help texts rounded off, some fixes

git-svn-id: https://svn.pengutronix.de/svn/ptxdist/trunks/ptxdist-trunk@7410 33e552b5-05e3-0310-8538-816dae2090ed

1 files changed, 82 insertions, 26 deletions

diff --git a/rules/dropbear.in b/rules/dropbear.in
index 3d63d9828..7c4700595 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -20,28 +20,40 @@ config DROPBEAR_DIS_ZLIB
 	prompt "Don't include zlib support"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Disable compresion in Dropbear by dropping use of
+	  zlib.
+	  If you disable zlib, you must explicitly disable
+	  compression for the client - OpenSSH is possibly
+	  buggy in this regard, it seems you need to disable it
+	  globally in ~/.ssh/config, not just in the host entry
+	  in that file.
 
 config DROPBEAR_DIS_OPENPTY
 	bool
 	prompt "Don't use openpty, use alternative method"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  If openpty() is being used (HAVE_OPENPTY defined in config.h) and it fails,
+	  you can try compiling with --disable-openpty. You will probably then need
+	  to create all the /dev/pty?? and /dev/tty?? devices, which can be
+	  problematic for devfs. In general, openpty() is the best way to allocate
+	  PTYs, so it's best to try and get it working.
 
 config DROPBEAR_DIS_SYSLOG
 	bool
 	prompt "Don't include syslog support"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Keep dropbear from writing to syslog.
+	  This option is useful for small or flash-based filesystems.
 
 config DROPBEAR_DIS_LASTLOG
 	bool
 	prompt "disable use of lastlog"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Keep dropbear from writing to lastlog.
+	  This option is useful for small or flash-based filesystems.
 
 config DROPBEAR_DIS_UTMP
 	bool
@@ -49,6 +61,8 @@ config DROPBEAR_DIS_UTMP
 	depends on DROPBEAR
 	help
 	  FIXME: This item should be documented in detail
+	  Keep dropbear from writing to utmp.
+	  This option is useful for small or flash-based filesystems.
 
 config DROPBEAR_DIS_UTMPX
 	bool
@@ -56,6 +70,8 @@ config DROPBEAR_DIS_UTMPX
 	depends on DROPBEAR
 	help
 	  FIXME: This item should be documented in detail
+	  Keep dropbear from writing to utmpx.
+	  This option is useful for small or flash-based filesystems.
 
 config DROPBEAR_DIS_WTMP
 	bool
@@ -63,6 +79,8 @@ config DROPBEAR_DIS_WTMP
 	depends on DROPBEAR
 	help
 	  FIXME: This item should be documented in detail
+	  Keep dropbear from writing to wtmp.
+	  This option is useful for small or flash-based filesystems.
 
 config DROPBEAR_DIS_WTMPX
 	bool
@@ -70,28 +88,30 @@ config DROPBEAR_DIS_WTMPX
 	depends on DROPBEAR
 	help
 	  FIXME: This item should be documented in detail
+	  Keep dropbear from writing to wtmpx.
+	  This option is useful for small or flash-based filesystems.
 
 config DROPBEAR_DIS_LIBUTIL
 	bool
 	prompt "disable use of libutil"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Enable this option to leave out the use of libutil.
+	  This might help to reduce the size of the binary.
 
 config DROPBEAR_DIS_PUTUTLINE
 	bool
 	prompt "disable use of pututline"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  pututline is needed to write to the utmp structure.
 
 config DROPBEAR_DIS_PUTUTXLINE
 	bool
 	prompt "disable use of pututxline"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
-
+	  pututxline is needed to write to the utmpx structure.
 
 comment features
 	depends on DROPBEAR
@@ -101,21 +121,24 @@ config DROPBEAR_DIS_X11
 	prompt "disable X11 Forwarding"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  X11 forwarding means passing X11 (graphical interface)
+	  information over the SSH connection.
 
 config DROPBEAR_DIS_TCP
 	bool
-	prompt "disable TCP Fowarding"
+	prompt "disable TCP Forwarding"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  TCP forwarding means the tunneling of TCP ports over
+	  the SSH connection.
 
 config DROPBEAR_DIS_AGENT
 	bool
 	prompt "disable Authentication Agent Forwarding"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Authentication agent is a program to automatize the
+	  use of authentication private keys.
 
 comment "Encryption, at least one required --- RFC Draft requires 3DES"
 	depends on DROPBEAR
@@ -125,21 +148,34 @@ config DROPBEAR_AES128
 	prompt "AES 128"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  This Advanced Encryption Standard designed by Joan Daemen
+	  and Vincent Rijmen, is a FIPS-approved symmetric encryption
+	  algorithm that may be used by U.S. Government organizations
+	  (and others) to protect sensitive information.
 
