Dropbear 2013.56 released
Matt Johnston
matt at ucc.asn.au
Thu Mar 21 23:40:46 WST 2013
Hi all,
Dropbear 2013.56 is now released, with a mix of features and
bug fixes. Download as usual at
https://matt.ucc.asn.au/dropbear/dropbear.html
I've also set up a github mirror of the Dropbear mercurial
repository at https://github.com/mkj/dropbear . It'll be
read-only but might be of use to the various forks.
Cheers,
Matt
2013.56 - Thursday 21 March 2013
- Allow specifying cipher (-c) and MAC (-m) lists for dbclient
- Allow using 'none' cipher or MAC (off by default, use options.h). Encryption
is used during authentication then disabled, similar to OpenSSH HPN mode
- Allow a user in immediately if the account has a blank password and blank
passwords are enabled
- Include a few extra sources of entropy from /proc on Linux, hash private keys
as well. Dropbear will also write gathered entropy back into /dev/urandom
- Added hmac-sha2-256 and hmac-sha2-512 support (off by default, use options.h)
- Don't sent bad address "localhost" for -R forward connections,
reported by Denis Bider
- Add "-B" runtime option to allow blank passwords
- Allow using IPv6 bracket notation for addresses in server "-p" option, from Ben Jencks
- A few improvements for Android from Reimar Döffinger
- Fix memory leak for TCP forwarded connections to hosts that timed out,
reported by Norbert Benczúr. Appears to be a very long-standing bug.
- Fix "make clean" for out of tree builds
- Fix compilation when ENABLE_{SVR,CLI}_AGENTFWD are unset
More information about the Dropbear
mailing list