view dropbearkey.1 @ 1442:517c67cbcd31

dropbear server: support -T max auth tries Add support for '-T n' for a run-time specification for maximum number of authentication attempts where 'n' is between 1 and compile time option MAX_AUTH_TRIES. A default number of tries can be specified at compile time using 'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for backwards compatibility. Signed-off-by: Kevin Darbyshire-Bryant <[email protected]>
author Kevin Darbyshire-Bryant <>
date Mon, 29 May 2017 10:25:09 +0100
parents 80cacacfec23
children 5c8913b7464c
line wrap: on
line source
.TH dropbearkey 1
dropbearkey \- create private keys for the use with dropbear(8) or dbclient(1)
.B dropbearkey
.I type
.I file
.IR bits ]
.B dropbearkey
generates a
\fIRSA\fR, \fIDSS\fR, or \fIECDSA\fR
format SSH private key, and saves it to a file for the use with the
Dropbear client or server.
Note that 
some SSH implementations
use the term "DSA" rather than "DSS", they mean the same thing.
.B \-t \fItype
Type of key to generate.
Must be one of
.I rsa
.I ecdsa
.IR dss .
.B \-f \fIfile
Write the secret key to the file
\fIfile\fR. For client authentication ~/.ssh/id_dropbear is loaded by default
.B \-s \fIbits
Set the key size to
.I bits
bits, should be multiple of 8 (optional). 
.B \-y
Just print the publickey and fingerprint for the private key in \fIfile\fR.
The program dropbearconvert(1) can be used to convert between Dropbear and OpenSSH key formats.
Dropbear does not support encrypted keys. 
generate a host-key:
 # dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key

extract a public key suitable for authorized_keys from private key:
 # dropbearkey -y -f id_rsa | grep "^ssh-rsa " >> authorized_keys
Matt Johnston ([email protected]).
Gerrit Pape ([email protected]) wrote this manual page.
dropbear(8), dbclient(1), dropbearconvert(1)