--- options.h.original Thu Dec 18 20:06:45 2003 +++ options.h Thu Dec 18 20:06:46 2003 @@ -45,10 +45,10 @@ /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is * perhaps 20% slower for pubkey operations (it is probably worth experimenting * if you want to use this) */ -/*#define NO_FAST_EXPTMOD*/ +#define NO_FAST_EXPTMOD /* Enable X11 Forwarding */ -#define ENABLE_X11FWD +/*#define ENABLE_X11FWD*/ /* Enable TCP Fowarding */ /* NOTE: TCP forwarding is still work-in-progress, -L forwarding should work, @@ -60,9 +60,9 @@ /* Encryption - at least one required. * RFC Draft requires 3DES, and recommends Blowfish, AES128 & Twofish128 */ -#define DROPBEAR_AES128_CBC +/*#define DROPBEAR_AES128_CBC*/ #define DROPBEAR_BLOWFISH_CBC -#define DROPBEAR_TWOFISH128_CBC +/*#define DROPBEAR_TWOFISH128_CBC*/ #define DROPBEAR_3DES_CBC /* Integrity - at least one required. @@ -78,7 +78,7 @@ * generated otherwise. This isn't exactly optimal, although sha1 fingerprints * are not too hard go create from pubkeys if required. */ #define DROPBEAR_SHA1_HMAC -#define DROPBEAR_MD5_HMAC +/*#define DROPBEAR_MD5_HMAC*/ /* Hostkey/public key algorithms - at least one required, these are used * for hostkey as well as for verifying signatures with pubkey auth. @@ -96,16 +96,16 @@ /* Whether to do reverse DNS lookups. This is advisable, though will add * code size with gethostbyname() etc, so for very small environments where * you are statically linking, you might want to undefine this */ -#define DO_HOST_LOOKUP +/*#define DO_HOST_LOOKUP*/ /* Whether to print the message of the day (MOTD). This doesn't add much code * size */ -#define DO_MOTD +/*#define DO_MOTD*/ /* The MOTD file path */ -#ifndef MOTD_FILENAME -#define MOTD_FILENAME "/etc/motd" -#endif +/*#ifndef MOTD_FILENAME*/ +/*#define MOTD_FILENAME "/etc/motd"*/ +/*#endif*/ /* Authentication types to enable, at least one required. RFC Draft requires pubkey auth, and recommends password */ @@ -134,7 +134,8 @@ /* Maximum number of failed authentication tries */ #ifndef MAX_AUTH_TRIES -#define MAX_AUTH_TRIES 10 +/*#define MAX_AUTH_TRIES 10*/ +#define MAX_AUTH_TRIES 3 #endif /* The file to store the daemon's process ID, for shutdown scripts etc */ @@ -151,12 +152,12 @@ /* if you want to enable running an sftp server (such as the one included with * OpenSSH), set the path below. If the path isn't defined, sftp will not * be enabled */ -#ifndef SFTPSERVER_PATH -#define SFTPSERVER_PATH "/usr/libexec/sftp-server" -#endif +/*#ifndef SFTPSERVER_PATH*/ +/*#define SFTPSERVER_PATH "/usr/libexec/sftp-server"*/ +/*#endif*/ /* This is used by the scp binary when used as a client binary */ -#define _PATH_SSH_PROGRAM "/usr/bin/ssh" +/*#define _PATH_SSH_PROGRAM "/usr/bin/ssh"*/ /* Multi-purpose binary configuration - if you want to make the combined * binary, first define DROPBEAR_MULTI, and then define which of the three @@ -164,13 +165,13 @@ * "make clean; make dropbearmulti". You'll need to install the binary * manually, see MULTI for details */ -/* #define DROPBEAR_MULTI */ +#define DROPBEAR_MULTI /* The three multi binaries: dropbear, dropbearkey, dropbearconvert * Comment out these if you don't want some of them */ #define DBMULTI_DROPBEAR #define DBMULTI_KEY -#define DBMULTI_CONVERT +/*#define DBMULTI_CONVERT*/ /*******************************************************************