[Cerowrt-devel] Available MACs in dropbear
Maciej Soltysiak
maciej at soltysiak.com
Fri Oct 24 13:31:05 EDT 2014
Hi list,
For some reason dropbear doesn't have modern MACs for SSH. On cero
3.10.36 I've got Dropbear SSH client v2013.59:
root at cerowrt:/etc# ssh -m help
ssh: Available MACs:
hmac-sha1-96,hmac-sha1,hmac-md5
(MD5 BTW...)
However, dropbear since v2013.56 has support for sha2
(https://matt.ucc.asn.au/dropbear/CHANGES):
Added hmac-sha2-256 and hmac-sha2-512 support (off by default, use options.h)
It might be that we don't have it enabled in the cero build.
The reason why it hurts me is that I have servers configured according
to bettercrypto.org and I can't connect from cero (rare occasions, but
they happen). I get:
ssh: Connection to user at server.com:22 exited: No matching algo mac c->s
I apologize for not looking at github, but I'm really low on time :-((
Do we have sha2 in dropbear in later cero versions or do we have to
modify the build?
I wonder what openwrt has configured...
Best regards,
Maciej
More information about the Cerowrt-devel
mailing list