ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 10:57:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Comment on reason for DROPBEAR_MAX_PASSWORD_LEN limit

Browse Source
This commit is contained in:
Matt Johnston 2021-10-12 21:29:25 +08:00
parent f3b72bfd18
commit 3c2436cd05
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sysoptions.h
View File

@ -86,6 +86,12 @@
/* Required for pubkey auth */ /* Required for pubkey auth */
#define DROPBEAR_SIGNKEY_VERIFY ((DROPBEAR_SVR_PUBKEY_AUTH) || (DROPBEAR_CLIENT)) #define DROPBEAR_SIGNKEY_VERIFY ((DROPBEAR_SVR_PUBKEY_AUTH) || (DROPBEAR_CLIENT))
/* crypt(password) must take less time than the auth failure delay
(250ms set in svr-auth.c). On Linux the delay depends on
password length, 100 characters here was empirically derived.
If a longer password is allowed Dropbear cannot compensate
for the crypt time which will expose which usernames exist */
#define DROPBEAR_MAX_PASSWORD_LEN 100 #define DROPBEAR_MAX_PASSWORD_LEN 100
#define SHA1_HASH_SIZE 20 #define SHA1_HASH_SIZE 20