diff options
| -rw-r--r-- | dropbear.8 | 40 | ||||
| -rw-r--r-- | dropbearkey.1 | 8 |
2 files changed, 23 insertions, 25 deletions
@@ -3,10 +3,10 @@ dropbear \- lightweight SSH server .SH SYNOPSIS .B dropbear -[\-FEmwsgjki] [\-b -.I banner\fR] [\-d -.I dsskey\fR] [\-r -.I rsakey\fR] [\-p +[\-RFEmwsgjki] [\-b +.I banner\fR] +[\-r +.I hostkeyfile\fR] [\-p .IR [address:]port ] .SH DESCRIPTION .B dropbear @@ -20,24 +20,16 @@ Display the contents of the file .I banner before user login (default: none). .TP -.B \-d \fIdsskey -dsskeyfile. +.B \-r \fIhostkey Use the contents of the file -.I dsskey -for the DSS host key (default: /etc/dropbear/dropbear_dss_host_key). -Note that -some SSH implementations -use the term "DSA" rather than "DSS", they mean the same thing. +.I hostkey +for the SSH hostkey. This file is generated with -.BR dropbearkey (1). +.BR dropbearkey (1) +or automatically with the '-R' option. See "Host Key Files" below. .TP -.B \-r \fIrsakey -rsakeyfile. -Use the contents of the file -.I rsakey -for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key). -This file is generated with -.BR dropbearkey (1). +.B \-R +Generate hostkeys automatically .TP .B \-F Don't fork into background. @@ -143,9 +135,13 @@ key authentication. Host Key Files Host key files are read at startup from a standard location, by default -/etc/dropbear/dropbear_dss_host_key and /etc/dropbear/dropbear_rsa_host_key -or specified on the commandline with -d or -r. These are of the form generated -by dropbearkey. +/etc/dropbear/dropbear_dss_host_key, /etc/dropbear/dropbear_rsa_host_key, and +/etc/dropbear/dropbear-ecdsa_host_key +or specified on the commandline with -r. These are of the form generated +by dropbearkey. The -R option can be used to automatically generate keys +in the default location - keys will be generated after startup when the first +connection is established. This had the benefit that the system /dev/urandom +random number source has a better chance of being securely seeded. .TP Message Of The Day diff --git a/dropbearkey.1 b/dropbearkey.1 index 945d4da..207a6fe 100644 --- a/dropbearkey.1 +++ b/dropbearkey.1 @@ -12,9 +12,10 @@ dropbearkey \- create private keys for the use with dropbear(8) or dbclient(1) .SH DESCRIPTION .B dropbearkey generates a -.I RSA +.I RSA +.I DSS, or -.I DSS +.I ECDSA format SSH private key, and saves it to a file for the use with the Dropbear client or server. Note that @@ -26,6 +27,7 @@ use the term "DSA" rather than "DSS", they mean the same thing. Type of key to generate. Must be one of .I rsa +.I ecdsa or .IR dss . .TP @@ -36,7 +38,7 @@ Write the secret key to the file .B \-s \fIbits Set the key size to .I bits -bits, should be multiple of 8 (optional). +bits, should be multiple of 8 (optional). .SH NOTES The program dropbearconvert(1) can be used to convert between Dropbear and OpenSSH key formats. .P |