dropbear: dropbear.8 annotate

annotate dropbear.8 @ 1156:a8f4dade70e5

avoid getpass when not used some systems (like android's bionic) do not provide getpass. you can disable ENABLE_CLI_PASSWORD_AUTH & ENABLE_CLI_INTERACT_AUTH to avoid its use (and rely on pubkey auth), but the link still fails because the support file calls getpass. do not define this func if both of those auth methods are not used.

author	Mike Frysinger <vapier@gentoo.org>
date	Wed, 21 Oct 2015 22:39:55 +0800
parents	67d8a904f5a9
children	80cacacfec23

rev	line source
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 .TH dropbear 8
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 .SH NAME
821 f8b28a3de6cb Don't say "SSH 2" any more since protocol version 1 is irrelevant Matt Johnston <matt@ucc.asn.au> parents: 690 diff changeset	3 dropbear \- lightweight SSH server
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 .SH SYNOPSIS
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	5 .B dropbear
1153 67d8a904f5a9 don't silently ignore extra flag arguments Matt Johnston <matt@ucc.asn.au> parents: 1146 diff changeset	6 [flag arguments] [\-b
860 057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	7 .I banner\fR]
057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	8 [\-r
057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	9 .I hostkeyfile\fR] [\-p
576 c470649fb627 Mention -p's address argument in manpage synopsis Matt Johnston <matt@ucc.asn.au> parents: 569 diff changeset	10 .IR [address:]port ]
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 .SH DESCRIPTION
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 .B dropbear
946 17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 875 diff changeset	13 is a small SSH server
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 .SH OPTIONS
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	16 .B \-b \fIbanner
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17 bannerfile.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18 Display the contents of the file
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19 .I banner
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 before user login (default: none).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 .TP
860 057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	22 .B \-r \fIhostkey
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23 Use the contents of the file
860 057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	24 .I hostkey
057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	25 for the SSH hostkey.
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	26 This file is generated with
860 057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	27 .BR dropbearkey (1)
057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	28 or automatically with the '-R' option. See "Host Key Files" below.
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29 .TP
860 057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	30 .B \-R
875 6c7a15668d5a Log when generating a hostkey Matt Johnston <matt@ucc.asn.au> parents: 860 diff changeset	31 Generate hostkeys automatically. See "Host Key Files" below.
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	33 .B \-F
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	34 Don't fork into background.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	35 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36 .B \-E
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	37 Log to standard error rather than syslog.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	38 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	39 .B \-m
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	40 Don't display the message of the day on login.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	41 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	42 .B \-w
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	43 Disallow root logins.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	44 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	45 .B \-s
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	46 Disable password logins.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	47 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	48 .B \-g
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	49 Disable password logins for root.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	50 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	51 .B \-j
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	52 Disable local port forwarding.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	53 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	54 .B \-k
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	55 Disable remote port forwarding.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	56 .TP
438 4bfd22bac1dc Document -p [address:]port Matt Johnston <matt@ucc.asn.au> parents: 325 diff changeset	57 .B \-p \fI[address:]port
4bfd22bac1dc Document -p [address:]port Matt Johnston <matt@ucc.asn.au> parents: 325 diff changeset	58 Listen on specified
4bfd22bac1dc Document -p [address:]port Matt Johnston <matt@ucc.asn.au> parents: 325 diff changeset	59 .I address
4bfd22bac1dc Document -p [address:]port Matt Johnston <matt@ucc.asn.au> parents: 325 diff changeset	60 and TCP
4bfd22bac1dc Document -p [address:]port Matt Johnston <matt@ucc.asn.au> parents: 325 diff changeset	61 .I port.
4bfd22bac1dc Document -p [address:]port Matt Johnston <matt@ucc.asn.au> parents: 325 diff changeset	62 If just a port is given listen
4bfd22bac1dc Document -p [address:]port Matt Johnston <matt@ucc.asn.au> parents: 325 diff changeset	63 on all addresses.
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	64 up to 10 can be specified (default 22 if none specified).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	65 .TP
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66 .B \-i
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	67 Service program mode.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	68 Use this option to run
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	69 .B dropbear
