Commits · 6165f53fcd6be9bb06fc3cd29e8640bb14d95111 · Matt Johnston / dropbear

Jan 24, 2015
- Default client key path ~/.ssh/id_dropbear · 6165f53f
  Matt Johnston authored 10 years ago
  
  6165f53f
Jan 23, 2015

Prefer stronger algorithms in algorithm negotiation. · 4122cac6

Fedor Brunner authored 10 years ago

Prefer diffie-hellman-group14-sha1 (2048 bit) over
diffie-hellman-group1-sha1 (1024 bit).

Due to meet-in-the-middle attacks the effective key length of
three key 3DES is 112 bits. AES is stronger and faster then 3DES.

Prefer to delay the start of compression until after authentication
has completed. This avoids exposing compression code to attacks
from unauthenticated users.

(github pull request #9)

4122cac6

Fix installing dropbear.8 error when building in a separate directory. · a1dcebe4
Like Ma authored 10 years ago
```
(fix pull request #6)
```
a1dcebe4
Add config option to disable cbc. Disable twofish by default · 6cbb23a8
Matt Johnston authored 10 years ago

6cbb23a8
Fix variables may be uninitialized. · 5c57a311
Like Ma authored 10 years ago
```
(fixup of pull request #7)
```
5c57a311

Integrity error (bad packet size %u) negative length · 7b2c42aa

Fedor Brunner authored 10 years ago

    When corrupted packet is received negative length of packet is
    displayed.
    (re-apply of pull request #8)

7b2c42aa

Jan 13, 2015
- Enable sha2 HMACs by default, they're required for ecdsa already · 1ed8d393
  Matt Johnston authored 10 years ago
  
  1ed8d393
Jan 04, 2015
- clear hash state memory after use · b24984de
  Matt Johnston authored 10 years ago
  
  b24984de
- clarify bad/unknown · eabd9f5e
  Matt Johnston authored 10 years ago
  
  eabd9f5e
Jan 02, 2015

Handle invalid agent keys by skipping rather than exiting. · d4609682

Catalin Patulea authored 10 years ago

My agent exposes both conventional keys and certs (ecdsa-sha2-nistp256-cert-v01@openssh.com) and I want dropbear to be able to use the former.

d4609682

Jan 04, 2015
- Open directories O_RDONLY for fsync, add debugging if it fails · 634415f7
  Matt Johnston authored 10 years ago
  
  634415f7
Nov 08, 2014
- Make sure hostkeys are flushed to disk to avoid empty files if the power · 4ba830fc
  Matt Johnston authored 10 years ago
```
fails. Based on patch from Peter Korsgaard
```
  4ba830fc
Oct 23, 2014
- Added signature for changeset 2d421bc0545d · 3022a460
  Matt Johnston authored 10 years ago
  
  3022a460
- Added tag DROPBEAR_2014.66 for changeset 735511a4c761 · d9a868ff
  Matt Johnston authored 10 years ago
  
  d9a868ff
- changelog, version number bump · c890a0c1
  Matt Johnston authored 10 years ago
  
  DROPBEAR_2014.66
  
  c890a0c1
- Remove -o from scp help · 9ec934a9
  Matt Johnston authored 10 years ago
  
  9ec934a9
- increae MAX_STRING_LEN for sun ssh · 5e606a96
  Matt Johnston authored 10 years ago
  
  5e606a96
Oct 22, 2014
- Don't print "Failed loading hostkey" when -R delayed hostkey option is enabled · d8803443
  Steven Honeyman authored 10 years ago
  
  d8803443
Oct 21, 2014
- Combine code for SSH_CONNECTION and SSH_CLIENT · 776d9087
  Matt Johnston authored 10 years ago
  
  776d9087
- Merge pull request #5 from rcleere/ssh_client · 444b1588
  Matt Johnston authored 10 years ago
```
Add SSH_CLIENT environment variable
```
  444b1588
- Add SSH_CLIENT environment variable · 95745058
  Ryan Cleere authored 10 years ago
  
  95745058
Aug 19, 2014
- Make keepalive handling more robust, this should now match what OpenSSH does · 6d2d3669
  Matt Johnston authored 10 years ago
  
  6d2d3669
Aug 13, 2014
- Fix wtmp, testing for wtmp.h and wtmpx.h doesn't make sense · 1387654c
  Whoopie authored 10 years ago
  
  1387654c
- Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses · 10eb218f
  Matt Johnston authored 10 years ago
  
  10eb218f
Aug 08, 2014
- Added signature for changeset caac692b366c · bfb2b30d
  Matt Johnston authored 10 years ago
  
  bfb2b30d
- Added tag DROPBEAR_2014.65 for changeset e9579816f20e · 426d4d72
  Matt Johnston authored 10 years ago
  
  426d4d72
- 2014.64 · cce29ba3
  Matt Johnston authored 10 years ago
  
  DROPBEAR_2014.65
  
  cce29ba3
Aug 01, 2014

use xauth in /usr/bin · ed2e276b

Mike Frysinger authored 10 years ago

Since the x.org rework, X has been installed into standard paths and not
its own random prefixes.  I think it's time we update the default paths
accordingly.

ed2e276b

Aug 06, 2014
- Don't warn about ENOTSOCK when setting priority · 12a020aa
  Matt Johnston authored 10 years ago
  
  12a020aa
- Be a bit safer in case pw_name doesn't exist · b969101b
  Matt Johnston authored 10 years ago
  
  b969101b
- merge · 86a742f6
  Matt Johnston authored 10 years ago
  
  86a742f6
- Merge pull request #2 from iquaba/patch-1 · 9468f7f6
  Matt Johnston authored 10 years ago
```
Try without identifying current user
```
  9468f7f6
- Test for EAGAIN too · 628a3f5c
  Matt Johnston authored 10 years ago
  
  628a3f5c
- Try without identifying current user · e815e974
  iquaba authored 10 years ago
```
Small change that warns the user if the current user cannot be identified rather than aborting.  This came in handy when I put dropbear on a dlink that did not have a true user environment.  Falling back on the "-l" option and user@ options works just fine as a client.  The only implication I found is that the -J option will fail ungracefully without a known own_user.
```
  e815e974
Jul 28, 2014
- Make sure the check_close() handler runs when a server child process exits · 0e7409c7
  Matt Johnston authored 11 years ago
  
  0e7409c7
- Fix some format string warnings · 393ca2a2
  Matt Johnston authored 11 years ago
  
  393ca2a2
- Fix clock_gettime handling · ad1d48e0
  Matt Johnston authored 11 years ago
  
  ad1d48e0
Jul 27, 2014
- Added signature for changeset 96584b934d04 · ac98aae1
  Matt Johnston authored 11 years ago
  
  ac98aae1
- Added tag DROPBEAR_2014.64 for changeset 0d2d39957c02 · c1267398
  Matt Johnston authored 11 years ago
  
  c1267398
- Archive should be bz2 nor gz · 8c3a2bb6
  Matt Johnston authored 11 years ago
  
  DROPBEAR_2014.64
  
  8c3a2bb6

Admin message