[OpenWrt-Devel] Fwd: Removing Telnet

Vittorio G (VittGam) openwrt at vittgam.net
Tue Sep 8 14:17:27 EDT 2015


Il 08.09.2015 20:06 Sami Olmari ha scritto:
> Does Dropbeard support ether? I know OpenSSH does, but default
> installation does not use that.

I just checked the changelog[1] and I remembered wrong about chacha20.
But it does support curve25519 indeed; it was added along ECDSA:

> 2013.61test - Thursday 14 November 2013
>
> - ECC (elliptic curve) support. Supports ECDSA hostkeys (requires new keys to
>   be generated) and ECDH for setting up encryption keys (no intervention
>   required). This is significantly faster.
>
> - curve25519-sha256 at libssh.org support for setting up encryption keys. This is
>   another elliptic curve mode with less potential of NSA interference in
>   algorithm parameters. curve25519-donna code thanks to Adam Langley

By the way, dropbearkey might not be required anymore, and removing it will
improve CSPRNG security... but that's OT here :)

> - -R option to automatically generate hostkeys. This is recommended for
>   embedded platforms since it allows the system random number device
>   /dev/urandom a longer startup time to generate a secure seed before the
>   hostkey is required.

Cheers,
Vittorio

[1]: https://matt.ucc.asn.au/dropbear/CHANGES
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list