view dropbear.8 @ 452:4cab61369879

Prevent invalid packets being sent during key-exchange, instead queue them until afterwards. This could sometimes terminate connections after 8 hours if (for example) a new TCP forwarded connection was sent at the KEX timeout.
author Matt Johnston <matt@ucc.asn.au>
date Fri, 27 Jul 2007 17:13:42 +0000
parents 3e6c536bc023
children 7e43f5e473b9
line wrap: on
line source

.TH dropbear 8
.SH NAME
dropbear \- lightweight SSH2 server
.SH SYNOPSIS
.B dropbear
[\-FEmwsgjki] [\-b
.I banner\fR] [\-d
.I dsskey\fR] [\-r
.I rsakey\fR] [\-p
.IR port ]
.SH DESCRIPTION
.B dropbear
is a SSH 2 server designed to be small enough to be used in small memory
environments, while still being functional and secure enough for general use.
.SH OPTIONS
.TP
.B \-b \fIbanner
bannerfile.
Display the contents of the file
.I banner
before user login (default: none).
.TP
.B \-d \fIdsskey
dsskeyfile.
Use the contents of the file
.I dsskey
for the dss host key (default: /etc/dropbear/dropbear_dss_host_key).
This file is generated with
.BR dropbearkey (8).
.TP
.B \-r \fIrsakey
rsakeyfile.
Use the contents of the file
.I rsakey
for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key).
This file is generated with
.BR dropbearkey (8).
.TP
.B \-F
Don't fork into background.
.TP
.B \-E
Log to standard error rather than syslog.
.TP
.B \-m
Don't display the message of the day on login.
.TP
.B \-w
Disallow root logins.
.TP
.B \-s
Disable password logins.
.TP
.B \-g
Disable password logins for root.
.TP
.B \-j
Disable local port forwarding.
.TP
.B \-k
Disable remote port forwarding.
.TP
.B \-p \fI[address:]port
Listen on specified 
.I address
and TCP
.I port.
If just a port is given listen
on all addresses.
up to 10 can be specified (default 22 if none specified).
.TP
.B \-i
Service program mode.
Use this option to run
.B dropbear
under TCP/IP servers like inetd, tcpsvd, or tcpserver.
In program mode the \-F option is implied, and \-p options are ignored.
.TP
.B \-P \fIpidfile
Specify a pidfile to create when running as a daemon. If not specified, the 
default is /var/run/dropbear.pid
.TP
.B \-a
Allow remote hosts to connect to forwarded ports.
.TP
.B \-W \fIwindowsize
Specify the per-channel receive window buffer size. Increasing this 
may improve network performance at the expense of memory use. Use -h to see the
default buffer size.
.SH AUTHOR
Matt Johnston ([email protected]).
.br
Gerrit Pape ([email protected]) wrote this manual page.
.SH SEE ALSO
dropbearkey(8), dbclient(1)
.P
http://matt.ucc.asn.au/dropbear/dropbear.html