Mercurial > dropbear
annotate dropbear.8 @ 1584:cdfab509c392
use random keyblob from the fuzzer instead
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sun, 04 Mar 2018 19:19:45 +0800 |
parents | 2e9b6d9c7e7d |
children | d32bcb5c557d |
rev | line source |
---|---|
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 .TH dropbear 8 |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 .SH NAME |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
3 dropbear \- lightweight SSH server |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 .SH SYNOPSIS |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 .B dropbear |
1174
80cacacfec23
Fix minor manpage formatting issues
Guilhem Moulin <guilhem@fripost.org>
parents:
1153
diff
changeset
|
6 [\fIflag arguments\fR] [\-b |
860 | 7 .I banner\fR] |
8 [\-r | |
1174
80cacacfec23
Fix minor manpage formatting issues
Guilhem Moulin <guilhem@fripost.org>
parents:
1153
diff
changeset
|
9 .I hostkeyfile\fR] [\-p [\fIaddress\fR:]\fIport\fR] |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 .SH DESCRIPTION |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 .B dropbear |
946 | 12 is a small SSH server |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 .SH OPTIONS |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 .B \-b \fIbanner |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 bannerfile. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 Display the contents of the file |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 .I banner |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 before user login (default: none). |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 .TP |
860 | 21 .B \-r \fIhostkey |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 Use the contents of the file |
860 | 23 .I hostkey |
24 for the SSH hostkey. | |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 This file is generated with |
860 | 26 .BR dropbearkey (1) |
27 or automatically with the '-R' option. See "Host Key Files" below. | |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 .TP |
860 | 29 .B \-R |
875
6c7a15668d5a
Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents:
860
diff
changeset
|
30 Generate hostkeys automatically. See "Host Key Files" below. |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 .B \-F |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 Don't fork into background. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 .B \-E |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 Log to standard error rather than syslog. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 .B \-m |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 Don't display the message of the day on login. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 .B \-w |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 Disallow root logins. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 .B \-s |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 Disable password logins. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 .B \-g |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 Disable password logins for root. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 .B \-j |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 Disable local port forwarding. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 .B \-k |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
54 Disable remote port forwarding. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
55 .TP |
1174
80cacacfec23
Fix minor manpage formatting issues
Guilhem Moulin <guilhem@fripost.org>
parents:
1153
diff
changeset
|
56 .B \-p\fR [\fIaddress\fR:]\fIport |
438 | 57 Listen on specified |
58 .I address | |
59 and TCP | |
60 .I port. | |
61 If just a port is given listen | |
62 on all addresses. | |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 up to 10 can be specified (default 22 if none specified). |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 .TP |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 .B \-i |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 Service program mode. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 Use this option to run |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 .B dropbear |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 under TCP/IP servers like inetd, tcpsvd, or tcpserver. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 In program mode the \-F option is implied, and \-p options are ignored. |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
181
diff
changeset
|
71 .TP |
325
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
72 .B \-P \fIpidfile |
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
73 Specify a pidfile to create when running as a daemon. If not specified, the |
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
74 default is /var/run/dropbear.pid |
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
75 .TP |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
181
diff
changeset
|
76 .B \-a |
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
181
diff
changeset
|
77 Allow remote hosts to connect to forwarded ports. |
449
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
78 .TP |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
79 .B \-W \fIwindowsize |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
80 Specify the per-channel receive window buffer size. Increasing this |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
81 may improve network performance at the expense of memory use. Use -h to see the |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
82 default buffer size. |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
83 .TP |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
84 .B \-K \fItimeout_seconds |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
85 Ensure that traffic is transmitted at a certain interval in seconds. This is |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
86 useful for working around firewalls or routers that drop connections after |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
87 a certain period of inactivity. The trade-off is that a session may be |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
88 closed if there is a temporary lapse of network connectivity. A setting |
946 | 89 if 0 disables keepalives. If no response is received for 3 consecutive keepalives the connection will be closed. |
515 | 90 .TP |
91 .B \-I \fIidle_timeout | |
92 Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds. | |
946 | 93 .TP |
1442
517c67cbcd31
dropbear server: support -T max auth tries
Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
parents:
1290
diff
changeset
|
94 .B \-T \fImax_authentication_attempts |
1445
a3a96dbf9a58
Use MAX_AUTH_TRIES rather than DEFAULT_AUTH_TRIES, don't limit argument range
Matt Johnston <matt@ucc.asn.au>
parents:
1442
diff
changeset
|
95 Set the number of authentication attempts allowed per connection. If unspecified the default is 10 (MAX_AUTH_TRIES) |
1442
517c67cbcd31
dropbear server: support -T max auth tries
Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
parents:
1290
diff
changeset
|
96 .TP |
1290
ee2ffa044c7e
Add manpage and log for forced_command
Matt Johnston <matt@ucc.asn.au>
parents:
1174
diff
changeset
|
97 .B \-c \fIforced_command |
ee2ffa044c7e
Add manpage and log for forced_command
Matt Johnston <matt@ucc.asn.au>
parents:
1174
diff
changeset
|
98 Disregard the command provided by the user and always run \fIforced_command\fR. This also |
ee2ffa044c7e
Add manpage and log for forced_command
Matt Johnston <matt@ucc.asn.au>
parents:
1174
diff
changeset
|
99 overrides any authorized_keys command= option. |
ee2ffa044c7e
Add manpage and log for forced_command
Matt Johnston <matt@ucc.asn.au>
parents:
1174
diff
changeset
|
100 .TP |
946 | 101 .B \-V |
102 Print the version | |
