Hello, Le 02/28/12 07:29, Ondrej Famera a écrit :
This enables support for ECDSA keys in openssl and since it is supported in openSSH since version 5.7 ECDSA keys can be then used by openssh-{server,keygen,client} and are automaticaly generated on sshd start.- tested to be working on routerstation PRO with trunk r30744
I am not against it, but what's the size impact on openssl with the enabling of ecdsa? and cannot it be turned on as an openssl configuration option instead? (such that packages dans depend on this or select this option).
Signed-off-by: Ondrej Faměra <[email protected]> --- Index: package/openssl/Makefile =================================================================== --- package/openssl/Makefile (revision 30744) +++ package/openssl/Makefile (working copy) @@ -74,7 +74,7 @@ OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-smime \ no-rmd160 no-aes192 no-ripemd no-camellia no-ans1 no-krb5 -OPENSSL_OPTIONS:= shared no-ec no-err no-hw no-threads zlib-dynamic no-sse2 +OPENSSL_OPTIONS:= shared no-err no-hw no-threads zlib-dynamic no-sse2 ifdef CONFIG_OPENSSL_ENGINE OPENSSL_OPTIONS += -DHAVE_CRYPTODEV Index: packages/net/openssh/files/sshd.init =================================================================== --- packages/net/openssh/files/sshd.init (revision 30744) +++ packages/net/openssh/files/sshd.init (working copy) @@ -7,7 +7,7 @@ SERVICE_USE_PID=1 start() { - for type in rsa dsa; do { + for type in rsa dsa ecdsa; do { # check for keys key=/etc/ssh/ssh_host_${type}_key [ ! -f $key ] && { _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
_______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
