"Bad public key options" (Was: Dropbear 2020.79)
Matt Johnston
matt at ucc.asn.au
Wed Jun 17 20:18:58 AWST 2020
> On Tue 16/6/2020, at 9:58 am, Guilhem Moulin <guilhem at fripost.org> wrote:
>> - […] x11 forwarding are now disabled by default.
>
> I have no opinion about disabling this at compile-time, however the
> current implementation locks out (“Bad public key options”) users with
> ‘no-X11-forwarding’ in their authorized_keys(5) files.
Thanks, I'll apply that and organise a bug fix release (waiting to see if there are an other immediate regressions).
For Debian I think it might be worth keeping x11 forwarding enabled.
I disabled x11 forwarding because most embedded platforms (Dropbear's most common usecase (?)) wouldn't have any use for it. On a general distro it can be useful.
Cheers,
Matt
More information about the Dropbear
mailing list