view debian/README.runit @ 1534:ed930fd6f60f

Added the -G option to allow logins only for users that are members of a certain group. This allows finer control of an instance on who can and cannot login over a certain instance (e.g. password and not key). Needs double-checking and ensuring it meets platform requirements.
author stellarpower <stellarpower@googlemail.com>
date Tue, 20 Feb 2018 02:11:55 +0000
parents 8c2d2edadf2a
children
line wrap: on
line source

Using the dropbear SSH server with runit's services supervision
---------------------------------------------------------------

The dropbear SSH server is perfectly suited to be run under runit's
service supervision, and this package already has prepared an adequate
service directory.  Follow these steps to enable the dropbear service
using the runit package.

If not yet installed on your system, install the runit package, and make
sure its service supervision is enabled (it's by default)

 # apt-get install runit

Make sure the dropbear service normally handled through the sysv init
script is stopped

 # /etc/init.d/dropbear stop

Create the system user ``dropbearlog'' which will run the logger service,
and own the logs

 # adduser --system --home /var/log/dropbear --no-create-home dropbearlog

Create the log directory and make the newly created system user the owner
of this directory

 # mkdir -p /var/log/dropbear && chown dropbearlog /var/log/dropbear

Optionally adjust the configuration of the dropbear service by editing the
run script

 # vi /etc/dropbear/run

Finally enable the service through runit's update-service(8) program, the
service will be started within five seconds, and automatically at boot
time, and the sysv init script will automatically be disabled; see the
sv(8) program for information on how to control services handled by runit.
See the svlogd(8) program on how to configure the log service.

 # update-service --add /etc/dropbear

Optionally check the status of the service a few seconds later

 # sv status dropbear

 -- Gerrit Pape <[email protected]>, Fri, 02 Mar 2007 20:41:08 +0000