mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-12-22 09:05:10 +01:00
2
Dropbear 2022.83
Mathieu Simon edited this page 2023-06-07 08:45:09 +02:00
As per the (unconfirmed) report in https://github.com/jtesta/ssh-audit/issues/159, the following steps may be used to harden Dropbear:
The current release of dropbear can be hardened by building it adding the following three lines to localoptions.h
:
#define DROPBEAR_RSA_SHA1 0
#define DROPBEAR_DH_GROUP14_SHA1 0
#define DROPBEAR_SHA1_HMAC 0
Reference: https://github.com/mkj/dropbear/issues/138