annotate dropbear.8 @ 452:4cab61369879

Prevent invalid packets being sent during key-exchange, instead queue them until afterwards. This could sometimes terminate connections after 8 hours if (for example) a new TCP forwarded connection was sent at the KEX timeout.
author Matt Johnston <matt@ucc.asn.au>
date Fri, 27 Jul 2007 17:13:42 +0000
parents 3e6c536bc023
children 7e43f5e473b9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
128
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 .TH dropbear 8
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 .SH NAME
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 dropbear \- lightweight SSH2 server
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 .SH SYNOPSIS
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
5 .B dropbear
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 [\-FEmwsgjki] [\-b
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 .I banner\fR] [\-d
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 .I dsskey\fR] [\-r
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 .I rsakey\fR] [\-p
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 .IR port ]
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 .SH DESCRIPTION
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 .B dropbear
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 is a SSH 2 server designed to be small enough to be used in small memory
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 environments, while still being functional and secure enough for general use.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 .SH OPTIONS
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 .B \-b \fIbanner
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 bannerfile.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 Display the contents of the file
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 .I banner
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 before user login (default: none).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 .B \-d \fIdsskey
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24 dsskeyfile.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25 Use the contents of the file
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 .I dsskey
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 for the dss host key (default: /etc/dropbear/dropbear_dss_host_key).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 This file is generated with
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 .BR dropbearkey (8).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 .B \-r \fIrsakey
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 rsakeyfile.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 Use the contents of the file
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 .I rsakey
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
35 for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36 This file is generated with
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
37 .BR dropbearkey (8).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
38 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
39 .B \-F
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
40 Don't fork into background.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
41 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
42 .B \-E
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
43 Log to standard error rather than syslog.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
44 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
45 .B \-m
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
46 Don't display the message of the day on login.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
47 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
48 .B \-w
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49 Disallow root logins.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
50 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
51 .B \-s
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
52 Disable password logins.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
53 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54 .B \-g
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55 Disable password logins for root.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
56 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
57 .B \-j
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
58 Disable local port forwarding.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
59 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
60 .B \-k
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
61 Disable remote port forwarding.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
62 .TP
438
4bfd22bac1dc Document -p [address:]port
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
63 .B \-p \fI[address:]port
4bfd22bac1dc Document -p [address:]port
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
64 Listen on specified
4bfd22bac1dc Document -p [address:]port
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
65 .I address
4bfd22bac1dc Document -p [address:]port
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
66 and TCP
4bfd22bac1dc Document -p [address:]port
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
67 .I port.
4bfd22bac1dc Document -p [address:]port
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
68 If just a port is given listen
4bfd22bac1dc Document -p [address:]port
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
69 on all addresses.
128
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
70 up to 10 can be specified (default 22 if none specified).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
71 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
72 .B \-i
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
73 Service program mode.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
74 Use this option to run
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
75 .B dropbear
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
76 under TCP/IP servers like inetd, tcpsvd, or tcpserver.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
77 In program mode the \-F option is implied, and \-p options are ignored.
258
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 181
diff changeset
78 .TP
325
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 258
diff changeset
79 .B \-P \fIpidfile
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 258
diff changeset
80 Specify a pidfile to create when running as a daemon. If not specified, the
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 258
diff changeset
81 default is /var/run/dropbear.pid
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 258
diff changeset
82 .TP
258
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 181
diff changeset
83 .B \-a
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 181
diff changeset
84 Allow remote hosts to connect to forwarded ports.
449
3e6c536bc023 Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents: 446
diff changeset
85 .TP
3e6c536bc023 Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents: 446
diff changeset
86 .B \-W \fIwindowsize
3e6c536bc023 Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents: 446
diff changeset
87 Specify the per-channel receive window buffer size. Increasing this
3e6c536bc023 Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents: 446
diff changeset
88 may improve network performance at the expense of memory use. Use -h to see the
3e6c536bc023 Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents: 446
diff changeset
89 default buffer size.
128
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
90 .SH AUTHOR
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
91 Matt Johnston ([email protected]).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
92 .br
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
93 Gerrit Pape ([email protected]) wrote this manual page.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
94 .SH SEE ALSO
181
1916df7df911 * Add references in the manpages to the dbclient manpage
Matt Johnston <matt@ucc.asn.au>
parents: 128
diff changeset
95 dropbearkey(8), dbclient(1)
128
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
96 .P
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
97 http://matt.ucc.asn.au/dropbear/dropbear.html