menuconfig DROPBEAR
        bool
	prompt "Dropbear SSH-Server "
	select ZLIB
	select LIBC_UTIL
	help
	  dropbear is a SSH 2 server and client designed
	  to be small enough to be used in small memory
	  environments, while still being functional and
 	  secure enough for general use.

	  It implements most required features of the
	  SSH 2 protocol, and other features such as X11
	  and authentication agent forwarding.

	  http://matt.ucc.asn.au/dropbear/dropbear.html

config DROPBEAR_DIS_ZLIB
	bool
	prompt "Don't include zlib support"
	depends on DROPBEAR
	help
	  Disable compresion in Dropbear by dropping use of
	  zlib.
	  If you disable zlib, you must explicitly disable
	  compression for the client - OpenSSH is possibly
	  buggy in this regard, it seems you need to disable it
	  globally in ~/.ssh/config, not just in the host entry
	  in that file.

config DROPBEAR_DIS_OPENPTY
	bool
	prompt "Don't use openpty, use alternative method"
	depends on DROPBEAR
	help
	  If openpty() is being used (HAVE_OPENPTY defined in config.h) and it fails,
	  you can try compiling with --disable-openpty. You will probably then need
	  to create all the /dev/pty?? and /dev/tty?? devices, which can be
	  problematic for devfs. In general, openpty() is the best way to allocate
	  PTYs, so it's best to try and get it working.

config DROPBEAR_DIS_SYSLOG
	bool
	prompt "Don't include syslog support"
	depends on DROPBEAR
	help
	  Keep dropbear from writing to syslog.
	  This option is useful for small or flash-based filesystems.

config DROPBEAR_DIS_LASTLOG
	bool
	prompt "disable use of lastlog"
	depends on DROPBEAR
	help
	  Keep dropbear from writing to lastlog.
	  This option is useful for small or flash-based filesystems.

config DROPBEAR_DIS_UTMP
	bool
	prompt "disable use of utmp"
	depends on DROPBEAR
	help
	  FIXME: This item should be documented in detail
	  Keep dropbear from writing to utmp.
	  This option is useful for small or flash-based filesystems.

config DROPBEAR_DIS_UTMPX
	bool
	prompt "disable use of utmpx"
	depends on DROPBEAR
	help
	  FIXME: This item should be documented in detail
	  Keep dropbear from writing to utmpx.
	  This option is useful for small or flash-based filesystems.

config DROPBEAR_DIS_WTMP
	bool
	prompt "disable use of wtmp"
	depends on DROPBEAR
	help
	  FIXME: This item should be documented in detail
	  Keep dropbear from writing to wtmp.
	  This option is useful for small or flash-based filesystems.

config DROPBEAR_DIS_WTMPX
	bool
	prompt "disable use of wtmpx"
	depends on DROPBEAR
	help
	  FIXME: This item should be documented in detail
	  Keep dropbear from writing to wtmpx.
	  This option is useful for small or flash-based filesystems.

config DROPBEAR_DIS_LIBUTIL
	bool
	prompt "disable use of libutil"
	depends on DROPBEAR
	help
	  Enable this option to leave out the use of libutil.
	  This might help to reduce the size of the binary.

config DROPBEAR_DIS_PUTUTLINE
	bool
	prompt "disable use of pututline"
	depends on DROPBEAR
	help
	  pututline is needed to write to the utmp structure.

config DROPBEAR_DIS_PUTUTXLINE
	bool
	prompt "disable use of pututxline"
	depends on DROPBEAR
	help
	  pututxline is needed to write to the utmpx structure.

comment features
	depends on DROPBEAR

config DROPBEAR_DIS_X11
	bool
	prompt "disable X11 Forwarding"
	depends on DROPBEAR
	help
	  X11 forwarding means passing X11 (graphical interface)
	  information over the SSH connection.

config DROPBEAR_DIS_TCP
	bool
	prompt "disable TCP Forwarding"
	depends on DROPBEAR
	help
	  TCP forwarding means the tunneling of TCP ports over
	  the SSH connection.

config DROPBEAR_DIS_AGENT
	bool
	prompt "disable Authentication Agent Forwarding"
	depends on DROPBEAR
	help
	  Authentication agent is a program to automatize the
	  use of authentication private keys.

comment "Encryption, at least one required --- RFC Draft requires 3DES"
	depends on DROPBEAR

config DROPBEAR_AES128
	bool
	prompt "AES 128"
	depends on DROPBEAR
	help
	  This Advanced Encryption Standard designed by Joan Daemen
	  and Vincent Rijmen, is a FIPS-approved symmetric encryption
	  algorithm that may be used by U.S. Government organizations
	  (and others) to protect sensitive information.

config DROPBEAR_BLOWFISH
	bool
	prompt "Blowfish"
	depends on DROPBEAR
	help
	  Blowfish, by Bruce Schneier, combines a Feistel network,
	  key-dependent S-Boxes, with a non-invertible f function.
	  This block cipher iterates a simple encryption function
	  16 times.
	  Blowfish was designed with a variable key length ranging
	  from 32 bits to 448 bits.

