Il 08.09.2015 20:06 Sami Olmari ha scritto:
Does Dropbeard support ether? I know OpenSSH does, but default installation does not use that.
I just checked the changelog[1] and I remembered wrong about chacha20. But it does support curve25519 indeed; it was added along ECDSA:
2013.61test - Thursday 14 November 2013 - ECC (elliptic curve) support. Supports ECDSA hostkeys (requires new keys to be generated) and ECDH for setting up encryption keys (no intervention required). This is significantly faster. - curve25519-sha...@libssh.org support for setting up encryption keys. This is another elliptic curve mode with less potential of NSA interference in algorithm parameters. curve25519-donna code thanks to Adam Langley
By the way, dropbearkey might not be required anymore, and removing it will improve CSPRNG security... but that's OT here :)
- -R option to automatically generate hostkeys. This is recommended for embedded platforms since it allows the system random number device /dev/urandom a longer startup time to generate a secure seed before the hostkey is required.
Cheers, Vittorio [1]: https://matt.ucc.asn.au/dropbear/CHANGES _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel