I don't think -t should be suppressed - if someone has intended two
factor auth they'll want to know if it's falling back to only public
keys.
For -B maybe it could make sense, but if someone has intended blank
passwords they might be surprised if it stops working.
The ones changed in 2025.89 are options that would behave the same
regardless of whether password/forwarding is compiled in.
Cheers,
Matt
On 2025-12-17 4:54 pm, Nik Soggia wrote:
Il 17/12/25 05:00, [email protected] ha scritto:
Dropbear 2025.89 is released
in src/svr-runopts.c I found this code (with omissions for clarity):
#if DROPBEAR_SVR_PASSWORD_AUTH || DROPBEAR_SVR_PAM_AUTH
case 's':
case 'g':
case 'B':
case 't':
#else
case 's':
case 'g':
#endif
No big deal, the "Invalid option" message is not suppressed for -B and
-t.
Should I PR on github the trivial fix?
Thank you,
regards
