Mercurial > dropbear
comparison debian/dropbear.README.Debian @ 469:8c2d2edadf2a
Update to debian 0.50-4 diff
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 27 Mar 2008 10:19:28 +0000 |
| parents | 1857c2c551ea |
| children |
comparison
equal
deleted
inserted
replaced
| 467:0871a0b89f7c | 469:8c2d2edadf2a |
|---|---|
| 1 Dropbear for Debian | 1 Dropbear for Debian |
| 2 ------------------- | 2 ------------------- |
| 3 | 3 |
| 4 This package will attempt to listen on port 22. If the OpenSSH | 4 This package will attempt to setup the Dropbear ssh server to listen on |
| 5 package ("ssh") is installed, the file /etc/default/dropbear | 5 port 22. If the OpenSSH server package ("openssh-server") is installed, |
| 6 will be set up so that the server does not start by default. | 6 the file /etc/default/dropbear will be set up so that the server does not |
| 7 start by default. | |
| 7 | 8 |
| 8 You can run Dropbear concurrently with OpenSSH 'sshd' by | 9 You can run Dropbear concurrently with OpenSSH 'sshd' by modifying |
| 9 modifying /etc/default/dropbear so that "NO_START" is set to | 10 /etc/default/dropbear so that "NO_START" is set to "0", and changing the |
| 10 "0" and changing the port number that Dropbear runs on. Follow | 11 port number that Dropbear runs on. Follow the instructions in the file. |
| 11 the instructions in the file. | |
| 12 | 12 |
| 13 This package suggests you install the "ssh" package. This package | 13 This package suggests you install the "openssh-client" package, which |
| 14 provides the "ssh" client program, as well as the "/usr/bin/scp" | 14 provides the "ssh" client program, as well as the "/usr/bin/scp" binary |
| 15 binary you will need to be able to retrieve files from a server | 15 you will need to be able to retrieve files via SCP from a server running |
| 16 running Dropbear via SCP. | 16 Dropbear. |
| 17 | |
| 18 Replacing OpenSSH "sshd" with Dropbear | |
| 19 -------------------------------------- | |
| 20 | |
| 21 You will still want to have the "ssh" package installed, as it | |
| 22 provides the "ssh" and "scp" binaries. When you install this | |
| 23 package, it checks for existing OpenSSH host keys and if found, | |
| 24 converts them to the Dropbear format. | |
| 25 | |
| 26 If this appears to have worked, you should be able to change over | |
| 27 by following these steps: | |
| 28 | |
| 29 1. Stop the OpenSSH server | |
| 30 % /etc/init.d/ssh stop | |
| 31 2. Prevent the OpenSSH server from starting in the future | |
| 32 % touch /etc/ssh/sshd_not_to_be_run | |
| 33 3. Modify the Dropbear defaults file, set NO_START to 0 and | |
| 34 ensure DROPBEAR_PORT is set to 22. | |
| 35 % editor /etc/default/dropbear | |
| 36 4. Restart the Dropbear server. | |
| 37 % /etc/init.d/dropbear restart | |
| 38 | 17 |
| 39 See the Dropbear homepage for more information: | 18 See the Dropbear homepage for more information: |
| 40 http://matt.ucc.asn.au/dropbear/dropbear.html | 19 http://matt.ucc.asn.au/dropbear/dropbear.html |
| 41 | |
| 42 | |
| 43 Entropy from /dev/random | |
| 44 ------------------------ | |
| 45 | |
| 46 The dropbear binary package is configured at compile time to read | |
| 47 entropy from /dev/random. If /dev/random on a system blocks when | |
| 48 reading data from it, client logins may be delayed until the client | |
| 49 times out. The dropbear server writes a notice to the logs when it | |
| 50 sees /dev/random blocking. A workaround for such systems is to | |
| 51 re-compile the package with DROPBEAR_RANDOM_DEV set to /dev/urandom | |
| 52 in options.h. |