Comments (5)
mkj
commented on June 9, 2024
It should already be compiled out by default?
from dropbear.
riobard
commented on June 9, 2024
Tested on dropbear version v2022.83 on Alpine Linux 3.19 and only kex algo got rid of DSS. Host key algo still contains ssh-dss if the host key file /etc/dropbear/dropbear_dss_host_key exists (which Alpine init.d script conveniently generates if missing).
Should it be removed more thoroughly?
Results running nmap --script ssh2-enum-algos -sV -p 22 [target host]
PORT STATE SERVICE VERSION
22/tcp open ssh Dropbear sshd 2022.83 (protocol 2.0)
| ssh2-enum-algos:
| kex_algorithms: (9)
| curve25519-sha256
| [email protected]
| ecdh-sha2-nistp521
| ecdh-sha2-nistp384
| ecdh-sha2-nistp256
| diffie-hellman-group14-sha256
| diffie-hellman-group14-sha1
| [email protected]
| [email protected]
| server_host_key_algorithms: (5)
| ssh-ed25519
| ecdsa-sha2-nistp256
| rsa-sha2-256
| ssh-rsa
| ssh-dss
| encryption_algorithms: (3)
| [email protected]
| aes128-ctr
| aes256-ctr
| mac_algorithms: (2)
| hmac-sha1
| hmac-sha2-256
| compression_algorithms: (2)
| [email protected]
|_ none
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
from dropbear.
mkj
commented on June 9, 2024
The fix hasn't made it to a release yet.
c043efb
from dropbear.
riobard
commented on June 9, 2024
Sorry my bad, didn't notice that. OTOH are we expecting a release anytime soon? Latest release is more than a year old.
from dropbear.
mkj
commented on June 9, 2024
Yeah, just have a few PRs that I want to get merged first.
from dropbear.
Related Issues (20)
- -static-pie: Aiee, segfault! You should probably report this as a bug to the developer HOT 3
- How limit maxsession per user ? HOT 1
- Invalid signature key type allows to trigger an assertion via remote HOT 4
- SSH command execution will overwrite stderr HOT 2
- dropbear hangs when bringing down secondary network interface HOT 3
- Feature request: Add support for /etc/nologin
- OpenSSH Client(but not dbclient) connection times out HOT 6
- Building with glibc-1.31+ HOT 4
- cant use -i options!! HOT 1
- build error when SK_KEYS is set and only one of ECDSA or ED25519 HOT 4
- configure --disable-plugin will actually enable it
- musl build fails with --disable-pututline HOT 4
- error: 'struct AuthState' has no member named 'pubkey_options'
- Dropear on musl uses utmp/wtmp invalidated paths from paths.h HOT 1
- Request: disable weak and suspect crypto HOT 3
- Does it support Windows? HOT 1
- compression issue
- Noob question: I want to change host key on my Remarkable 2 tablet HOT 2
- Feature request: Certificate-based SSH logins
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dropbear.