[SERVER] dropbear8 licuid Ubuntu Server 10.04

lucid (8) dropbear.8.gz
Provided by: dropbear_0.52-4_i386 

NAME

       dropbear - lightweight SSH2 server

SYNOPSIS

       dropbear [-FEmwsgjki] [-b banner] [-d dsskey] [-r rsakey] [-p port]

DESCRIPTION

       dropbear  is  a  SSH 2 server designed to be small enough to be used in

       small memory environments, while  still  being  functional  and  secure

       enough for general use.

OPTIONS

       -b banner

              bannerfile.  Display the contents of the file banner before user

              login (default: none).

       -d dsskey

              dsskeyfile.  Use the contents of the file  dsskey  for  the  DSS

              host  key  (default: /etc/dropbear/dropbear_dss_host_key).  Note

              that some SSH implementations use the  term  "DSA"  rather  than

              "DSS",  they  mean  the same thing.  This file is generated with

              dropbearkey(8).

       -r rsakey

              rsakeyfile.  Use the contents of the file  rsakey  for  the  rsa

              host  key  (default: /etc/dropbear/dropbear_rsa_host_key).  This

              file is generated with dropbearkey(8).

       -F     Don’t fork into background.

       -E     Log to standard error rather than syslog.

       -m     Don’t display the message of the day on login.

       -w     Disallow root logins.

       -s     Disable password logins.

       -g     Disable password logins for root.

       -j     Disable local port forwarding.

       -k     Disable remote port forwarding.

       -p [address:]port

              Listen on specified address and TCP port.  If  just  a  port  is

              given  listen  on  all  addresses.   up  to  10 can be specified

              (default 22 if none specified).

       -i     Service program mode.  Use this option  to  run  dropbear  under

              TCP/IP  servers  like  inetd,  tcpsvd, or tcpserver.  In program

              mode the -F option is implied, and -p options are ignored.

       -P pidfile

              Specify a pidfile to create when running as  a  daemon.  If  not

              specified, the default is /var/run/dropbear.pid

       -a     Allow remote hosts to connect to forwarded ports.

       -W windowsize

              Specify  the  per-channel receive window buffer size. Increasing

              this may improve network performance at the  expense  of  memory

              use. Use -h to see the default buffer size.

       -K timeout_seconds

              Ensure  that  traffic  is  transmitted  at a certain interval in

              seconds. This is useful for working around firewalls or  routers

              that  drop connections after a certain period of inactivity. The

              trade-off is that  a  session  may  be  closed  if  there  is  a

              temporary lapse of network connectivity. A setting if 0 disables

              keepalives.

       -I idle_timeout

              Disconnect the session if no traffic is transmitted or  received

              for idle_timeout seconds.

FILES

       Authorized Keys

              ~/.ssh/authorized_keys  can be set up to allow remote login with

              a RSA or DSS key. Each line is of the form

       [restrictions] ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIgAsp... [comment]

              and can be extracted from  a  Dropbear  private  host  key  with

              "dropbearkey  -y".  This  is the same format as used by OpenSSH,

              though  the  restrictions  are  a  subset  (keys  with   unknown

              restrictions  are  ignored).   Restrictions are comma separated,

              with  double  quotes  around  spaces  in  arguments.   Available

              restrictions are:

       no-port-forwarding

              Don’t allow port forwarding for this connection

       no-agent-forwarding

              Don’t allow agent forwarding for this connection

       no-X11-forwarding

              Don’t allow X11 forwarding for this connection

       no-pty Disable  PTY  allocation. Note that a user can still obtain most

              of the same functionality with other means  even  if  no-pty  is

              set.

       command="forced_command"

              Disregard  the  command  provided  by  the  user  and always run

              forced_command.

              The authorized_keys file and  its  containing  ~/.ssh  directory

              must  only  be writable by the user, otherwise Dropbear will not

              allow a login using public key authentication.

       Host Key Files

              Host key files are read at startup from a standard location,  by

              default          /etc/dropbear/dropbear_dss_host_key         and

              /etc/dropbear/dropbear_rsa_host_key   or   specified   on    the

              commandline  with  -d  or -r. These are of the form generated by

              dropbearkey.

       Message Of The Day

              By default the file /etc/motd will  be  printed  for  any  login

              shell  (unless  disabled  at  compile-time).  This  can  also be

              disabled per-user by creating a file ~/.hushlogin .

AUTHOR

       Matt Johnston (matt@ucc.asn.au).

       Gerrit Pape (pape@smarden.org) wrote this manual page.

SEE ALSO

       dropbearkey(8), dbclient(1)

       http://matt.ucc.asn.au/dropbear/dropbear.html