[FS#3216] Enable by default ed25519 on dropbear

OpenWrt Bugs openwrt-bugs at lists.openwrt.org
Sun Jul 5 11:00:47 EDT 2020


A new Flyspray task has been opened.  Details are below. 

User who did this - GovanifY (GovanifY) 

Attached to Project - OpenWrt/LEDE Project
Summary - Enable by default ed25519 on dropbear
Task Type - Bug Report
Category - Packages
Status - Unconfirmed
Assigned To - 
Operating System - All
Severity - Medium
Priority - Very Low
Reported Version - Trunk
Due in Version - Undecided
Due Date - Undecided
Details - Hello,

As of latest master OpenWRT still does not enable ed25519 by default in dropbear.
ed25519 is becoming fairly widespread and is even the current default key exchange algorithm in OpenSSH.
As per https://github.com/mkj/dropbear/pull/91 adding this feature would only add around 8KB to the build size of dropbear max
and as per your build files 12KB in MIPS.
I believe 10Kb is relatively negligible, even for routers, and as such I don't really see
any reason to have it disabled by default, especially when something as 
crucial as public key ssh gets broken otherwise without any warning, leading to a horrendous UX.

Would you be so kind as to think about changing the default?


More information can be found at the following URL:

You are receiving this message because you have requested it from the Flyspray bugtracking system.  If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.

More information about the openwrt-bugs mailing list