Skip to content
Snippets Groups Projects
Commit 3e2b6a18 authored by Matt Johnston's avatar Matt Johnston
Browse files

Improve comment about sha1-96

parent 4d009daa
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 3 deletions
options.h
+ 4
3
View file @ 3e2b6a18
...@@ -99,16 +99,17 @@ much traffic. */ ...@@ -99,16 +99,17 @@ much traffic. */
/* Message Integrity - at least one required. /* Message Integrity - at least one required.
* Protocol RFC requires sha1 and recommends sha1-96. * Protocol RFC requires sha1 and recommends sha1-96.
* sha1-96 may be of use for slow links, as it has a smaller overhead. * sha1-96 is of use for slow links as it has a smaller overhead.
* *
* Note: there's no point disabling sha1 to save space, since it's used * There's no reason to disable sha1 or sha1-96 to save space since it's
* for the random number generator and public-key cryptography anyway. * used for the random number generator and public-key cryptography anyway.
* Disabling it here will just stop it from being used as the integrity portion * Disabling it here will just stop it from being used as the integrity portion
* of the ssh protocol. * of the ssh protocol.
* *
* These hashes are also used for public key fingerprints in logs. * These hashes are also used for public key fingerprints in logs.
* If you disable MD5, Dropbear will fall back to SHA1 fingerprints, * If you disable MD5, Dropbear will fall back to SHA1 fingerprints,
* which are not the standard form. */ * which are not the standard form. */
#define DROPBEAR_SHA1_HMAC #define DROPBEAR_SHA1_HMAC
#define DROPBEAR_SHA1_96_HMAC #define DROPBEAR_SHA1_96_HMAC
#define DROPBEAR_MD5_HMAC #define DROPBEAR_MD5_HMAC
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment