Mercurial > dropbear
annotate dropbear.8 @ 840:5128e525c8fa ecc
Default to some larger key sizes
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 31 Oct 2013 22:49:15 +0800 |
parents | f8b28a3de6cb |
children | 057204b3dd61 |
rev | line source |
---|---|
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 .TH dropbear 8 |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 .SH NAME |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
3 dropbear \- lightweight SSH server |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 .SH SYNOPSIS |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 .B dropbear |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 [\-FEmwsgjki] [\-b |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 .I banner\fR] [\-d |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 .I dsskey\fR] [\-r |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 .I rsakey\fR] [\-p |
576
c470649fb627
Mention -p's address argument in manpage synopsis
Matt Johnston <matt@ucc.asn.au>
parents:
569
diff
changeset
|
10 .IR [address:]port ] |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 .SH DESCRIPTION |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 .B dropbear |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
13 is a SSH server designed to be small enough to be used in small memory |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 environments, while still being functional and secure enough for general use. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 .SH OPTIONS |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 .B \-b \fIbanner |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 bannerfile. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 Display the contents of the file |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 .I banner |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 before user login (default: none). |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 .B \-d \fIdsskey |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 dsskeyfile. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 Use the contents of the file |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 .I dsskey |
514
e30a962c09b9
Mention DSS and DSA being the same thing
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
27 for the DSS host key (default: /etc/dropbear/dropbear_dss_host_key). |
e30a962c09b9
Mention DSS and DSA being the same thing
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
28 Note that |
e30a962c09b9
Mention DSS and DSA being the same thing
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
29 some SSH implementations |
e30a962c09b9
Mention DSS and DSA being the same thing
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
30 use the term "DSA" rather than "DSS", they mean the same thing. |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 This file is generated with |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
32 .BR dropbearkey (1). |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 .B \-r \fIrsakey |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 rsakeyfile. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 Use the contents of the file |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 .I rsakey |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key). |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 This file is generated with |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
40 .BR dropbearkey (1). |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 .B \-F |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 Don't fork into background. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 .B \-E |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 Log to standard error rather than syslog. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 .B \-m |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 Don't display the message of the day on login. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 .B \-w |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 Disallow root logins. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
54 .B \-s |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
55 Disable password logins. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
56 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
57 .B \-g |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
58 Disable password logins for root. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
59 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 .B \-j |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
61 Disable local port forwarding. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 .B \-k |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 Disable remote port forwarding. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 .TP |
438 | 66 .B \-p \fI[address:]port |
67 Listen on specified | |
68 .I address | |
69 and TCP | |
70 .I port. | |
71 If just a port is given listen | |
72 on all addresses. | |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 up to 10 can be specified (default 22 if none specified). |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
74 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
75 .B \-i |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
76 Service program mode. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 Use this option to run |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
78 .B dropbear |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
79 under TCP/IP servers like inetd, tcpsvd, or tcpserver. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
80 In program mode the \-F option is implied, and \-p options are ignored. |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
181
diff
changeset
|
81 .TP |
325
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
82 .B \-P \fIpidfile |
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
83 Specify a pidfile to create when running as a daemon. If not specified, the |
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
84 default is /var/run/dropbear.pid |
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
85 .TP |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
181
diff
changeset
|
86 .B \-a |
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
181
diff
changeset
|
87 Allow remote hosts to connect to forwarded ports. |
449
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
88 .TP |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
89 .B \-W \fIwindowsize |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
90 Specify the per-channel receive window buffer size. Increasing this |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
91 may improve network performance at the expense of memory use. Use -h to see the |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
92 default buffer size. |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
93 .TP |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
94 .B \-K \fItimeout_seconds |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
95 Ensure that traffic is transmitted at a certain interval in seconds. This is |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
96 useful for working around firewalls or routers that drop connections after |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
97 a certain period of inactivity. The trade-off is that a session may be |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
98 closed if there is a temporary lapse of network connectivity. A setting |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
99 if 0 disables keepalives. |
515 | 100 .TP |
101 .B \-I \fIidle_timeout | |
102 Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds. | |
510
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
103 .SH FILES |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
104 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
105 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
106 Authorized Keys |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
107 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
108 ~/.ssh/authorized_keys can be set up to allow remote login with a RSA or DSS |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
109 key. Each line is of the form |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
110 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
111 [restrictions] ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIgAsp... [comment] |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
112 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
113 and can be extracted from a Dropbear private host key with "dropbearkey -y". This is the same format as used by OpenSSH, though the restrictions are a subset (keys with unknown restrictions are ignored). |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
114 Restrictions are comma separated, with double quotes around spaces in arguments. |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
115 Available restrictions are: |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
116 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
117 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
118 .B no-port-forwarding |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
119 Don't allow port forwarding for this connection |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
120 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
121 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
122 .B no-agent-forwarding |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
123 Don't allow agent forwarding for this connection |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
124 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
125 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
126 .B no-X11-forwarding |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
127 Don't allow X11 forwarding for this connection |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
128 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
129 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
130 .B no-pty |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
131 Disable PTY allocation. Note that a user can still obtain most of the |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
132 same functionality with other means even if no-pty is set. |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
133 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
134 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
135 .B command="\fIforced_command\fR" |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
136 Disregard the command provided by the user and always run \fIforced_command\fR. |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
137 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
138 The authorized_keys file and its containing ~/.ssh directory must only be |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
139 writable by the user, otherwise Dropbear will not allow a login using public |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
140 key authentication. |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
141 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
142 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
143 Host Key Files |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
144 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
145 Host key files are read at startup from a standard location, by default |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
146 /etc/dropbear/dropbear_dss_host_key and /etc/dropbear/dropbear_rsa_host_key |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
147 or specified on the commandline with -d or -r. These are of the form generated |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
148 by dropbearkey. |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
149 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
150 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
151 Message Of The Day |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
152 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
153 By default the file /etc/motd will be printed for any login shell (unless |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
154 disabled at compile-time). This can also be disabled per-user |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
155 by creating a file ~/.hushlogin . |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
156 |
569 | 157 .SH ENVIRONMENT VARIABLES |
158 Dropbear sets the standard variables USER, LOGNAME, HOME, SHELL, PATH, and TERM. | |
159 | |
160 The variables below are set for sessions as appropriate. | |
161 | |
162 .TP | |
163 .B SSH_TTY | |
164 This is set to the allocated TTY if a PTY was used. | |
165 | |
166 .TP | |
167 .B SSH_CONNECTION | |
168 Contains "<remote_ip> <remote_port> <local_ip> <local_port>". | |
169 | |
170 .TP | |
171 .B DISPLAY | |
172 Set X11 forwarding is used. | |
173 | |
174 .TP | |
175 .B SSH_ORIGINAL_COMMAND | |
176 If a 'command=' authorized_keys option was used, the original command is specified | |
177 in this variable. If a shell was requested this is set to an empty value. | |
178 | |
179 .TP | |
180 .B SSH_AUTH_SOCK | |
181 Set to a forwarded ssh-agent connection. | |
182 | |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
183 .SH NOTES |
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
184 Dropbear only supports SSH protocol version 2. |
569 | 185 |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
186 .SH AUTHOR |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
187 Matt Johnston ([email protected]). |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
188 .br |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
189 Gerrit Pape ([email protected]) wrote this manual page. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
190 .SH SEE ALSO |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
191 dropbearkey(1), dbclient(1), dropbearconvert(1) |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
192 .P |
690 | 193 https://matt.ucc.asn.au/dropbear/dropbear.html |