103 | |
510
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
104 .SH FILES |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
105 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
106 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
107 Authorized Keys |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
108 |
1146
3c8403f4669d
Fix typo in dropbear(8)'s manpage
Guilhem Moulin <guilhem@fripost.org>
parents:
946
diff
changeset
|
109 ~/.ssh/authorized_keys can be set up to allow remote login with a RSA, |
3c8403f4669d
Fix typo in dropbear(8)'s manpage
Guilhem Moulin <guilhem@fripost.org>
parents:
946
diff
changeset
|
110 ECDSA, or DSS |
510
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
111 key. Each line is of the form |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
112 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
113 [restrictions] ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIgAsp... [comment] |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
114 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
115 and can be extracted from a Dropbear private host key with "dropbearkey -y". This is the same format as used by OpenSSH, though the restrictions are a subset (keys with unknown restrictions are ignored). |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
116 Restrictions are comma separated, with double quotes around spaces in arguments. |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
117 Available restrictions are: |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
118 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
119 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
120 .B no-port-forwarding |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
121 Don't allow port forwarding for this connection |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
122 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
123 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
124 .B no-agent-forwarding |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
125 Don't allow agent forwarding for this connection |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
126 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
127 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
128 .B no-X11-forwarding |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
129 Don't allow X11 forwarding for this connection |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
130 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
131 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
132 .B no-pty |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
133 Disable PTY allocation. Note that a user can still obtain most of the |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
134 same functionality with other means even if no-pty is set. |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
135 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
136 .TP |
1174
80cacacfec23
Fix minor manpage formatting issues
Guilhem Moulin <guilhem@fripost.org>
parents:
1153
diff
changeset
|
137 .B command=\fR"\fIforced_command\fR" |
510
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
138 Disregard the command provided by the user and always run \fIforced_command\fR. |
1290
ee2ffa044c7e
Add manpage and log for forced_command
Matt Johnston <matt@ucc.asn.au>
parents:
1174
diff
changeset
|
139 The -c command line option overrides this. |
510
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
140 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
141 The authorized_keys file and its containing ~/.ssh directory must only be |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
142 writable by the user, otherwise Dropbear will not allow a login using public |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
143 key authentication. |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
144 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
145 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
146 Host Key Files |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
147 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
148 Host key files are read at startup from a standard location, by default |
860 | 149 /etc/dropbear/dropbear_dss_host_key, /etc/dropbear/dropbear_rsa_host_key, and |
1146
3c8403f4669d
Fix typo in dropbear(8)'s manpage
Guilhem Moulin <guilhem@fripost.org>
parents:
946
diff
changeset
|
150 /etc/dropbear/dropbear_ecdsa_host_key |
1533
2e9b6d9c7e7d
clarify that -r skips default hostkeys
Matt Johnston <matt@ucc.asn.au>
parents:
1445
diff
changeset
|
151 |
2e9b6d9c7e7d
clarify that -r skips default hostkeys
Matt Johnston <matt@ucc.asn.au>
parents:
1445
diff
changeset
|
152 If the -r command line option is specified the default files are not loaded. |
2e9b6d9c7e7d
clarify that -r skips default hostkeys
Matt Johnston <matt@ucc.asn.au>
parents:
1445
diff
changeset
|
153 Host key files are of the form generated by dropbearkey. |
2e9b6d9c7e7d
clarify that -r skips default hostkeys
Matt Johnston <matt@ucc.asn.au>
parents:
1445
diff
changeset
|
154 The -R option can be used to automatically generate keys |
860 | 155 in the default location - keys will be generated after startup when the first |
156 connection is established. This had the benefit that the system /dev/urandom | |
157 random number source has a better chance of being securely seeded. | |
510
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
158 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
159 .TP |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
160 Message Of The Day |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
161 |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
162 By default the file /etc/motd will be printed for any login shell (unless |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
163 disabled at compile-time). This can also be disabled per-user |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
164 by creating a file ~/.hushlogin . |
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
165 |
569 | 166 .SH ENVIRONMENT VARIABLES |
167 Dropbear sets the standard variables USER, LOGNAME, HOME, SHELL, PATH, and TERM. | |
168 | |
169 The variables below are set for sessions as appropriate. | |
170 | |
171 .TP | |
172 .B SSH_TTY | |
173 This is set to the allocated TTY if a PTY was used. | |
174 | |
175 .TP | |
176 .B SSH_CONNECTION | |
177 Contains "<remote_ip> <remote_port> <local_ip> <local_port>". | |
178 | |
179 .TP | |
180 .B DISPLAY | |
181 Set X11 forwarding is used. | |
182 | |
183 .TP | |
184 .B SSH_ORIGINAL_COMMAND | |
185 If a 'command=' authorized_keys option was used, the original command is specified | |
186 in this variable. If a shell was requested this is set to an empty value. | |
187 | |
188 .TP | |
189 .B SSH_AUTH_SOCK | |
190 Set to a forwarded ssh-agent connection. | |
191 | |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
192 .SH NOTES |
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
193 Dropbear only supports SSH protocol version 2. |
569 | 194 |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
195 .SH AUTHOR |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
196 Matt Johnston ([email protected]). |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
197 .br |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
198 Gerrit Pape ([email protected]) wrote this manual page. |
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
199 .SH SEE ALSO |
821
f8b28a3de6cb
Don't say "SSH 2" any more since protocol version 1 is irrelevant
Matt Johnston <matt@ucc.asn.au>
parents:
690
diff
changeset
|
200 dropbearkey(1), dbclient(1), dropbearconvert(1) |
128
a9dddd13c4ba
Added dropbear.8 and dropbearkey.8 back in
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
201 .P |
690 | 202 https://matt.ucc.asn.au/dropbear/dropbear.html |