diff options
author | Matt Johnston <matt@ucc.asn.au> | 2013-04-18 21:47:38 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2013-04-18 21:47:38 +0800 |
commit | 98667c4f59244dcfad4f691d56618618b704624b (patch) | |
tree | b494911deccf276719043f4f73920b61f5764243 | |
parent | b00bb9f855737cb38fbeb1ad70a7d846026ec9fc (diff) | |
download | dropbear-98667c4f59244dcfad4f691d56618618b704624b.tar.gz |
Don't enable CLI_IMMEDIATE_AUTH by default, it breaks blank password logins
-rw-r--r-- | options.h | 7 | ||||
-rw-r--r-- | sysoptions.h | 3 |
2 files changed, 7 insertions, 3 deletions
@@ -204,6 +204,13 @@ much traffic. */ * return the password on standard output */ /*#define ENABLE_CLI_ASKPASS_HELPER*/ +/* Send a real auth request first rather than requesting a list of available methods. + * It saves a network round trip at login but prevents immediate login to + * accounts with no password, and might be rejected by some strict servers (none + * encountered yet) - hence it isn't enabled by default. */ +/* #define CLI_IMMEDIATE_AUTH */ + + /* Source for randomness. This must be able to provide hundreds of bytes per SSH * connection without blocking. In addition /dev/random is used for seeding * rsa/dss key generation */ diff --git a/sysoptions.h b/sysoptions.h index 3072d3d..be736ef 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -198,9 +198,6 @@ #define DROPBEAR_KEY_LINES /* ie we're using authorized_keys or known_hosts */ #endif -/* Send an auth request straight away rather than trying "none" type to get a list */ -#define CLI_IMMEDIATE_AUTH - /* Changing this is inadvisable, it appears to have problems * with flushing compressed data */ #define DROPBEAR_ZLIB_MEM_LEVEL 8 |