# HG changeset patch # User Matt Johnston # Date 1384438449 -28800 # Node ID 057204b3dd61cc266ca824439f0173d185d6bd14 # Parent 4891acd7ab4ffa82f780dacdcedce99572432699 docs for ecdsa diff -r 4891acd7ab4f -r 057204b3dd61 dropbear.8 --- a/dropbear.8 Thu Nov 14 22:07:18 2013 +0800 +++ b/dropbear.8 Thu Nov 14 22:14:09 2013 +0800 @@ -3,10 +3,10 @@ dropbear \- lightweight SSH server .SH SYNOPSIS .B dropbear -[\-FEmwsgjki] [\-b -.I banner\fR] [\-d -.I dsskey\fR] [\-r -.I rsakey\fR] [\-p +[\-RFEmwsgjki] [\-b +.I banner\fR] +[\-r +.I hostkeyfile\fR] [\-p .IR [address:]port ] .SH DESCRIPTION .B dropbear @@ -20,24 +20,16 @@ .I banner before user login (default: none). .TP -.B \-d \fIdsskey -dsskeyfile. +.B \-r \fIhostkey Use the contents of the file -.I dsskey -for the DSS host key (default: /etc/dropbear/dropbear_dss_host_key). -Note that -some SSH implementations -use the term "DSA" rather than "DSS", they mean the same thing. +.I hostkey +for the SSH hostkey. This file is generated with -.BR dropbearkey (1). +.BR dropbearkey (1) +or automatically with the '-R' option. See "Host Key Files" below. .TP -.B \-r \fIrsakey -rsakeyfile. -Use the contents of the file -.I rsakey -for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key). -This file is generated with -.BR dropbearkey (1). +.B \-R +Generate hostkeys automatically .TP .B \-F Don't fork into background. @@ -143,9 +135,13 @@ Host Key Files Host key files are read at startup from a standard location, by default -/etc/dropbear/dropbear_dss_host_key and /etc/dropbear/dropbear_rsa_host_key -or specified on the commandline with -d or -r. These are of the form generated -by dropbearkey. +/etc/dropbear/dropbear_dss_host_key, /etc/dropbear/dropbear_rsa_host_key, and +/etc/dropbear/dropbear-ecdsa_host_key +or specified on the commandline with -r. These are of the form generated +by dropbearkey. The -R option can be used to automatically generate keys +in the default location - keys will be generated after startup when the first +connection is established. This had the benefit that the system /dev/urandom +random number source has a better chance of being securely seeded. .TP Message Of The Day diff -r 4891acd7ab4f -r 057204b3dd61 dropbearkey.1 --- a/dropbearkey.1 Thu Nov 14 22:07:18 2013 +0800 +++ b/dropbearkey.1 Thu Nov 14 22:14:09 2013 +0800 @@ -12,9 +12,10 @@ .SH DESCRIPTION .B dropbearkey generates a -.I RSA +.I RSA +.I DSS, or -.I DSS +.I ECDSA format SSH private key, and saves it to a file for the use with the Dropbear client or server. Note that @@ -26,6 +27,7 @@ Type of key to generate. Must be one of .I rsa +.I ecdsa or .IR dss . .TP @@ -36,7 +38,7 @@ .B \-s \fIbits Set the key size to .I bits -bits, should be multiple of 8 (optional). +bits, should be multiple of 8 (optional). .SH NOTES The program dropbearconvert(1) can be used to convert between Dropbear and OpenSSH key formats. .P