Dropbear 2022.83 - jtesta/ssh-audit GitHub Wiki

As per the (unconfirmed) report in https://github.com/jtesta/ssh-audit/issues/159, the following steps may be used to harden Dropbear:

The current release of dropbear can be hardened by building it adding the following three lines to localoptions.h:

#define DROPBEAR_RSA_SHA1 0
#define DROPBEAR_DH_GROUP14_SHA1 0
#define DROPBEAR_SHA1_HMAC 0

Reference: https://github.com/mkj/dropbear/issues/138