nkhani yatsopano , seva ya SSH yokhala ndi chilolezo cha MIT komanso kasitomala omwe amagwiritsidwa ntchito makamaka pamakina ophatikizidwa monga ma router opanda zingwe. Dropbear imadziwika ndi kugwiritsa ntchito kukumbukira pang'ono (pamene imalumikizidwa mokhazikika ndi uClibc imangotenga 110kB), kuthekera koletsa magwiridwe antchito osafunikira pakumanga, ndikuthandizira kumanga kasitomala ndi seva mufayilo imodzi yotheka, yofanana ndi bokosi lotanganidwa. Dropbear imathandizira kutumiza kwa X11, imagwirizana ndi fayilo yachinsinsi ya OpenSSH (~/.ssh/authorized_keys) ndipo imatha kupanga maulumikizidwe angapo ndi kutumiza kudzera pagulu lamayendedwe.
Π :
- Thandizo lowonjezera la Ed25519 digito siginecha algorithm mu hostkeys ndi authorized_keys.
- Thandizo lowonjezera la protocol yotsimikizika yotengera ChaCha20 stream cipher ndi Poly1305 mauthenga otsimikizira ma algorithms opangidwa ndi Daniel Bernstein.
- Thandizo lowonjezera la mtundu wa siginecha ya digito ya rsa-sha2, yomwe, chifukwa cha kutha kwa chithandizo cha sha-1, posachedwa ikhala yovomerezeka kwa OpenSSH (makiyi omwe alipo a RSA azitha kugwira ntchito ndi mawonekedwe atsopano popanda kusintha ma hostkeys/authorized_keys).
- Kukhazikitsidwa kwa curve25519 kwasinthidwa ndi mtundu wocheperako kuchokera ku projekiti ya TweetNaCl.
- Thandizo lowonjezera la AES GCM (loyimitsidwa mwachisawawa).
- Zoyimitsidwa mwachisawawa ndi CBC ciphers, 3DES, hmac-sha1-96, ndi x11 kutumiza.
- Kuthetsa nkhani zogwirizana ndi IRIX OS.
- Anawonjezera API kuti mutchule makiyi agulu mwachindunji m'malo mogwiritsa ntchito authorized_keys.
- Chiwopsezo chokhazikika mu SCP , zomwe zimalola kusintha ufulu wofikira ku chikwatu chandamale pamene seva ibweza chikwatu chokhala ndi dzina lopanda kanthu kapena nthawi. Polandira lamulo lakuti "D0777 0 \n" kapena "D0777 0 .\n" kuchokera pa seva, kasitomala anasintha kusintha kwa ufulu wofikira ku bukhu lamakono.
Source: opennet.ru