2 Dropbear 2022.83
Mathieu Simon edited this page 2023-06-07 08:45:09 +02:00

As per the (unconfirmed) report in https://github.com/jtesta/ssh-audit/issues/159, the following steps may be used to harden Dropbear:

The current release of dropbear can be hardened by building it adding the following three lines to localoptions.h:

#define DROPBEAR_RSA_SHA1 0
#define DROPBEAR_DH_GROUP14_SHA1 0
#define DROPBEAR_SHA1_HMAC 0

Reference: https://github.com/mkj/dropbear/issues/138