dropbear: disable RSA-SHA1 by default

Upstream has disabled SHA-1 algorithms by default since version 2025.87. SHA-1 has known weakness and most SSH implementations support alternatives. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
author: Konstantin Demin 2025-07-08 16:12:26 +0000
committer: Paul Spooren 2025-07-11 09:23:50 +0000
commit: 5e0fbca9b98e9bc415bbaa9aeeecb95848699a3f (patch)
tree: a290bbe12649f06eb98da670c39260b91a3af1a4
parent: 3dc05213e0261bb960006c957c32f8f14559abe9 (diff)
download: openwrt-5e0fbca9b98e9bc415bbaa9aeeecb95848699a3f.tar.gz
1 files changed, 0 insertions, 1 deletions
diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in
index c5737c05ca..e677ef5edc 100644
--- a/package/network/services/dropbear/Config.in
+++ b/package/network/services/dropbear/Config.in
@@ -822,7 +822,6 @@ menu "Encryption options"
 
 	config DROPBEAR_RSA_SHA1
 		bool "RSA-SHA1 [WEAK]"
-		default y
 		depends on DROPBEAR_LEGACY_COMPAT
 		help
 			This enables the following public key algorithm:
author	Konstantin Demin	2025-07-08 16:12:26 +0000
committer	Paul Spooren	2025-07-11 09:23:50 +0000
commit	5e0fbca9b98e9bc415bbaa9aeeecb95848699a3f (patch)
tree	a290bbe12649f06eb98da670c39260b91a3af1a4
parent	3dc05213e0261bb960006c957c32f8f14559abe9 (diff)
download	openwrt-5e0fbca9b98e9bc415bbaa9aeeecb95848699a3f.tar.gz