Mercurial > dropbear
annotate debian/dropbear.README.Debian @ 1885:5d8dbb6fdab7
Fix SSH_PUBKEYINFO, limit characters, add tests
We fix a bad_bufptr() failure from a previous commit. We now limit
the allowed characters to those that will definitely be safe
in a shell. Some scripts/programs may use arbitrary environment
variables without escaping correctly - that could be a problem
in a restricted environment.
The current allowed set is a-z A-Z 0-9 .,_-+@
This also adds a test for SSH_PUBKEYINFO, by default it only runs
under github actions (or "act -j build").
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 16 Mar 2022 17:17:23 +0800 |
parents | 8c2d2edadf2a |
children |
rev | line source |
---|---|
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 Dropbear for Debian |
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 ------------------- |
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 |
469
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
4 This package will attempt to setup the Dropbear ssh server to listen on |
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
5 port 22. If the OpenSSH server package ("openssh-server") is installed, |
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
6 the file /etc/default/dropbear will be set up so that the server does not |
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
7 start by default. |
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 |
469
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
9 You can run Dropbear concurrently with OpenSSH 'sshd' by modifying |
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
10 /etc/default/dropbear so that "NO_START" is set to "0", and changing the |
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
11 port number that Dropbear runs on. Follow the instructions in the file. |
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 |
469
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
13 This package suggests you install the "openssh-client" package, which |
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
14 provides the "ssh" client program, as well as the "/usr/bin/scp" binary |
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
15 you will need to be able to retrieve files via SCP from a server running |
8c2d2edadf2a
Update to debian 0.50-4 diff
Matt Johnston <matt@ucc.asn.au>
parents:
327
diff
changeset
|
16 Dropbear. |
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 |
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 See the Dropbear homepage for more information: |
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 http://matt.ucc.asn.au/dropbear/dropbear.html |