buildroot/package/dropbear/Config.in

config BR2_PACKAGE_DROPBEAR
	bool "dropbear"
	select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL
	select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL
	help
	  A small SSH 2 server designed for small memory environments.

	  Note that dropbear requires a per-device unique host key. The
	  key will be generated when dropbear starts, but it is not
	  persistent over reboot (if you have a read-only rootfs) or
	  upgrade (if you have a read-write rootfs). To make the key
	  persistent, replace /etc/dropbear with a symlink to a
	  directory on a persistent, writeable filesystem.
	  Alternatively, mount a persistent unionfs over your root
	  filesystem.

	  https://matt.ucc.asn.au/dropbear/dropbear.html

if BR2_PACKAGE_DROPBEAR

config BR2_PACKAGE_DROPBEAR_CLIENT
	bool "client programs"
	default y
	help
	  Provides the programs: dbclient, ssh

	  Note that the following programs are also used server-side
	  and are therefore always build regardless this setting:
	  dropbear, dropbearkey, dropbearconvert, scp

config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS
	bool "disable reverse DNS lookups"
	help
	  Disable reverse DNS lookups on connection. This can be handy
	  on systems without working DNS, as connections otherwise
	  stall until DNS times out.

config BR2_PACKAGE_DROPBEAR_SMALL
	bool "optimize for size"
	default y
	help
	  Compile dropbear for the smallest possible binary size.

	  Tradeoffs are slower hashes and ciphers, and disabling of the
	  blowfish cipher and zlib.

config BR2_PACKAGE_DROPBEAR_WTMP
	bool "log dropbear access to wtmp"
	help
	  Enable logging of dropbear access to wtmp. Notice that
	  Buildroot does not generate wtmp by default.

config BR2_PACKAGE_DROPBEAR_LASTLOG
	bool "log dropbear access to lastlog"
	help
	  Enable logging of dropbear access to lastlog. Notice that
	  Buildroot does not generate lastlog by default.

config BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO
	bool "enable legacy crypto"
	help
	  Enable legacy and possibly insecure algorithms:
	    3DES encryption
	    SHA1-96 message integrity
	    CBC encryption mode
	    DSA public keys
	    Diffie-Hellman Group1 key exchange

config BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE
	string "path to custom localoptions.h definitions file"
	help
	  Path to a file whose contents will be appended to Dropbear
	  localoptions.h. It can be used to tweak the Dropbear
	  configuration.

endif
feat: 增加buildroot-2023.11.1 2024-02-18 09:22:07 +08:00			`config BR2_PACKAGE_DROPBEAR`
			`bool "dropbear"`
			`select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL`
			`select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL`
			`help`
			`A small SSH 2 server designed for small memory environments.`

			`Note that dropbear requires a per-device unique host key. The`
			`key will be generated when dropbear starts, but it is not`
			`persistent over reboot (if you have a read-only rootfs) or`
			`upgrade (if you have a read-write rootfs). To make the key`
			`persistent, replace /etc/dropbear with a symlink to a`
			`directory on a persistent, writeable filesystem.`
			`Alternatively, mount a persistent unionfs over your root`
			`filesystem.`

			`https://matt.ucc.asn.au/dropbear/dropbear.html`

			`if BR2_PACKAGE_DROPBEAR`

			`config BR2_PACKAGE_DROPBEAR_CLIENT`
			`bool "client programs"`
			`default y`
			`help`
			`Provides the programs: dbclient, ssh`

			`Note that the following programs are also used server-side`
			`and are therefore always build regardless this setting:`
			`dropbear, dropbearkey, dropbearconvert, scp`

			`config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS`
			`bool "disable reverse DNS lookups"`
			`help`
			`Disable reverse DNS lookups on connection. This can be handy`
			`on systems without working DNS, as connections otherwise`
			`stall until DNS times out.`

			`config BR2_PACKAGE_DROPBEAR_SMALL`
			`bool "optimize for size"`
			`default y`
			`help`
			`Compile dropbear for the smallest possible binary size.`

			`Tradeoffs are slower hashes and ciphers, and disabling of the`
			`blowfish cipher and zlib.`

			`config BR2_PACKAGE_DROPBEAR_WTMP`
			`bool "log dropbear access to wtmp"`
			`help`
			`Enable logging of dropbear access to wtmp. Notice that`
			`Buildroot does not generate wtmp by default.`

			`config BR2_PACKAGE_DROPBEAR_LASTLOG`
			`bool "log dropbear access to lastlog"`
			`help`
			`Enable logging of dropbear access to lastlog. Notice that`
			`Buildroot does not generate lastlog by default.`

			`config BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO`
			`bool "enable legacy crypto"`
			`help`
			`Enable legacy and possibly insecure algorithms:`
			`3DES encryption`
			`SHA1-96 message integrity`
			`CBC encryption mode`
			`DSA public keys`
			`Diffie-Hellman Group1 key exchange`

			`config BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE`
			`string "path to custom localoptions.h definitions file"`
			`help`
			`Path to a file whose contents will be appended to Dropbear`
			`localoptions.h. It can be used to tweak the Dropbear`
			`configuration.`

			`endif`