diff --git a/Dropbear-2022.83.md b/Dropbear-2022.83.md new file mode 100644 index 0000000..b1925de --- /dev/null +++ b/Dropbear-2022.83.md @@ -0,0 +1,11 @@ +As per the (unconfirmed) report in https://github.com/jtesta/ssh-audit/issues/159, the following steps may be used to harden Dropbear: + +``` +The current release of dropbear can be hardened by building it adding the following three lines to localoptions.h: + +#define DROPBEAR_RSA_SHA1 0 +#define DROPBEAR_DH_GROUP14_SHA1 0 +#define DROPBEAR_SHA1_HMAC 0 +``` + +Reference: https://github.com/mkj/dropbear/issues/138