Mercurial > dropbear
comparison dropbear.8 @ 546:568638be7203 agent-client
propagate from branch 'au.asn.ucc.matt.dropbear' (head 899a8851a5edf840b2f7925bcc26ffe99dcac54d)
to branch 'au.asn.ucc.matt.dropbear.cli-agent' (head 6bbab8364de17bd9ecb1dee5ffb796e48c0380d2)
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 01 Jul 2009 04:16:32 +0000 |
| parents | fe30d2a2d626 |
| children | 6f472dc54da7 |
comparison
equal
deleted
inserted
replaced
| 500:d588e3ea557a | 546:568638be7203 |
|---|---|
| 22 .TP | 22 .TP |
| 23 .B \-d \fIdsskey | 23 .B \-d \fIdsskey |
| 24 dsskeyfile. | 24 dsskeyfile. |
| 25 Use the contents of the file | 25 Use the contents of the file |
| 26 .I dsskey | 26 .I dsskey |
| 27 for the dss host key (default: /etc/dropbear/dropbear_dss_host_key). | 27 for the DSS host key (default: /etc/dropbear/dropbear_dss_host_key). |
| 28 Note that | |
| 29 some SSH implementations | |
| 30 use the term "DSA" rather than "DSS", they mean the same thing. | |
| 28 This file is generated with | 31 This file is generated with |
| 29 .BR dropbearkey (8). | 32 .BR dropbearkey (8). |
| 30 .TP | 33 .TP |
| 31 .B \-r \fIrsakey | 34 .B \-r \fIrsakey |
| 32 rsakeyfile. | 35 rsakeyfile. |
| 92 Ensure that traffic is transmitted at a certain interval in seconds. This is | 95 Ensure that traffic is transmitted at a certain interval in seconds. This is |
| 93 useful for working around firewalls or routers that drop connections after | 96 useful for working around firewalls or routers that drop connections after |
| 94 a certain period of inactivity. The trade-off is that a session may be | 97 a certain period of inactivity. The trade-off is that a session may be |
| 95 closed if there is a temporary lapse of network connectivity. A setting | 98 closed if there is a temporary lapse of network connectivity. A setting |
| 96 if 0 disables keepalives. | 99 if 0 disables keepalives. |
| 100 .TP | |
| 101 .B \-I \fIidle_timeout | |
| 102 Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds. | |
| 103 .SH FILES | |
| 104 | |
| 105 .TP | |
| 106 Authorized Keys | |
| 107 | |
| 108 ~/.ssh/authorized_keys can be set up to allow remote login with a RSA or DSS | |
| 109 key. Each line is of the form | |
| 110 .TP | |
| 111 [restrictions] ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIgAsp... [comment] | |
| 112 | |
| 113 and can be extracted from a Dropbear private host key with "dropbearkey -y". This is the same format as used by OpenSSH, though the restrictions are a subset (keys with unknown restrictions are ignored). | |
| 114 Restrictions are comma separated, with double quotes around spaces in arguments. | |
| 115 Available restrictions are: | |
| 116 | |
| 117 .TP | |
| 118 .B no-port-forwarding | |
| 119 Don't allow port forwarding for this connection | |
| 120 | |
| 121 .TP | |
| 122 .B no-agent-forwarding | |
| 123 Don't allow agent forwarding for this connection | |
| 124 | |
| 125 .TP | |
| 126 .B no-X11-forwarding | |
| 127 Don't allow X11 forwarding for this connection | |
| 128 | |
| 129 .TP | |
| 130 .B no-pty | |
| 131 Disable PTY allocation. Note that a user can still obtain most of the | |
| 132 same functionality with other means even if no-pty is set. | |
| 133 | |
| 134 .TP | |
| 135 .B command="\fIforced_command\fR" | |
| 136 Disregard the command provided by the user and always run \fIforced_command\fR. | |
| 137 | |
| 138 The authorized_keys file and its containing ~/.ssh directory must only be | |
| 139 writable by the user, otherwise Dropbear will not allow a login using public | |
| 140 key authentication. | |
| 141 | |
| 142 .TP | |
| 143 Host Key Files | |
| 144 | |
| 145 Host key files are read at startup from a standard location, by default | |
| 146 /etc/dropbear/dropbear_dss_host_key and /etc/dropbear/dropbear_rsa_host_key | |
| 147 or specified on the commandline with -d or -r. These are of the form generated | |
| 148 by dropbearkey. | |
| 149 | |
| 150 .TP | |
| 151 Message Of The Day | |
| 152 | |
| 153 By default the file /etc/motd will be printed for any login shell (unless | |
| 154 disabled at compile-time). This can also be disabled per-user | |
| 155 by creating a file ~/.hushlogin . | |
| 156 | |
| 97 .SH AUTHOR | 157 .SH AUTHOR |
| 98 Matt Johnston ([email protected]). | 158 Matt Johnston ([email protected]). |
| 99 .br | 159 .br |
| 100 Gerrit Pape ([email protected]) wrote this manual page. | 160 Gerrit Pape ([email protected]) wrote this manual page. |
| 101 .SH SEE ALSO | 161 .SH SEE ALSO |