Hi list, For some reason dropbear doesn't have modern MACs for SSH. On cero 3.10.36 I've got Dropbear SSH client v2013.59:
root@cerowrt:/etc# ssh -m help ssh: Available MACs: hmac-sha1-96,hmac-sha1,hmac-md5 (MD5 BTW...) However, dropbear since v2013.56 has support for sha2 (https://matt.ucc.asn.au/dropbear/CHANGES): Added hmac-sha2-256 and hmac-sha2-512 support (off by default, use options.h) It might be that we don't have it enabled in the cero build. The reason why it hurts me is that I have servers configured according to bettercrypto.org and I can't connect from cero (rare occasions, but they happen). I get: ssh: Connection to u...@server.com:22 exited: No matching algo mac c->s I apologize for not looking at github, but I'm really low on time :-(( Do we have sha2 in dropbear in later cero versions or do we have to modify the build? I wonder what openwrt has configured... Best regards, Maciej _______________________________________________ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
