[OpenWrt-Devel] Fwd: Removing Telnet
Vittorio G (VittGam)
openwrt at vittgam.net
Tue Sep 8 14:17:27 EDT 2015
Il 08.09.2015 20:06 Sami Olmari ha scritto:
> Does Dropbeard support ether? I know OpenSSH does, but default
> installation does not use that.
I just checked the changelog[1] and I remembered wrong about chacha20.
But it does support curve25519 indeed; it was added along ECDSA:
> 2013.61test - Thursday 14 November 2013
>
> - ECC (elliptic curve) support. Supports ECDSA hostkeys (requires new keys to
> be generated) and ECDH for setting up encryption keys (no intervention
> required). This is significantly faster.
>
> - curve25519-sha256 at libssh.org support for setting up encryption keys. This is
> another elliptic curve mode with less potential of NSA interference in
> algorithm parameters. curve25519-donna code thanks to Adam Langley
By the way, dropbearkey might not be required anymore, and removing it will
improve CSPRNG security... but that's OT here :)
> - -R option to automatically generate hostkeys. This is recommended for
> embedded platforms since it allows the system random number device
> /dev/urandom a longer startup time to generate a secure seed before the
> hostkey is required.
Cheers,
Vittorio
[1]: https://matt.ucc.asn.au/dropbear/CHANGES
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list