[PATCH] dropbear: Enable Ed25519 for normal devices
Rosen Penev
rosenp at gmail.com
Wed Jul 15 20:24:06 EDT 2020
On Wed, Jul 15, 2020 at 5:15 PM Paul Spooren <mail at aparcar.org> wrote:
>
> The Ed25519 key pairs are much shorter than RSA pairs and are supported
> by default in OpenSSH. Looking at websites explaining how to create new
> SSH keys, many suggest using Ed25519 rather than RSA, however consider
> the former as not yet widely established. OpenWrt likely has a positive
> influence on that development.
>
> As enabling Ed25519 is a compile time option, it is currently not
> possible to install the feature via `opkg` nor select that option in an
> ImageBuilder.
>
> Due to the size impact the option should only be enabled for devices
> with `!SMALL_FLASH`.
>
> This approach seems cleaner than splitting `dropbear` into two packages
> like `dropbear` and `dropbear-ed25519`.
>
> Signed-off-by: Paul Spooren <mail at aparcar.org>
I like this.
> ---
> package/network/services/dropbear/Config.in | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in
> index 3de4189e08..2836229043 100644
> --- a/package/network/services/dropbear/Config.in
> +++ b/package/network/services/dropbear/Config.in
> @@ -51,7 +51,7 @@ config DROPBEAR_ECC_FULL
>
> config DROPBEAR_ED25519
> bool "Ed25519 support"
> - default n
> + default y if !SMALL_FLASH
> help
> This enables the following public key algorithm:
> ssh-ed25519
> --
> 2.25.1
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list