comparison dropbear.8 @ 510:b85507ade010

- Update manuals, include section on authorized_keys - Change default PATH to /usr/bin:/bin - Mention DEBUG_TRACE in -v help text
author Matt Johnston <matt@ucc.asn.au>
date Wed, 05 Nov 2008 14:14:40 +0000
parents 7e43f5e473b9
children e30a962c09b9
comparison
equal deleted inserted replaced
509:4e251543b941 510:b85507ade010
92 Ensure that traffic is transmitted at a certain interval in seconds. This is 92 Ensure that traffic is transmitted at a certain interval in seconds. This is
93 useful for working around firewalls or routers that drop connections after 93 useful for working around firewalls or routers that drop connections after
94 a certain period of inactivity. The trade-off is that a session may be 94 a certain period of inactivity. The trade-off is that a session may be
95 closed if there is a temporary lapse of network connectivity. A setting 95 closed if there is a temporary lapse of network connectivity. A setting
96 if 0 disables keepalives. 96 if 0 disables keepalives.
97 .SH FILES
98
99 .TP
100 Authorized Keys
101
102 ~/.ssh/authorized_keys can be set up to allow remote login with a RSA or DSS
103 key. Each line is of the form
104 .TP
105 [restrictions] ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIgAsp... [comment]
106
107 and can be extracted from a Dropbear private host key with "dropbearkey -y". This is the same format as used by OpenSSH, though the restrictions are a subset (keys with unknown restrictions are ignored).
108 Restrictions are comma separated, with double quotes around spaces in arguments.
109 Available restrictions are:
110
111 .TP
112 .B no-port-forwarding
113 Don't allow port forwarding for this connection
114
115 .TP
116 .B no-agent-forwarding
117 Don't allow agent forwarding for this connection
118
119 .TP
120 .B no-X11-forwarding
121 Don't allow X11 forwarding for this connection
122
123 .TP
124 .B no-pty
125 Disable PTY allocation. Note that a user can still obtain most of the
126 same functionality with other means even if no-pty is set.
127
128 .TP
129 .B command="\fIforced_command\fR"
130 Disregard the command provided by the user and always run \fIforced_command\fR.
131
132 The authorized_keys file and its containing ~/.ssh directory must only be
133 writable by the user, otherwise Dropbear will not allow a login using public
134 key authentication.
135
136 .TP
137 Host Key Files
138
139 Host key files are read at startup from a standard location, by default
140 /etc/dropbear/dropbear_dss_host_key and /etc/dropbear/dropbear_rsa_host_key
141 or specified on the commandline with -d or -r. These are of the form generated
142 by dropbearkey.
143
144 .TP
145 Message Of The Day
146
147 By default the file /etc/motd will be printed for any login shell (unless
148 disabled at compile-time). This can also be disabled per-user
149 by creating a file ~/.hushlogin .
150
97 .SH AUTHOR 151 .SH AUTHOR
98 Matt Johnston ([email protected]). 152 Matt Johnston ([email protected]).
99 .br 153 .br
100 Gerrit Pape ([email protected]) wrote this manual page. 154 Gerrit Pape ([email protected]) wrote this manual page.
101 .SH SEE ALSO 155 .SH SEE ALSO