comparison debian/dropbear.README.Debian @ 389:5ff8218bcee9

propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 2af95f00ebd5bb7a28b3817db1218442c935388e) to branch 'au.asn.ucc.matt.dropbear' (head ecd779509ef23a8cdf64888904fc9b31d78aa933)
author Matt Johnston <matt@ucc.asn.au>
date Thu, 11 Jan 2007 03:14:55 +0000
parents 1857c2c551ea
children 8c2d2edadf2a
comparison
equal deleted inserted replaced
388:fb54020f78e1 389:5ff8218bcee9
1 Dropbear for Debian
2 -------------------
3
4 This package will attempt to listen on port 22. If the OpenSSH
5 package ("ssh") is installed, the file /etc/default/dropbear
6 will be set up so that the server does not start by default.
7
8 You can run Dropbear concurrently with OpenSSH 'sshd' by
9 modifying /etc/default/dropbear so that "NO_START" is set to
10 "0" and changing the port number that Dropbear runs on. Follow
11 the instructions in the file.
12
13 This package suggests you install the "ssh" package. This package
14 provides the "ssh" client program, as well as the "/usr/bin/scp"
15 binary you will need to be able to retrieve files from a server
16 running Dropbear via SCP.
17
18 Replacing OpenSSH "sshd" with Dropbear
19 --------------------------------------
20
21 You will still want to have the "ssh" package installed, as it
22 provides the "ssh" and "scp" binaries. When you install this
23 package, it checks for existing OpenSSH host keys and if found,
24 converts them to the Dropbear format.
25
26 If this appears to have worked, you should be able to change over
27 by following these steps:
28
29 1. Stop the OpenSSH server
30 % /etc/init.d/ssh stop
31 2. Prevent the OpenSSH server from starting in the future
32 % touch /etc/ssh/sshd_not_to_be_run
33 3. Modify the Dropbear defaults file, set NO_START to 0 and
34 ensure DROPBEAR_PORT is set to 22.
35 % editor /etc/default/dropbear
36 4. Restart the Dropbear server.
37 % /etc/init.d/dropbear restart
38
39 See the Dropbear homepage for more information:
40 http://matt.ucc.asn.au/dropbear/dropbear.html
41
42
43 Entropy from /dev/random
44 ------------------------
45
46 The dropbear binary package is configured at compile time to read
47 entropy from /dev/random. If /dev/random on a system blocks when
48 reading data from it, client logins may be delayed until the client
49 times out. The dropbear server writes a notice to the logs when it
50 sees /dev/random blocking. A workaround for such systems is to
51 re-compile the package with DROPBEAR_RANDOM_DEV set to /dev/urandom
52 in options.h.