Joseph Reynolds | a12245d | 2018-09-26 16:31:39 -0500 | [diff] [blame] | 1 | diff --git a/options.h b/options.h |
Joseph Reynolds | 1597b92 | 2018-10-09 14:53:15 -0500 | [diff] [blame] | 2 | index 0c51bb1..3df2d67 100644 |
Joseph Reynolds | a12245d | 2018-09-26 16:31:39 -0500 | [diff] [blame] | 3 | --- a/options.h |
| 4 | +++ b/options.h |
Joseph Reynolds | 1597b92 | 2018-10-09 14:53:15 -0500 | [diff] [blame] | 5 | @@ -95,12 +95,12 @@ much traffic. */ |
Joseph Reynolds | a12245d | 2018-09-26 16:31:39 -0500 | [diff] [blame] | 6 | #define DROPBEAR_AES256 |
| 7 | /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ |
| 8 | /*#define DROPBEAR_BLOWFISH*/ |
| 9 | -#define DROPBEAR_TWOFISH256 |
| 10 | -#define DROPBEAR_TWOFISH128 |
Joseph Reynolds | 1597b92 | 2018-10-09 14:53:15 -0500 | [diff] [blame] | 11 | +/*#define DROPBEAR_TWOFISH256*/ |
| 12 | +/*#define DROPBEAR_TWOFISH128*/ |
Joseph Reynolds | a12245d | 2018-09-26 16:31:39 -0500 | [diff] [blame] | 13 | |
| 14 | /* Enable CBC mode for ciphers. This has security issues though |
| 15 | * is the most compatible with older SSH implementations */ |
| 16 | -#define DROPBEAR_ENABLE_CBC_MODE |
Joseph Reynolds | 1597b92 | 2018-10-09 14:53:15 -0500 | [diff] [blame] | 17 | +/*#define DROPBEAR_ENABLE_CBC_MODE*/ |
Joseph Reynolds | a12245d | 2018-09-26 16:31:39 -0500 | [diff] [blame] | 18 | |
| 19 | /* Enable "Counter Mode" for ciphers. This is more secure than normal |
| 20 | * CBC mode against certain attacks. It is recommended for security |
Joseph Reynolds | 1597b92 | 2018-10-09 14:53:15 -0500 | [diff] [blame] | 21 | @@ -131,10 +131,10 @@ If you test it please contact the Dropbear author */ |
Joseph Reynolds | a12245d | 2018-09-26 16:31:39 -0500 | [diff] [blame] | 22 | * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, |
| 23 | * which are not the standard form. */ |
Joseph Reynolds | 1597b92 | 2018-10-09 14:53:15 -0500 | [diff] [blame] | 24 | #define DROPBEAR_SHA1_HMAC |
Joseph Reynolds | a12245d | 2018-09-26 16:31:39 -0500 | [diff] [blame] | 25 | -#define DROPBEAR_SHA1_96_HMAC |
Joseph Reynolds | 1597b92 | 2018-10-09 14:53:15 -0500 | [diff] [blame] | 26 | +/*#define DROPBEAR_SHA1_96_HMAC*/ |
Joseph Reynolds | a12245d | 2018-09-26 16:31:39 -0500 | [diff] [blame] | 27 | #define DROPBEAR_SHA2_256_HMAC |
| 28 | #define DROPBEAR_SHA2_512_HMAC |
Joseph Reynolds | 1597b92 | 2018-10-09 14:53:15 -0500 | [diff] [blame] | 29 | -#define DROPBEAR_MD5_HMAC |
| 30 | +/*#define DROPBEAR_MD5_HMAC*/ |
| 31 | |
| 32 | /* You can also disable integrity. Don't bother disabling this if you're |
| 33 | * still using a cipher, it's relatively cheap. If you disable this it's dead |