Mercurial > dropbear
annotate debian/dropbear.README.Debian @ 447:278805938dcf
Patch from Nicolai Ehemann to try binding before going to the background,
so that if it exits early (because something's already listening etc)
then it will return an exitcode of 1.
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 19 Jul 2007 15:54:18 +0000 |
| parents | 1857c2c551ea |
| children | 8c2d2edadf2a |
| rev | line source |
|---|---|
|
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 Dropbear for Debian |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 ------------------- |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 This package will attempt to listen on port 22. If the OpenSSH |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 package ("ssh") is installed, the file /etc/default/dropbear |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 will be set up so that the server does not start by default. |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 You can run Dropbear concurrently with OpenSSH 'sshd' by |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 modifying /etc/default/dropbear so that "NO_START" is set to |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 "0" and changing the port number that Dropbear runs on. Follow |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 the instructions in the file. |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 This package suggests you install the "ssh" package. This package |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 provides the "ssh" client program, as well as the "/usr/bin/scp" |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 binary you will need to be able to retrieve files from a server |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 running Dropbear via SCP. |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 Replacing OpenSSH "sshd" with Dropbear |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 -------------------------------------- |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 You will still want to have the "ssh" package installed, as it |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 provides the "ssh" and "scp" binaries. When you install this |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 package, it checks for existing OpenSSH host keys and if found, |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 converts them to the Dropbear format. |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 If this appears to have worked, you should be able to change over |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 by following these steps: |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 1. Stop the OpenSSH server |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 % /etc/init.d/ssh stop |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 2. Prevent the OpenSSH server from starting in the future |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 % touch /etc/ssh/sshd_not_to_be_run |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 3. Modify the Dropbear defaults file, set NO_START to 0 and |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 ensure DROPBEAR_PORT is set to 22. |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 % editor /etc/default/dropbear |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 4. Restart the Dropbear server. |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 % /etc/init.d/dropbear restart |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 See the Dropbear homepage for more information: |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 http://matt.ucc.asn.au/dropbear/dropbear.html |
|
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 |
|
327
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
42 |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
43 Entropy from /dev/random |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
44 ------------------------ |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
45 |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
46 The dropbear binary package is configured at compile time to read |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
47 entropy from /dev/random. If /dev/random on a system blocks when |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
48 reading data from it, client logins may be delayed until the client |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
49 times out. The dropbear server writes a notice to the logs when it |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
50 sees /dev/random blocking. A workaround for such systems is to |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
51 re-compile the package with DROPBEAR_RANDOM_DEV set to /dev/urandom |
|
1857c2c551ea
Bring in changes from Debian 0.48.1-1
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
52 in options.h. |