Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / meta-phosphor / ec86af05553a7a66af68356cb2b4ec451d5bbf91
commitec86af05553a7a66af68356cb2b4ec451d5bbf91[log] [tgz]
authorJoseph Reynolds <jrey@us.ibm.com>Tue Oct 09 14:53:15 2018 -0500
committerBrad Bishop <bradleyb@fuzziesquirrel.com>Tue Oct 30 22:22:48 2018 +0000
tree3252a750e87a588c367bb544070016a272370293
parentdb8dfac57b13eee016d08af197a854fdd36d949d [diff]
Dropbear SSH remove HMAC-MD5

The Dropbear SSH client and server configuration is changed to not
accept the HMAC-MD5 algorithm when making connections.
The MD5 algorithm is no longer considered secure.

With this change, Dropbear supports the following MAC algorithms:
SHA1_HMAC, SHA2_256_HMAC, and SHA2_512_HMAC.
Note that Dropbear does not yet support HMAC-SHA3.

Tested:
  $ ssh -m hmac-sha1-96 root@${bmc}
  Unable to negotiate with ${bmc} port 22:
  no matching MAC found.
  Their offer: hmac-sha1,hmac-sha2-256,hmac-sha2-512
  $ ssh root@${bmc}  # worked

Change-Id: I734e24754d33729f643f6e61e7f40f18ea374197
Signed-off-by: Joseph Reynolds <jrey@us.ibm.com>
1 file changed
tree: 3252a750e87a588c367bb544070016a272370293
  1. aspeed-layer/
  2. classes/
  3. conf/
  4. nuvoton-layer/
  5. recipes-connectivity/
  6. recipes-core/
  7. recipes-devtools/
  8. recipes-extended/
  9. recipes-phosphor/
  10. recipes-support/
  11. recipes-textproc/
  12. COPYING.apache-2.0
  13. COPYING.MIT
  14. LICENSE
  15. MAINTAINERS
  16. README.md
  17. recipes.txt
README.md

OpenBMC

meta-phosphor is the OpenBMC layer. This layer should be included for all OpenBMC systems. The OpenBMC layer contains content which is shared between all OpenBMC systems.