Hello,
Le 02/28/12 07:29, Ondrej Famera a écrit :
This enables support for ECDSA keys in openssl and since it is supported
in openSSH since version 5.7 ECDSA keys can be then used by
openssh-{server,keygen,client} and are automaticaly generated on sshd
start.
- tested to be working on routerstation PRO with trunk r30744
I am not against it, but what's the size impact on openssl with the
enabling of ecdsa? and cannot it be turned on as an openssl
configuration option instead? (such that packages dans depend on this or
select this option).
Signed-off-by: Ondrej Faměra <fam...@fi.muni.cz>
---
Index: package/openssl/Makefile
===================================================================
--- package/openssl/Makefile (revision 30744)
+++ package/openssl/Makefile (working copy)
@@ -74,7 +74,7 @@
OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-smime \
no-rmd160 no-aes192 no-ripemd no-camellia no-ans1 no-krb5
-OPENSSL_OPTIONS:= shared no-ec no-err no-hw no-threads zlib-dynamic
no-sse2
+OPENSSL_OPTIONS:= shared no-err no-hw no-threads zlib-dynamic no-sse2
ifdef CONFIG_OPENSSL_ENGINE
OPENSSL_OPTIONS += -DHAVE_CRYPTODEV
Index: packages/net/openssh/files/sshd.init
===================================================================
--- packages/net/openssh/files/sshd.init (revision 30744)
+++ packages/net/openssh/files/sshd.init (working copy)
@@ -7,7 +7,7 @@
SERVICE_USE_PID=1
start() {
- for type in rsa dsa; do {
+ for type in rsa dsa ecdsa; do {
# check for keys
key=/etc/ssh/ssh_host_${type}_key
[ ! -f $key ] && {
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