config DROPBEAR_TWOFISH128
	bool
	prompt "Twofish128"
	depends on DROPBEAR
	help
	  Another great algorithm designed by Bruce Schneier.
	  This block cipher was designed as a successor to
	  the 64-bit Blowfish block cipher.
	  Twofish combines a 16-round Feistel network with a
	  bijective f function made by four key-dependent
	  8x8-bit S-boxes.

config DROPBEAR_3DES
	bool
	prompt "3DES"
	default y
	depends on DROPBEAR
	help
	  DES is an IBM algorithm designed during the 1970s.
	  In 1976, NIST has officially adopted it as an encryption
	  algorithm for unclassified data. Since then, DES has
	  become one of the widely used block ciphers on the
	  market. As the effective key length of DES is a 56-bit,
	  a triple-DES was created. The new 3DES concept uses
	  three DES rounds to encrypt the DATA 3 times.

comment "Integrity, at least one required --- RFC Draft requires sha1-hmac"
	depends on DROPBEAR

config DROPBEAR_SHA1
	bool
	prompt "sha1"
	default y
	depends on DROPBEAR
	help
	  The Secure Hash Algorithm (SHA) was developed by NIST and
	  is specified in the Secure Hash Standard (SHS, FIPS 180).
	  SHA-1 is a revision to this version and was published in
	  1994. It is also described in the ANSI X9.30 (part 2)
	  standard. SHA-1 produces a 160-bit (20 byte) message digest.
	  Although slower than MD5, this larger digest size makes it
	  stronger against brute force attacks.

config DROPBEAR_MD5
	bool
	prompt "md5"
	depends on DROPBEAR
	help
	  MD5 was developed by Professor Ronald L. Rivest in 1994.
	  Its 128 bit (16 byte) message digest makes it a faster
	  implementation than SHA-1.

comment "Hostkey/public key algorithms, at least one required --- SSH2 RFC Draft requires dss"
	depends on DROPBEAR

config DROPBEAR_RSA
	bool
	prompt "rsa"
	depends on DROPBEAR
	help
	  RSA was announced in 1978. The security of the RSA system
	  is based upon the RSA Problem (RSAP). This problem is
	  conjectured (but not proven) to be equivalent to the
	  Integer Factorisation Problem (IFP).

config DROPBEAR_DSS
	bool
	prompt "dss"
	default y
	depends on DROPBEAR
	help
	  DSS stands for Digital Signature Standard.
	  DSS employs the ElGamal and Schnorr PK systems to produce
	  a fixed width signature (irrespective of the public/private
	  key size). In contrast, RSA signature length is a function
	  of the key length employed.

comment "Authentication types, at least one required --- RFC Draft requires pubkey auth"
	depends on DROPBEAR

config DROPBEAR_PASSWD
	bool
	prompt "password"
	default y
	depends on DROPBEAR
	help
	  Use password authentication

config DROPBEAR_PUBKEY
	bool
	prompt "pubkey"
	default y
	depends on DROPBEAR
	help
	  Use public key authentication

comment "installation options   ---"
	depends on DROPBEAR

config DROPBEAR_DROPBEAR
	bool
	prompt "Install dropbear SSH server"
	default y
	depends on DROPBEAR
	select DROPBEAR_DROPBEAR_KEY
	select DROPBEAR_RSA
	select DROPBEAR_DSS
	select BB_CONFIG_START_STOP_DAEMON if BUSYBOX
	help
	  Installs the dropbar server in /usr/sbin/dropbear on the target

config DROPBEAR_DROPBEAR_KEY
	bool
	prompt "Install dropbearkey"
	depends on DROPBEAR
	help
	  This program is used to generate the host key(s).
	  Select this, if you want this program on your target platform.

config DROPBEAR_DROPBEAR_CONVERT
	bool
	prompt "Install dropbearconvert"
	depends on DROPBEAR
	help
	  With this utility you can convert ssh hostkeys from openssh to dropbear format.
	  Select this, if you want this program on your target platform.

config DROPBEAR_SCP
	bool
	prompt	"Install dropbear's scp"
	depends on DROPBEAR
	help
	  This is dropbear's implementation of the scp utility.

comment "runtime options   ---"
	depends on DROPBEAR

config ROOTFS_ETC_INITD_DROPBEAR
	depends on DROPBEAR
	bool
	default y
	prompt "Install startup script"
	help
	  The /etc/init.d/dropbear script lets you control the dropbear daemon.

	choice
		prompt "Kind of startup script"
		depends on ROOTFS_ETC_INITD_DROPBEAR
		default ROOTFS_ETC_INITD_DROPBEAR_DEFAULT

		config ROOTFS_ETC_INITD_DROPBEAR_DEFAULT
			bool
			prompt "Use generic"
			help
			  Installs a generic /etc/init.d/dropbear startup script.
			  See <ptxdist-install>/generic/etc/init.d/dropbear

		config ROOTFS_ETC_INITD_DROPBEAR_USER
			bool
			prompt "User defined"
			help
			  This uses a user defined dropbear startup script. PTXdist
			  uses files projectroot/etc/init.d/dropbear in your local
			  project

	endchoice