[OE-core] [PATCH v2] dropbear: new feature: disable-weak-ciphers
Richard Purdie
richard.purdie at linuxfoundation.org
Sun Jun 30 21:58:48 UTC 2019
On Fri, 2019-06-28 at 18:03 -0500, Joseph Reynolds wrote:
> From 587a9e5c637ad3e70b8e35a3ca66013693ce7ac7 Mon Sep 17 00:00:00
> 2001
> From: Joseph Reynolds <joseph.reynolds1 at ibm.com>
> Date: Wed, 19 Jun 2019 20:16:40 -0500
> Subject: [PATCH v2] dropbear: new feature: disable-weak-ciphers
>
> Enhances dropbear with a new feature "disable-weak-ciphers", on by
> default.
> This feature disables all CBC, SHA1, and diffie-hellman group1
> ciphers in
> the dropbear ssh server and client.
>
> Disable this feature if you need to connect to the ssh server from
> older
> clients. Additional customization can be done with local_options.h
> as
> usual.
>
> Tested: On github.com/openbmc/openbmc using dropbear_2019.78.
>
> Signed-off-by: Joseph Reynolds <joseph.reynolds1 at ibm.com>
> ---
> meta/recipes-core/dropbear/dropbear.inc | 6 ++-
> .../0007-dropbear-disable-weak-ciphers.patch | 57
> ++++++++++++++++++++++
> 2 files changed, 61 insertions(+), 2 deletions(-)
> create mode 100644
> meta/recipes-core/dropbear/dropbear/0007-dropbear-disable-weak-
> ciphers.patch
I merged v1 of this patch previously. What was different in this
version?
Also, the patch was still line wrapped so very hard to apply (had to be
manually fixed).
Cheers,
Richard
More information about the Openembedded-core
mailing list