Mercurial > dropbear
view dropbearkey.1 @ 994:5c5ade336926
Prefer stronger algorithms in algorithm negotiation.
Prefer diffie-hellman-group14-sha1 (2048 bit) over
diffie-hellman-group1-sha1 (1024 bit).
Due to meet-in-the-middle attacks the effective key length of
three key 3DES is 112 bits. AES is stronger and faster then 3DES.
Prefer to delay the start of compression until after authentication
has completed. This avoids exposing compression code to attacks
from unauthenticated users.
(github pull request #9)
author | Fedor Brunner <fedor.brunner@azet.sk> |
---|---|
date | Fri, 23 Jan 2015 23:00:25 +0800 |
parents | 057204b3dd61 |
children | 295a08e9d07e |
line wrap: on
line source
.TH dropbearkey 1 .SH NAME dropbearkey \- create private keys for the use with dropbear(8) or dbclient(1) .SH SYNOPSIS .B dropbearkey \-t .I type \-f .I file [\-s .IR bits ] .SH DESCRIPTION .B dropbearkey generates a .I RSA .I DSS, or .I ECDSA format SSH private key, and saves it to a file for the use with the Dropbear client or server. Note that some SSH implementations use the term "DSA" rather than "DSS", they mean the same thing. .SH OPTIONS .TP .B \-t \fItype Type of key to generate. Must be one of .I rsa .I ecdsa or .IR dss . .TP .B \-f \fIfile Write the secret key to the file .IR file . .TP .B \-s \fIbits Set the key size to .I bits bits, should be multiple of 8 (optional). .SH NOTES The program dropbearconvert(1) can be used to convert between Dropbear and OpenSSH key formats. .P Dropbear does not support encrypted keys. .SH EXAMPLE # dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key .SH AUTHOR Matt Johnston ([email protected]). .br Gerrit Pape ([email protected]) wrote this manual page. .SH SEE ALSO dropbear(8), dbclient(1), dropbearconvert(1) .P https://matt.ucc.asn.au/dropbear/dropbear.html