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	70 under TCP/IP servers like inetd, tcpsvd, or tcpserver.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	71 In program mode the \-F option is implied, and \-p options are ignored.
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 181 diff changeset	72 .TP
325 0e4f225b7e07 Add -N "no remote command" dbclient option. Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	73 .B \-P \fIpidfile
0e4f225b7e07 Add -N "no remote command" dbclient option. Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	74 Specify a pidfile to create when running as a daemon. If not specified, the
0e4f225b7e07 Add -N "no remote command" dbclient option. Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	75 default is /var/run/dropbear.pid
0e4f225b7e07 Add -N "no remote command" dbclient option. Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	76 .TP
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 181 diff changeset	77 .B \-a
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 181 diff changeset	78 Allow remote hosts to connect to forwarded ports.
449 3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	79 .TP
3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	80 .B \-W \fIwindowsize
3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	81 Specify the per-channel receive window buffer size. Increasing this
3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	82 may improve network performance at the expense of memory use. Use -h to see the
3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	83 default buffer size.
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	84 .TP
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	85 .B \-K \fItimeout_seconds
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	86 Ensure that traffic is transmitted at a certain interval in seconds. This is
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	87 useful for working around firewalls or routers that drop connections after
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	88 a certain period of inactivity. The trade-off is that a session may be
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	89 closed if there is a temporary lapse of network connectivity. A setting
946 17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 875 diff changeset	90 if 0 disables keepalives. If no response is received for 3 consecutive keepalives the connection will be closed.
515 fe30d2a2d626 - Document idle_timeout Matt Johnston <matt@ucc.asn.au> parents: 514 diff changeset	91 .TP
fe30d2a2d626 - Document idle_timeout Matt Johnston <matt@ucc.asn.au> parents: 514 diff changeset	92 .B \-I \fIidle_timeout
fe30d2a2d626 - Document idle_timeout Matt Johnston <matt@ucc.asn.au> parents: 514 diff changeset	93 Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds.
946 17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 875 diff changeset	94 .TP
17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 875 diff changeset	95 .B \-V
17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 875 diff changeset	96 Print the version
17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 875 diff changeset	97
510 b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	98 .SH FILES
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	99
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	100 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	101 Authorized Keys
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	102
1146 3c8403f4669d Fix typo in dropbear(8)'s manpage Guilhem Moulin <guilhem@fripost.org> parents: 946 diff changeset	103 ~/.ssh/authorized_keys can be set up to allow remote login with a RSA,
3c8403f4669d Fix typo in dropbear(8)'s manpage Guilhem Moulin <guilhem@fripost.org> parents: 946 diff changeset	104 ECDSA, or DSS
510 b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	105 key. Each line is of the form
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	106 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	107 [restrictions] ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIgAsp... [comment]
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	108
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	109 and can be extracted from a Dropbear private host key with "dropbearkey -y". This is the same format as used by OpenSSH, though the restrictions are a subset (keys with unknown restrictions are ignored).
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	110 Restrictions are comma separated, with double quotes around spaces in arguments.
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	111 Available restrictions are:
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	112
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	113 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	114 .B no-port-forwarding
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	115 Don't allow port forwarding for this connection
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	116
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	117 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	118 .B no-agent-forwarding
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	119 Don't allow agent forwarding for this connection
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	120
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	121 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	122 .B no-X11-forwarding
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	123 Don't allow X11 forwarding for this connection
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	124
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	125 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	126 .B no-pty
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	127 Disable PTY allocation. Note that a user can still obtain most of the
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	128 same functionality with other means even if no-pty is set.
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	129
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	130 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	131 .B command="\fIforced_command\fR"
