I'd almost be willing to bet you're the only one that has done thisHi John, would you consider backporting dropbear support for ed25519 keys? I converted all my SSH keys from RSA to ed25519 during my latest stint on Merlin. I realize now when I come back to the fork, I can’t use them. Themiron’s commit is here: https://github.com/mkj/dropbear/commit/3d12521735e7ef7e48be217af0f27d68e23050a7
Saves nvram space and considered more secure!
Excellent! I missed my "maintenance window" for today, but I will try to report back soon.I'd almost be willing to bet you're the only one that has done this
There's a build for you to try in my private downloads.
I was just trying to make it sound more appealing for the entire user base, instead of being a selfish request to make my life easier.As far as nvram space, you can move the key to jffs. See the Merlin_Fork_Options.txt file
So, a data point.. these entries are not added to the generated configuration in 43E6 - it becomes standard afterwards I presume when avahi 0.7 is added/updated. From what I can gather, alias_llmnr is probably related to Link-Local Multicast Name Resolution which is the Microsoft implementation of mDNS. From what I can tell, this is a relatively narrowly supported implementation so that it doesn't do anything yet I suppose isn't surprising? I'm not a windows guy, I have zero idea what they might use that for. Apple uses Bonjour for a number of things including AirPrint, AirPlay, AirTunes, etc.Looking at the code the alias_llmnr appears to do nothing (there's a TODO comment) and alias creates a CNAME for the real name. Don't what the implication of that is as I don't use Avahi. (Although I can't actually find the part of the source code that creates those two lines in the config so I'm missing a piece of the puzzle somewhere.)
I took the fork in the road and my ed25519 key is working well. Thank you for indulging me!I'd almost be willing to bet you're the only one that has done this
There's a build for you to try in my private downloads.
As far as nvram space, you can move the key to jffs. See the Merlin_Fork_Options.txt file
"Fixed" build? Is it in the dev directory or elsewhere, I don't see it yet?Actually, it was...just not in the right place
There's a fixed build up....thanks for checking it.
It's in a private directory where I compile just a single model for someone to try."Fixed" build? Is it in the dev directory or elsewhere, I don't see it yet?
Flashed and looking good. Thank you again!Actually, it was...just not in the right place
There's a fixed build up....thanks for checking it.
I have to ask, did you convert RSA keys or generat new one? If you convert them may I ask how?I converted all my SSH keys from RSA to ed25519 during my latest stint on Merlin.
I created new keys, so I “replaced” instead of “converted.”I have to ask, did you convert RSA keys or generat new one? If you convert them may I ask how?
Thanks
Octopus
Ok Thanks. That what I thought but was unsure.I created new keys, so I “replaced” instead of “converted.”
How are you determining it comes from the router itself versus from a LAN client? Do you have any dual-WAN enabled? wanduck has a reference to "www.asus.com www.google.com www.baidu.com www.yandex.com". Do you see queries to all these domains or just www.google.com?I noticed the router is doing a lookup for www.google.com every 5 seconds or so, anyone knows why the router is making this call every 5 seconds?
I have Pihole installed and pointed the router to Pihole , this is what I see:How are you determining it comes from the router itself versus from a LAN client? Do you have any dual-WAN enabled? wanduck has a reference to "www.asus.com www.google.com www.baidu.com www.yandex.com". Do you see queries to all these domains or just www.google.com?
I doubt the router would generate AAAA queries. Is is possible you have clients using the router IP as DNS and the router is forwarding those requests to the Pihole? A very common problem depending how you setup pihole in the router (as LAN DHCP DNS or WAN DNS).I have Pihole installed and pointed the router to Pihole
Did you get it work with Xshell 6 using ed25519 key's. Working fine in Winscp......I created new keys, so I “replaced” instead of “converted.”
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!