Mercurial > dropbear
comparison README @ 874:68e2a0f6c1ef
Update README
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 03 Dec 2013 21:03:23 +0800 |
| parents | f8b28a3de6cb |
| children | 8bc704f417f3 |
comparison
equal
deleted
inserted
replaced
| 873:17b15683648d | 874:68e2a0f6c1ef |
|---|---|
| 40 If you have an OpenSSH-style private key ~/.ssh/id_rsa, you need to do: | 40 If you have an OpenSSH-style private key ~/.ssh/id_rsa, you need to do: |
| 41 | 41 |
| 42 dropbearconvert openssh dropbear ~/.ssh/id_rsa ~/.ssh/id_rsa.db | 42 dropbearconvert openssh dropbear ~/.ssh/id_rsa ~/.ssh/id_rsa.db |
| 43 dbclient -i ~/.ssh/id_rsa.db <hostname> | 43 dbclient -i ~/.ssh/id_rsa.db <hostname> |
| 44 | 44 |
| 45 Currently encrypted keys aren't supported, neither is agent forwarding. At some | 45 Dropbear does not support encrypted hostkeys though can connect to ssh-agent. |
| 46 stage both hopefully will be. | |
| 47 | 46 |
| 48 ============================================================================ | 47 ============================================================================ |
| 49 | 48 |
| 50 If you want to get the public-key portion of a Dropbear private key, look at | 49 If you want to get the public-key portion of a Dropbear private key, look at |
| 51 dropbearkey's '-y' option. | 50 dropbearkey's '-y' option. |
| 52 | 51 |
| 53 ============================================================================ | 52 ============================================================================ |
| 54 | 53 |
| 55 To run the server, you need to generate server keys, this is one-off: | 54 To run the server, you need to server keys, this is one-off: |
| 56 ./dropbearkey -t rsa -f dropbear_rsa_host_key | 55 ./dropbearkey -t rsa -f dropbear_rsa_host_key |
| 57 ./dropbearkey -t dss -f dropbear_dss_host_key | 56 ./dropbearkey -t dss -f dropbear_dss_host_key |
| 57 ./dropbearkey -t ecdsa -f dropbear_dss_host_key | |
| 58 | 58 |
| 59 or alternatively convert OpenSSH keys to Dropbear: | 59 or alternatively convert OpenSSH keys to Dropbear: |
| 60 ./dropbearconvert openssh dropbear /etc/ssh/ssh_host_dsa_key dropbear_dss_host_key | 60 ./dropbearconvert openssh dropbear /etc/ssh/ssh_host_dsa_key dropbear_dss_host_key |
| 61 | |
| 62 You can also get Dropbear to create keys when the first connection is made - | |
| 63 this is preferable to generating keys when the system boots. Make sure | |
| 64 /etc/dropbear/ exists and then pass '-R' to the dropbear server. | |
| 61 | 65 |
| 62 ============================================================================ | 66 ============================================================================ |
| 63 | 67 |
| 64 If the server is run as non-root, you most likely won't be able to allocate a | 68 If the server is run as non-root, you most likely won't be able to allocate a |
| 65 pty, and you cannot login as any user other than that running the daemon | 69 pty, and you cannot login as any user other than that running the daemon |