This feature disables all CBC, SHA1, and diffie-hellman group1 ciphers 
in the dropbear ssh server and client since they're considered weak ciphers
and we want to support the stong algorithms.

Upstream-Status: Inappropriate [configuration]
Signed-off-by: Joseph Reynolds <joseph.reynolds1@ibm.com>

Index: dropbear-2019.78/default_options.h
===================================================================
--- dropbear-2019.78.orig/default_options.h
+++ dropbear-2019.78/default_options.h
@@ -91,7 +91,7 @@ IMPORTANT: Some options will require "ma
 
 /* Enable CBC mode for ciphers. This has security issues though
  * is the most compatible with older SSH implementations */
-#define DROPBEAR_ENABLE_CBC_MODE 1
+#define DROPBEAR_ENABLE_CBC_MODE 0
 
 /* Enable "Counter Mode" for ciphers. This is more secure than
  * CBC mode against certain attacks. It is recommended for security
@@ -101,7 +101,7 @@ IMPORTANT: Some options will require "ma
 /* Message integrity. sha2-256 is recommended as a default, 
    sha1 for compatibility */
 #define DROPBEAR_SHA1_HMAC 1
-#define DROPBEAR_SHA1_96_HMAC 1
+#define DROPBEAR_SHA1_96_HMAC 0
 #define DROPBEAR_SHA2_256_HMAC 1
 
 /* Hostkey/public key algorithms - at least one required, these are used
@@ -149,12 +149,12 @@ IMPORTANT: Some options will require "ma
  * Small systems should generally include either curve25519 or ecdh for performance.
  * curve25519 is less widely supported but is faster
  */ 
-#define DROPBEAR_DH_GROUP14_SHA1 1
+#define DROPBEAR_DH_GROUP14_SHA1 0
 #define DROPBEAR_DH_GROUP14_SHA256 1
 #define DROPBEAR_DH_GROUP16 0
 #define DROPBEAR_CURVE25519 1
 #define DROPBEAR_ECDH 1
-#define DROPBEAR_DH_GROUP1 1
+#define DROPBEAR_DH_GROUP1 0
 
 /* When group1 is enabled it will only be allowed by Dropbear client
 not as a server, due to concerns over its strength. Set to 0 to allow