Mercurial > dropbear
view dropbearconvert.1 @ 1861:2b3a8026a6ce
Add re-exec for server
This allows ASLR to re-randomize the address
space for every connection, preventing some
vulnerabilities from being exploitable by
repeated probing.
Overhead (memory and time) is yet to be confirmed.
At present this is only enabled on Linux. Other BSD platforms
with fexecve() would probably also work though have not been tested.
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 30 Jan 2022 10:14:56 +0800 |
| parents | 80cacacfec23 |
| children | 863f31b4cf3c |
line wrap: on
line source
.TH dropbearconvert 1 .SH NAME dropbearconvert \- convert between Dropbear and OpenSSH private key formats .SH SYNOPSIS .B dropbearconvert .I input_type .I output_type .I input_file .I output_file .SH DESCRIPTION .B Dropbear and .B OpenSSH SSH implementations have different private key formats. .B dropbearconvert can convert between the two. .P Dropbear uses the same SSH public key format as OpenSSH, it can be extracted from a private key by using .B dropbearkey \-y .P Encrypted private keys are not supported, use ssh-keygen(1) to decrypt them first. .SH ARGUMENTS .TP .I input_type Either .I dropbear or .I openssh .TP .I output_type Either .I dropbear or .I openssh .TP .I input_file An existing Dropbear or OpenSSH private key file .TP .I output_file The path to write the converted private key file. For client authentication ~/.ssh/id_dropbear is loaded by default .SH EXAMPLE # dropbearconvert openssh dropbear ~/.ssh/id_rsa ~/.ssh/id_dropbear .SH AUTHOR Matt Johnston ([email protected]). .SH SEE ALSO dropbearkey(1), ssh-keygen(1) .P https://matt.ucc.asn.au/dropbear/dropbear.html