ukukhishwa okusha , iseva ye-SSH enelayisensi ye-MIT ehlangene kanye neklayenti esetshenziswa ngokuyinhloko kumasistimu ashumekiwe njengamarutha angenantambo. I-Dropbear ibonakala ngokusetshenziswa kwememori okuphansi (uma ixhunywe ngokwezibalo ne-uClibc ithatha kuphela i-110kB), ikhono lokukhubaza ukusebenza okungadingekile esigabeni sokwakha, nokusekelwa kokwakha iklayenti neseva kufayela elilodwa elisebenzisekayo, elifana nebhokisi elimatasa. I-Dropbear isekela ukudluliselwa kwe-X11, ihambisana nefayela elingukhiye we-OpenSSH (~/.ssh/authorized_keys) futhi ingakha ukuxhumana okuningi ngokudlulisela phambili ngomsingathi wezokuthutha.
В :
- Ukwesekwa okwengeziwe kwe-algorithm yesiginesha yedijithali ye-Ed25519 kokhiye ababambayo nakokhiye_abagunyaziwe.
- Usekelo olungeziwe lwephrothokholi yokuqinisekisa esekelwe ku-ChaCha20 stream cipher kanye nama-algorithms okuqinisekisa umlayezo we-Poly1305 athuthukiswe ngu-Daniel Bernstein.
- Usekelo olungeziwe lwefomethi yesiginesha yedijithali ye-rsa-sha2, okuthi, ngenxa yokuphela kosekelo lwe-sha-1, luzodingeka maduze ku-OpenSSH (okhiye abakhona be-RSA bazokwazi ukusebenza ngefomethi entsha ngaphandle kokushintsha okhiye bokusingatha/okhiye_abagunyaziwe).
- Ukuqaliswa kwe-curve25519 kuthathelwe indawo inguqulo ehlangene kakhulu evela kuphrojekthi ye-TweetNaCl.
- Ukwesekwa okwengeziwe kwe-AES GCM (kukhutshazwe ngokuzenzakalela).
- Okukhutshazwe ngokuzenzakalela ama-CBC ciphers, 3DES, hmac-sha1-96, kanye nokudlulisela phambili kwe-x11.
- Ixazulule izinkinga zokusebenzisana nge-IRIX OS.
- Kwengezwe i-API ukuze ucacise okhiye basesidlangalaleni ngokuqondile esikhundleni sokusebenzisa okhiye_abagunyaziwe.
- Ukuba sengozini kulungisiwe ku-SCP , okuvumela ukushintsha amalungelo okufinyelela kuhla lwemibhalo oluqondiwe lapho iseva ibuyisela uhla lwemibhalo olunegama elingenalutho noma isikhathi. Lapho ithola umyalo othi "D0777 0 \n" noma "D0777 0 .\n" ovela kuseva, iklayenti lisebenzisa ushintsho kumalungelo okufinyelela kuhla lwemibhalo lwamanje.
Source: opennet.ru
