diff options
| author | Konstantin Demin <rockdrilla@gmail.com> | 2024-01-09 03:40:01 +0300 |
|---|---|---|
| committer | Rui Salvaterra <rsalvaterra@gmail.com> | 2024-02-09 09:13:05 +0000 |
| commit | c87a192386e8470f68e8340a23f9293976211114 (patch) | |
| tree | 4e9fc42ee6e4d8e32528c081d1e8101557080d85 /package/network/services/dropbear | |
| parent | bf900e02c7102601be2e9280231711e70f065877 (diff) | |
dropbear: split U2F/FIDO support
these options allow one to configure U2F/FIDO support in more granular way
inspired by upstream commit aa6559db
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Diffstat (limited to 'package/network/services/dropbear')
| -rw-r--r-- | package/network/services/dropbear/Config.in | 28 | ||||
| -rw-r--r-- | package/network/services/dropbear/Makefile | 6 |
2 files changed, 32 insertions, 2 deletions
diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in index fd4d5f3c7a..a59ca911a0 100644 --- a/package/network/services/dropbear/Config.in +++ b/package/network/services/dropbear/Config.in @@ -65,6 +65,34 @@ config DROPBEAR_CHACHA20POLY1305 Increases binary size by about 4 kB (MIPS). +config DROPBEAR_U2F + bool "U2F/FIDO support" + default y + help + This option itself doesn't enable any support for U2F/FIDO + but subordinate options do: + + - DROPBEAR_ECDSA_SK - ecdsa-sk keys support + depends on DROPBEAR_ECC ("Elliptic curve cryptography (ECC)") + - DROPBEAR_ED25519_SK - ed25519-sk keys support + depends on DROPBEAR_ED25519 ("Ed25519 support") + +config DROPBEAR_ECDSA_SK + bool "ECDSA-SK support" + default y + depends on DROPBEAR_U2F && DROPBEAR_ECC + help + This enables the following public key algorithm: + sk-ecdsa-sha2-nistp256@openssh.com + +config DROPBEAR_ED25519_SK + bool "Ed25519-SK support" + default y + depends on DROPBEAR_U2F && DROPBEAR_ED25519 + help + This enables the following public key algorithm: + sk-ssh-ed25519@openssh.com + config DROPBEAR_ZLIB bool "Enable compression" help diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index 653911b764..c00f64006e 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -31,6 +31,7 @@ PKG_CONFIG_DEPENDS:= \ CONFIG_TARGET_INIT_PATH CONFIG_DROPBEAR_ECC CONFIG_DROPBEAR_ECC_FULL \ CONFIG_DROPBEAR_CURVE25519 CONFIG_DROPBEAR_ZLIB \ CONFIG_DROPBEAR_ED25519 CONFIG_DROPBEAR_CHACHA20POLY1305 \ + CONFIG_DROPBEAR_U2F CONFIG_DROPBEAR_ECDSA_SK CONFIG_DROPBEAR_ED25519_SK \ CONFIG_DROPBEAR_UTMP CONFIG_DROPBEAR_PUTUTLINE \ CONFIG_DROPBEAR_DBCLIENT CONFIG_DROPBEAR_SCP CONFIG_DROPBEAR_ASKPASS \ CONFIG_DROPBEAR_DBCLIENT_AGENTFORWARD CONFIG_DROPBEAR_AGENTFORWARD \ @@ -142,10 +143,11 @@ DB_OPT_CONFIG = \ DROPBEAR_CURVE25519,CONFIG_DROPBEAR_CURVE25519,1,0 \ DROPBEAR_CHACHA20POLY1305,CONFIG_DROPBEAR_CHACHA20POLY1305,1,0 \ DROPBEAR_ED25519,CONFIG_DROPBEAR_ED25519,1,0 \ - DROPBEAR_SK_ED25519,CONFIG_DROPBEAR_ED25519,1,0 \ DROPBEAR_ECDSA,CONFIG_DROPBEAR_ECC,1,0 \ - DROPBEAR_SK_ECDSA,CONFIG_DROPBEAR_ECC,1,0 \ DROPBEAR_ECDH,CONFIG_DROPBEAR_ECC,1,0 \ + DROPBEAR_SK_KEYS,CONFIG_DROPBEAR_U2F,1,0 \ + DROPBEAR_SK_ECDSA,CONFIG_DROPBEAR_ECDSA_SK,1,0 \ + DROPBEAR_SK_ED25519,CONFIG_DROPBEAR_ED25519_SK,1,0 \ DROPBEAR_CLI_ASKPASS_HELPER,CONFIG_DROPBEAR_ASKPASS,1,0 \ DROPBEAR_CLI_AGENTFWD,CONFIG_DROPBEAR_DBCLIENT_AGENTFORWARD,1,0 \ DROPBEAR_SVR_AGENTFWD,CONFIG_DROPBEAR_AGENTFORWARD,1,0 \ |