# HG changeset patch # User Matt Johnston # Date 1092506382 0 # Node ID a54d20c96178eb67ca214083f3b3d9a3740ba5b9 # Parent e3adf4cf54650b1022d0a65291f06a5479b33704 Some documentation touchups diff -r e3adf4cf5465 -r a54d20c96178 README --- a/README Sat Aug 14 17:54:20 2004 +0000 +++ b/README Sat Aug 14 17:59:42 2004 +0000 @@ -13,6 +13,8 @@ Matt Johnston matt@ucc.asn.au + +In the absence of detailed documentation, some notes follow: ============================================================================ Public key auth: @@ -28,6 +30,13 @@ NOTE: Dropbear ignores authorized_keys options such as those described in the OpenSSH sshd manpage, and will not allow a login for these keys. +============================================================================ + +If you want to get the public-key portion of a Dropbear private key, look at +dropbearkey's '-y' option. + +============================================================================ + To run the server, you need to generate server keys, this is one-off: ./dropbearkey -t rsa -f dropbear_rsa_host_key ./dropbearkey -t dss -f dropbear_dss_host_key @@ -35,18 +44,16 @@ or alternatively convert OpenSSH keys to Dropbear: ./dropbearconvert openssh dropbear /etc/ssh/ssh_host_dsa_key dropbear_dss_host_key -And you can now run the server. -./dropbear - -or './dropbear -h' to get options. +============================================================================ If the server is run as non-root, you most likely won't be able to allocate a pty, and you cannot login as any user other than that running the daemon (obviously). Shadow passwords will also be unusable as non-root. +============================================================================ + The Dropbear distribution includes a standalone version of OpenSSH's scp program. You can compile it with "make scp", you may want to change the path of the ssh binary, specified near the top of the scp.c file. By default -the progress meter isn't compiled in to save space, you can enable it with -"make scp-progress". - +the progress meter isn't compiled in to save space, you can enable it by +adding 'SCPPROGRESS=1' to the make commandline. diff -r e3adf4cf5465 -r a54d20c96178 TODO --- a/TODO Sat Aug 14 17:54:20 2004 +0000 +++ b/TODO Sat Aug 14 17:59:42 2004 +0000 @@ -23,3 +23,7 @@ - Use m_burn for clearing sensitive items in LTM/LTC - fix scp.c for IRIX + +- Be able to use OpenSSH keys for the client? or at least have some form of + encrypted keys. +- Client agent forwarding diff -r e3adf4cf5465 -r a54d20c96178 debug.h --- a/debug.h Sat Aug 14 17:54:20 2004 +0000 +++ b/debug.h Sat Aug 14 17:59:42 2004 +0000 @@ -36,7 +36,7 @@ /* Define this to print trace statements - very verbose */ /* Caution: Don't use this in an unfriendly environment (ie unfirewalled), * since the printing does not sanitise strings etc */ -#define DEBUG_TRACE +/* #define DEBUG_TRACE */ /* All functions writing to the cleartext payload buffer call * CHECKCLEARTOWRITE() before writing. This is only really useful if you're