1*4882a593Smuzhiyunconfig BR2_PACKAGE_DROPBEAR 2*4882a593Smuzhiyun bool "dropbear" 3*4882a593Smuzhiyun select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL 4*4882a593Smuzhiyun select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL 5*4882a593Smuzhiyun help 6*4882a593Smuzhiyun A small SSH 2 server designed for small memory environments. 7*4882a593Smuzhiyun 8*4882a593Smuzhiyun Note that dropbear requires a per-device unique host key. The 9*4882a593Smuzhiyun key will be generated when dropbear starts, but it is not 10*4882a593Smuzhiyun persistent over reboot (if you have a read-only rootfs) or 11*4882a593Smuzhiyun upgrade (if you have a read-write rootfs). To make the key 12*4882a593Smuzhiyun persistent, replace /etc/dropbear with a symlink to a 13*4882a593Smuzhiyun directory on a persistent, writeable filesystem. 14*4882a593Smuzhiyun Alternatively, mount a persistent unionfs over your root 15*4882a593Smuzhiyun filesystem. 16*4882a593Smuzhiyun 17*4882a593Smuzhiyun https://matt.ucc.asn.au/dropbear/dropbear.html 18*4882a593Smuzhiyun 19*4882a593Smuzhiyunif BR2_PACKAGE_DROPBEAR 20*4882a593Smuzhiyun 21*4882a593Smuzhiyunconfig BR2_PACKAGE_DROPBEAR_CLIENT 22*4882a593Smuzhiyun bool "client programs" 23*4882a593Smuzhiyun default y 24*4882a593Smuzhiyun help 25*4882a593Smuzhiyun Provides the programs: dbclient, ssh 26*4882a593Smuzhiyun 27*4882a593Smuzhiyun Note that the following programs are also used server-side 28*4882a593Smuzhiyun and are therefore always build regardless this setting: 29*4882a593Smuzhiyun dropbear, dropbearkey, dropbearconvert, scp 30*4882a593Smuzhiyun 31*4882a593Smuzhiyunconfig BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS 32*4882a593Smuzhiyun bool "disable reverse DNS lookups" 33*4882a593Smuzhiyun help 34*4882a593Smuzhiyun Disable reverse DNS lookups on connection. This can be handy 35*4882a593Smuzhiyun on systems without working DNS, as connections otherwise 36*4882a593Smuzhiyun stall until DNS times out. 37*4882a593Smuzhiyun 38*4882a593Smuzhiyunconfig BR2_PACKAGE_DROPBEAR_SMALL 39*4882a593Smuzhiyun bool "optimize for size" 40*4882a593Smuzhiyun default y 41*4882a593Smuzhiyun help 42*4882a593Smuzhiyun Compile dropbear for the smallest possible binary size. 43*4882a593Smuzhiyun 44*4882a593Smuzhiyun Tradeoffs are slower hashes and ciphers, and disabling of the 45*4882a593Smuzhiyun blowfish cipher and zlib. 46*4882a593Smuzhiyun 47*4882a593Smuzhiyunconfig BR2_PACKAGE_DROPBEAR_WTMP 48*4882a593Smuzhiyun bool "log dropbear access to wtmp" 49*4882a593Smuzhiyun help 50*4882a593Smuzhiyun Enable logging of dropbear access to wtmp. Notice that 51*4882a593Smuzhiyun Buildroot does not generate wtmp by default. 52*4882a593Smuzhiyun 53*4882a593Smuzhiyunconfig BR2_PACKAGE_DROPBEAR_LASTLOG 54*4882a593Smuzhiyun bool "log dropbear access to lastlog" 55*4882a593Smuzhiyun help 56*4882a593Smuzhiyun Enable logging of dropbear access to lastlog. Notice that 57*4882a593Smuzhiyun Buildroot does not generate lastlog by default. 58*4882a593Smuzhiyun 59*4882a593Smuzhiyunconfig BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO 60*4882a593Smuzhiyun bool "enable legacy crypto" 61*4882a593Smuzhiyun help 62*4882a593Smuzhiyun Enable legacy and possibly insecure algorithms: 63*4882a593Smuzhiyun 3DES encryption 64*4882a593Smuzhiyun SHA1-96 message integrity 65*4882a593Smuzhiyun CBC encryption mode 66*4882a593Smuzhiyun DSA public keys 67*4882a593Smuzhiyun Diffie-Hellman Group1 key exchange 68*4882a593Smuzhiyun 69*4882a593Smuzhiyunconfig BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE 70*4882a593Smuzhiyun string "path to custom localoptions.h definitions file" 71*4882a593Smuzhiyun help 72*4882a593Smuzhiyun Path to a file whose contents will be appended to Dropbear 73*4882a593Smuzhiyun localoptions.h. It can be used to tweak the Dropbear 74*4882a593Smuzhiyun configuration. 75*4882a593Smuzhiyun 76*4882a593Smuzhiyunendif 77