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	132 Disregard the command provided by the user and always run \fIforced_command\fR.
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	133
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	134 The authorized_keys file and its containing ~/.ssh directory must only be
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	135 writable by the user, otherwise Dropbear will not allow a login using public
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	136 key authentication.
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	137
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	138 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	139 Host Key Files
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	140
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	141 Host key files are read at startup from a standard location, by default
860 057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	142 /etc/dropbear/dropbear_dss_host_key, /etc/dropbear/dropbear_rsa_host_key, and
1146 3c8403f4669d Fix typo in dropbear(8)'s manpage Guilhem Moulin <guilhem@fripost.org> parents: 946 diff changeset	143 /etc/dropbear/dropbear_ecdsa_host_key
860 057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	144 or specified on the commandline with -r. These are of the form generated
057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	145 by dropbearkey. The -R option can be used to automatically generate keys
057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	146 in the default location - keys will be generated after startup when the first
057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	147 connection is established. This had the benefit that the system /dev/urandom
057204b3dd61 docs for ecdsa Matt Johnston <matt@ucc.asn.au> parents: 821 diff changeset	148 random number source has a better chance of being securely seeded.
510 b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	149
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	150 .TP
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	151 Message Of The Day
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	152
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	153 By default the file /etc/motd will be printed for any login shell (unless
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	154 disabled at compile-time). This can also be disabled per-user
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	155 by creating a file ~/.hushlogin .
b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	156
569 6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	157 .SH ENVIRONMENT VARIABLES
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	158 Dropbear sets the standard variables USER, LOGNAME, HOME, SHELL, PATH, and TERM.
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	159
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	160 The variables below are set for sessions as appropriate.
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	161
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	162 .TP
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	163 .B SSH_TTY
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	164 This is set to the allocated TTY if a PTY was used.
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	165
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	166 .TP
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	167 .B SSH_CONNECTION
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	168 Contains "<remote_ip> <remote_port> <local_ip> <local_port>".
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	169
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	170 .TP
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	171 .B DISPLAY
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	172 Set X11 forwarding is used.
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	173
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	174 .TP
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	175 .B SSH_ORIGINAL_COMMAND
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	176 If a 'command=' authorized_keys option was used, the original command is specified
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	177 in this variable. If a shell was requested this is set to an empty value.
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	178
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	179 .TP
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	180 .B SSH_AUTH_SOCK
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	181 Set to a forwarded ssh-agent connection.
6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	182
821 f8b28a3de6cb Don't say "SSH 2" any more since protocol version 1 is irrelevant Matt Johnston <matt@ucc.asn.au> parents: 690 diff changeset	183 .SH NOTES
f8b28a3de6cb Don't say "SSH 2" any more since protocol version 1 is irrelevant Matt Johnston <matt@ucc.asn.au> parents: 690 diff changeset	184 Dropbear only supports SSH protocol version 2.
569 6f472dc54da7 - Set $SSH_CONNECTION Matt Johnston <matt@ucc.asn.au> parents: 515 diff changeset	185
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	186 .SH AUTHOR
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	187 Matt Johnston ([email protected]).
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	188 .br
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	189 Gerrit Pape ([email protected]) wrote this manual page.
a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	190 .SH SEE ALSO
821 f8b28a3de6cb Don't say "SSH 2" any more since protocol version 1 is irrelevant Matt Johnston <matt@ucc.asn.au> parents: 690 diff changeset	191 dropbearkey(1), dbclient(1), dropbearconvert(1)
128 a9dddd13c4ba Added dropbear.8 and dropbearkey.8 back in Matt Johnston <matt@ucc.asn.au> parents: diff changeset	192 .P
690 4b47ff154ff6 Document "-m" and "-c" Matt Johnston <matt@ucc.asn.au> parents: 576 diff changeset	193 https://matt.ucc.asn.au/dropbear/dropbear.html

Mercurial > dropbear

annotate dropbear.8 @ 1156:a8f4dade70e5