# Diet-pi





### Dropbear

```bash
systemctl status dropbear.service
```

Fichier de configuration: `/etc/default/dropbear`

```bash
# The TCP port that Dropbear listens on
DROPBEAR_PORT=51322
```

```bash
systemctl status dropbear.service
● dropbear.service - Lightweight SSH server
     Loaded: loaded (/lib/systemd/system/dropbear.service; enabled; preset: enabled)
     Active: active (running) since Sat 2024-02-10 09:07:47 GMT; 7s ago
       Docs: man:dropbear(8)
   Main PID: 3107 (dropbear)
      Tasks: 5 (limit: 1069)
        CPU: 68ms
     CGroup: /system.slice/dropbear.service
             ├─3060 /usr/sbin/dropbear -EF -p 22 -W 65536 -2 8
             ├─3061 -bash
             ├─3107 /usr/sbin/dropbear -EF -p 51322 -W 65536
             ├─3109 systemctl status dropbear.service
             └─3110 "(pager)"

```



```bash
# disallow root login
DROPBEAR_EXTRA_ARGS=“-w -g”
```



#### --help

```bash
Dropbear server v2022.83 https://matt.ucc.asn.au/dropbear/dropbear.html
Usage: dropbear [options]
-b bannerfile	Display the contents of bannerfile before user login
		(default: none)
-r keyfile      Specify hostkeys (repeatable)
		defaults:
		- dss /etc/dropbear/dropbear_dss_host_key
		- rsa /etc/dropbear/dropbear_rsa_host_key
		- ecdsa /etc/dropbear/dropbear_ecdsa_host_key
		- ed25519 /etc/dropbear/dropbear_ed25519_host_key
-R		Create hostkeys as required
-F		Don't fork into background
-e		Pass on server process environment to child process
-E		Log to stderr rather than syslog
-m		Don't display the motd on login
-w		Disallow root logins
-G		Restrict logins to members of specified group
-s		Disable password logins
-g		Disable password logins for root
-B		Allow blank password logins
-t		Enable two-factor authentication (both password and public key required)
-T		Maximum authentication tries (default 10)
-j		Disable local port forwarding
-k		Disable remote port forwarding
-a		Allow connections to forwarded ports from any host
-c command	Force executed command
-p [address:]port
		Listen on specified tcp port (and optionally address),
		up to 10 can be specified
		(default port is 22 if none specified)
-P PidFile	Create pid file PidFile
		(default /var/run/dropbear.pid)
-i		Start for inetd
-W <receive_window_buffer> (default 24576, larger may be faster, max 10MB)
-K <keepalive>  (0 is never, default 0, in seconds)
-I <idle_timeout>  (0 is never, default 0, in seconds)
-z    disable QoS
-V    Version
```



#### Passwordless:

```bash
cat ~/.ssh/id_rsa.pub | ssh -p65535 root@192.168.12.116 'cat>> ~/.ssh/authorized_keys'
```