98 lines
2.5 KiB
Markdown
98 lines
2.5 KiB
Markdown
# Diet-pi
|
|
|
|
|
|
|
|
|
|
|
|
### Dropbear
|
|
|
|
```bash
|
|
systemctl status dropbear.service
|
|
```
|
|
|
|
Fichier de configuration: `/etc/default/dropbear`
|
|
|
|
```bash
|
|
# The TCP port that Dropbear listens on
|
|
DROPBEAR_PORT=51322
|
|
```
|
|
|
|
```bash
|
|
systemctl status dropbear.service
|
|
● dropbear.service - Lightweight SSH server
|
|
Loaded: loaded (/lib/systemd/system/dropbear.service; enabled; preset: enabled)
|
|
Active: active (running) since Sat 2024-02-10 09:07:47 GMT; 7s ago
|
|
Docs: man:dropbear(8)
|
|
Main PID: 3107 (dropbear)
|
|
Tasks: 5 (limit: 1069)
|
|
CPU: 68ms
|
|
CGroup: /system.slice/dropbear.service
|
|
├─3060 /usr/sbin/dropbear -EF -p 22 -W 65536 -2 8
|
|
├─3061 -bash
|
|
├─3107 /usr/sbin/dropbear -EF -p 51322 -W 65536
|
|
├─3109 systemctl status dropbear.service
|
|
└─3110 "(pager)"
|
|
|
|
```
|
|
|
|
|
|
|
|
```bash
|
|
# disallow root login
|
|
DROPBEAR_EXTRA_ARGS=“-w -g”
|
|
```
|
|
|
|
|
|
|
|
#### --help
|
|
|
|
```bash
|
|
Dropbear server v2022.83 https://matt.ucc.asn.au/dropbear/dropbear.html
|
|
Usage: dropbear [options]
|
|
-b bannerfile Display the contents of bannerfile before user login
|
|
(default: none)
|
|
-r keyfile Specify hostkeys (repeatable)
|
|
defaults:
|
|
- dss /etc/dropbear/dropbear_dss_host_key
|
|
- rsa /etc/dropbear/dropbear_rsa_host_key
|
|
- ecdsa /etc/dropbear/dropbear_ecdsa_host_key
|
|
- ed25519 /etc/dropbear/dropbear_ed25519_host_key
|
|
-R Create hostkeys as required
|
|
-F Don't fork into background
|
|
-e Pass on server process environment to child process
|
|
-E Log to stderr rather than syslog
|
|
-m Don't display the motd on login
|
|
-w Disallow root logins
|
|
-G Restrict logins to members of specified group
|
|
-s Disable password logins
|
|
-g Disable password logins for root
|
|
-B Allow blank password logins
|
|
-t Enable two-factor authentication (both password and public key required)
|
|
-T Maximum authentication tries (default 10)
|
|
-j Disable local port forwarding
|
|
-k Disable remote port forwarding
|
|
-a Allow connections to forwarded ports from any host
|
|
-c command Force executed command
|
|
-p [address:]port
|
|
Listen on specified tcp port (and optionally address),
|
|
up to 10 can be specified
|
|
(default port is 22 if none specified)
|
|
-P PidFile Create pid file PidFile
|
|
(default /var/run/dropbear.pid)
|
|
-i Start for inetd
|
|
-W <receive_window_buffer> (default 24576, larger may be faster, max 10MB)
|
|
-K <keepalive> (0 is never, default 0, in seconds)
|
|
-I <idle_timeout> (0 is never, default 0, in seconds)
|
|
-z disable QoS
|
|
-V Version
|
|
```
|
|
|
|
|
|
|
|
#### Passwordless:
|
|
|
|
```bash
|
|
cat ~/.ssh/id_rsa.pub | ssh -p65535 root@192.168.12.116 'cat>> ~/.ssh/authorized_keys'
|
|
```
|
|
|