[PATCH] dropbear: Enable Ed25519 for normal devices
rosenp at gmail.com
Wed Jul 15 20:24:06 EDT 2020
On Wed, Jul 15, 2020 at 5:15 PM Paul Spooren <mail at aparcar.org> wrote:
> The Ed25519 key pairs are much shorter than RSA pairs and are supported
> by default in OpenSSH. Looking at websites explaining how to create new
> SSH keys, many suggest using Ed25519 rather than RSA, however consider
> the former as not yet widely established. OpenWrt likely has a positive
> influence on that development.
> As enabling Ed25519 is a compile time option, it is currently not
> possible to install the feature via `opkg` nor select that option in an
> Due to the size impact the option should only be enabled for devices
> with `!SMALL_FLASH`.
> This approach seems cleaner than splitting `dropbear` into two packages
> like `dropbear` and `dropbear-ed25519`.
> Signed-off-by: Paul Spooren <mail at aparcar.org>
I like this.
> package/network/services/dropbear/Config.in | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in
> index 3de4189e08..2836229043 100644
> --- a/package/network/services/dropbear/Config.in
> +++ b/package/network/services/dropbear/Config.in
> @@ -51,7 +51,7 @@ config DROPBEAR_ECC_FULL
> config DROPBEAR_ED25519
> bool "Ed25519 support"
> - default n
> + default y if !SMALL_FLASH
> This enables the following public key algorithm:
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
More information about the openwrt-devel