 config DROPBEAR_BLOWFISH
 	bool
 	prompt "Blowfish"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Blowfish, by Bruce Schneier, combines a Feistel network,
+	  key-dependent S-Boxes, with a non-invertible f function.
+	  This block cipher iterates a simple encryption function
+	  16 times.
+	  Blowfish was designed with a variable key length ranging
+	  from 32 bits to 448 bits.
 
 config DROPBEAR_TWOFISH128
 	bool
 	prompt "Twofish128"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Another great algorithm designed by Bruce Schneier.
+	  This block cipher was designed as a successor to
+	  the 64-bit Blowfish block cipher.
+	  Twofish combines a 16-round Feistel network with a
+	  bijective f function made by four key-dependent
+	  8x8-bit S-boxes.
 
 config DROPBEAR_3DES
 	bool
@@ -147,7 +183,13 @@ config DROPBEAR_3DES
 	default y
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  DES is an IBM algorithm designed during the 1970s.
+	  In 1976, NIST has officially adopted it as an encryption
+	  algorithm for unclassified data. Since then, DES has
+	  become one of the widely used block ciphers on the
+	  market. As the effective key length of DES is a 56-bit,
+	  a triple-DES was created. The new 3DES concept uses
+	  three DES rounds to encrypt the DATA 3 times.
 
 comment "Integrity, at least one required --- RFC Draft requires sha1-hmac"
 	depends on DROPBEAR
@@ -158,14 +200,22 @@ config DROPBEAR_SHA1
 	default y
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  The Secure Hash Algorithm (SHA) was developed by NIST and
+	  is specified in the Secure Hash Standard (SHS, FIPS 180).
+	  SHA-1 is a revision to this version and was published in
+	  1994. It is also described in the ANSI X9.30 (part 2)
+	  standard. SHA-1 produces a 160-bit (20 byte) message digest.
+	  Although slower than MD5, this larger digest size makes it
+	  stronger against brute force attacks.
 
 config DROPBEAR_MD5
 	bool
 	prompt "md5"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  MD5 was developed by Professor Ronald L. Rivest in 1994.
+	  Its 128 bit (16 byte) message digest makes it a faster
+	  implementation than SHA-1.
 
 comment "Hostkey/public key algorithms, at least one required --- SSH2 RFC Draft requires dss"
 	depends on DROPBEAR
@@ -175,7 +225,10 @@ config DROPBEAR_RSA
 	prompt "rsa"
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  RSA was announced in 1978. The security of the RSA system
+	  is based upon the RSA Problem (RSAP). This problem is
+	  conjectured (but not proven) to be equivalent to the
+	  Integer Factorisation Problem (IFP).
 
 config DROPBEAR_DSS
 	bool
@@ -183,8 +236,11 @@ config DROPBEAR_DSS
 	default y
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
-
+	  DSS stands for Digital Signature Standard.
+	  DSS employs the ElGamal and Schnorr PK systems to produce
+	  a fixed width signature (irrespective of the public/private
+	  key size). In contrast, RSA signature length is a function
+	  of the key length employed.
 
 comment "Authentication types, at least one required --- RFC Draft requires pubkey auth"
 	depends on DROPBEAR
@@ -195,7 +251,7 @@ config DROPBEAR_PASSWD
 	default y
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Use password authentication
 
 config DROPBEAR_PUBKEY
 	bool
@@ -203,7 +259,7 @@ config DROPBEAR_PUBKEY
 	default y
 	depends on DROPBEAR
 	help
-	  FIXME: This item should be documented in detail
+	  Use public key authentication
 
 comment "installation options   ---"
 	depends on DROPBEAR
@@ -218,14 +274,14 @@ config DROPBEAR_DROPBEAR
 	select DROPBEAR_DSS
 	select BB_CONFIG_START_STOP_DAEMON if BUSYBOX
 	help
-	  FIXME: This item should be documented in detail
+	  Installs the dropbar server in /usr/sbin/dropbear on the target
 
 config DROPBEAR_DROPBEAR_KEY
 	bool
 	prompt "Install dropbearkey"
 	depends on DROPBEAR
 	help
-	  This programm is used to generate the host key(s).
+	  This program is used to generate the host key(s).
 	  Select this, if you want this program on your target platform.
 
 config DROPBEAR_DROPBEAR_CONVERT
@@ -233,7 +289,7 @@ config DROPBEAR_DROPBEAR_CONVERT
 	prompt "Install dropbearconvert"
 	depends on DROPBEAR
 	help
-	  With this utility you can convert ssh hostkeys from openssh to dropbear formt.
+	  With this utility you can convert ssh hostkeys from openssh to dropbear format.
 	  Select this, if you want this program on your target platform.
 
 config DROPBEAR_SCP