Hi Matt, noticed that in sysoptions.h this is added at line 130
/* These are disabled in Dropbear 2016.73 by default since the spec draft-ietf-curdle-ssh-kex-sha2-02 is under development. */ #define DROPBEAR_DH_GROUP14_256 0 #define DROPBEAR_DH_GROUP16 0 Should that not be in options.h underneath line 174 /* Group14 (2048 bit) is recommended. Group1 is less secure (1024 bit) though is the only option for interoperability with some older SSH programs */ #define DROPBEAR_DH_GROUP1 1 #define DROPBEAR_DH_GROUP14 1 Hans On Fri, Mar 18, 2016 at 4:52 PM, Matt Johnston <[email protected]> wrote: > Hi all, > > Dropbear 2016.73 is released. It has a few new features and > other small improvements. > > Download at https://matt.ucc.asn.au/dropbear/dropbear.html > > Cheers, > Matt > > 2016.73 - 18 March 2016 > > - Support syslog in dbclient, option -o usesyslog=yes. Patch from > Konstantin Tokarev > > - Kill a proxycommand when dbclient exits, patch from Konstantin Tokarev > > - Option to exit when a TCP forward fails, patch from Konstantin Tokarev > > - New "-o" option parsing from Konstantin Tokarev. This allows handling > some extra options > in the style of OpenSSH, though implementing all OpenSSH options is not > planned. > > - Fix crash when fallback initshells() is used, reported by Michael Nowak > and Mike Tzou > > - Allow specifying commands eg "dropbearmulti dbclient ..." instead of > symlinks > > - Various cleanups for issues found by a lint tool, patch from Francois > Perrad > > - Fix tab indent consistency, patch from Francois Perrad > > - Fix issues found by cppcheck, reported by Mike Tzou > > - Use system memset_s() or explicit_bzero() if available to clear memory. > Also make > libtomcrypt/libtommath routines use that (or Dropbear's own m_burn()). > > - Prevent scp failing when the local user doesn't exist. Based on patch > from Michael Witten. > > - Improved Travis CI test running, thanks to Mike Tzou > > - Improve some code that was flagged by Coverity and Fortify Static Code > Analyzer >
