1config BR2_PACKAGE_DROPBEAR
2	bool "dropbear"
3	select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL
4	select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL
5	select BR2_PACKAGE_LIBXCRYPT if BR2_TOOLCHAIN_USES_GLIBC
6	help
7	  A small SSH 2 server designed for small memory environments.
8
9	  Note that dropbear requires a per-device unique host key. The
10	  key will be generated when dropbear starts, but it is not
11	  persistent over reboot (if you have a read-only rootfs) or
12	  upgrade (if you have a read-write rootfs). To make the key
13	  persistent, replace /etc/dropbear with a symlink to a
14	  directory on a persistent, writeable filesystem.
15	  Alternatively, mount a persistent unionfs over your root
16	  filesystem.
17
18	  https://matt.ucc.asn.au/dropbear/dropbear.html
19
20if BR2_PACKAGE_DROPBEAR
21
22config BR2_PACKAGE_DROPBEAR_CLIENT
23	bool "client programs"
24	default y
25	help
26	  Provides the programs: dbclient, ssh
27
28	  Note that the following programs are also used server-side
29	  and are therefore always build regardless this setting:
30	  dropbear, dropbearkey, dropbearconvert, scp
31
32config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS
33	bool "disable reverse DNS lookups"
34	help
35	  Disable reverse DNS lookups on connection. This can be handy
36	  on systems without working DNS, as connections otherwise
37	  stall until DNS times out.
38
39config BR2_PACKAGE_DROPBEAR_SMALL
40	bool "optimize for size"
41	default y
42	help
43	  Compile dropbear for the smallest possible binary size.
44
45	  Tradeoffs are slower hashes and ciphers, and disabling of the
46	  blowfish cipher and zlib.
47
48config BR2_PACKAGE_DROPBEAR_WTMP
49	bool "log dropbear access to wtmp"
50	help
51	  Enable logging of dropbear access to wtmp. Notice that
52	  Buildroot does not generate wtmp by default.
53
54config BR2_PACKAGE_DROPBEAR_LASTLOG
55	bool "log dropbear access to lastlog"
56	help
57	  Enable logging of dropbear access to lastlog. Notice that
58	  Buildroot does not generate lastlog by default.
59
60config BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO
61	bool "enable legacy crypto"
62	help
63	  Enable legacy and possibly insecure algorithms:
64	    3DES encryption
65	    SHA1-96 message integrity
66	    CBC encryption mode
67	    DSA public keys
68	    Diffie-Hellman Group1 key exchange
69
70config BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE
71	string "path to custom localoptions.h definitions file"
72	help
73	  Path to a file whose contents will be appended to Dropbear
74	  localoptions.h. It can be used to tweak the Dropbear
75	  configuration.
76
77endif
78