established. OpenWrt likely has a positive influence on that development. As enabling Ed25519 is a compile time option, it is currently not possible to install the feature via `opkg` nor select that option in an ImageBuilder. Due to the size impact of **12kB** the option should only be enabled for devices with `!SMALL_FLASH`. This approach seems cleaner than splitting `dropbear` into two packages like `dropbear` and `dropbear-ed25519`. Signed-off-by: Paul Spooren <mail@aparcar.org>
-rw-r--r--package/network/services/dropbear/Config.in2
-rw-r--r--package/network/services/dropbear/Makefile5
2 files changed, 4 insertions, 3 deletions
diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in
index 108b80376b..6aa5a7e4e1 100644
--- a/package/network/services/dropbear/Config.in
+++ b/package/network/services/dropbear/Config.in
@@ -51,7 +51,7 @@ config DROPBEAR_ECC_FULL
config DROPBEAR_ED25519
bool "Ed25519 support"
- default n
+ default y if !SMALL_FLASH
help
This enables the following public key algorithm:
ssh-ed25519
diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile
index 1cda98bf7e..6c97d3e77b 100644
--- a/package/network/services/dropbear/Makefile
+++ b/package/network/services/dropbear/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright (C) 2006-2016 OpenWrt.org
+# Copyright (C) 2006-2020 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=dropbear
PKG_VERSION:=2020.80
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:= \
@@ -25,6 +25,7 @@ PKG_BUILD_PARALLEL:=1
PKG_ASLR_PIE_REGULAR:=1
PKG_USE_MIPS16:=0
PKG_FIXUP:=autoreconf
+PKG_FLAGS:=nonshared
PKG_CONFIG_DEPENDS:= \
CONFIG_TARGET_INIT_PATH CONFIG_DROPBEAR_ECC CONFIG_DROPBEAR_ECC_FULL \