Mercurial > dropbear
view debian/README.runit @ 994:5c5ade336926
Prefer stronger algorithms in algorithm negotiation.
Prefer diffie-hellman-group14-sha1 (2048 bit) over
diffie-hellman-group1-sha1 (1024 bit).
Due to meet-in-the-middle attacks the effective key length of
three key 3DES is 112 bits. AES is stronger and faster then 3DES.
Prefer to delay the start of compression until after authentication
has completed. This avoids exposing compression code to attacks
from unauthenticated users.
(github pull request #9)
author | Fedor Brunner <fedor.brunner@azet.sk> |
---|---|
date | Fri, 23 Jan 2015 23:00:25 +0800 |
parents | 8c2d2edadf2a |
children |
line wrap: on
line source
Using the dropbear SSH server with runit's services supervision --------------------------------------------------------------- The dropbear SSH server is perfectly suited to be run under runit's service supervision, and this package already has prepared an adequate service directory. Follow these steps to enable the dropbear service using the runit package. If not yet installed on your system, install the runit package, and make sure its service supervision is enabled (it's by default) # apt-get install runit Make sure the dropbear service normally handled through the sysv init script is stopped # /etc/init.d/dropbear stop Create the system user ``dropbearlog'' which will run the logger service, and own the logs # adduser --system --home /var/log/dropbear --no-create-home dropbearlog Create the log directory and make the newly created system user the owner of this directory # mkdir -p /var/log/dropbear && chown dropbearlog /var/log/dropbear Optionally adjust the configuration of the dropbear service by editing the run script # vi /etc/dropbear/run Finally enable the service through runit's update-service(8) program, the service will be started within five seconds, and automatically at boot time, and the sysv init script will automatically be disabled; see the sv(8) program for information on how to control services handled by runit. See the svlogd(8) program on how to configure the log service. # update-service --add /etc/dropbear Optionally check the status of the service a few seconds later # sv status dropbear -- Gerrit Pape <[email protected]>, Fri, 02 Mar 2007 20:41:08 +0000