view dropbearkey.1 @ 994:5c5ade336926

Prefer stronger algorithms in algorithm negotiation. Prefer diffie-hellman-group14-sha1 (2048 bit) over diffie-hellman-group1-sha1 (1024 bit). Due to meet-in-the-middle attacks the effective key length of three key 3DES is 112 bits. AES is stronger and faster then 3DES. Prefer to delay the start of compression until after authentication has completed. This avoids exposing compression code to attacks from unauthenticated users. (github pull request #9)
author Fedor Brunner <fedor.brunner@azet.sk>
date Fri, 23 Jan 2015 23:00:25 +0800
parents 057204b3dd61
children 295a08e9d07e
line wrap: on
line source

.TH dropbearkey 1
.SH NAME
dropbearkey \- create private keys for the use with dropbear(8) or dbclient(1)
.SH SYNOPSIS
.B dropbearkey
\-t
.I type
\-f
.I file
[\-s
.IR bits ]
.SH DESCRIPTION
.B dropbearkey
generates a
.I RSA 
.I DSS,
or
.I ECDSA
format SSH private key, and saves it to a file for the use with the
Dropbear client or server.
Note that 
some SSH implementations
use the term "DSA" rather than "DSS", they mean the same thing.
.SH OPTIONS
.TP
.B \-t \fItype
Type of key to generate.
Must be one of
.I rsa
.I ecdsa
or
.IR dss .
.TP
.B \-f \fIfile
Write the secret key to the file
.IR file .
.TP
.B \-s \fIbits
Set the key size to
.I bits
bits, should be multiple of 8 (optional). 
.SH NOTES
The program dropbearconvert(1) can be used to convert between Dropbear and OpenSSH key formats.
.P
Dropbear does not support encrypted keys. 
.SH EXAMPLE
 # dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
.SH AUTHOR
Matt Johnston ([email protected]).
.br
Gerrit Pape ([email protected]) wrote this manual page.
.SH SEE ALSO
dropbear(8), dbclient(1), dropbearconvert(1)
.P
https://matt.ucc.asn.au/dropbear/dropbear.html