From 940b6cb265fcbfec4909b0494130618fc308d31c Mon Sep 17 00:00:00 2001 From: Joe Testa Date: Tue, 21 Mar 2023 14:03:24 -0400 Subject: [PATCH] Created Dropbear 2022.83 (markdown) --- Dropbear-2022.83.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 Dropbear-2022.83.md diff --git a/Dropbear-2022.83.md b/Dropbear-2022.83.md new file mode 100644 index 0000000..b1925de --- /dev/null +++ b/Dropbear-2022.83.md @@ -0,0 +1,11 @@ +As per the (unconfirmed) report in https://github.com/jtesta/ssh-audit/issues/159, the following steps may be used to harden Dropbear: + +``` +The current release of dropbear can be hardened by building it adding the following three lines to localoptions.h: + +#define DROPBEAR_RSA_SHA1 0 +#define DROPBEAR_DH_GROUP14_SHA1 0 +#define DROPBEAR_SHA1_HMAC 0 +``` + +Reference: https://github.com/mkj/dropbear/issues/138