Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
en:handbook:ssh [2010/02/20 21:10] jozee created |
en:handbook:ssh [2015/11/12 19:45] (current) linea |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ====== Secure SHell (SSH) ====== | ||
| + | |||
| ===== About Dropbear ===== | ===== About Dropbear ===== | ||
| Control and administer remotely with the Dropbear SSH secure server. Dropbear is a small SSH client/server supporting SSH 2. It's compatible with OpenSSH and uses //~/.ssh/authorized_keys// for the management of public keys. Dropbear also provides its own version of //scp//, allowing you to copy files between machines in a secure manner. | Control and administer remotely with the Dropbear SSH secure server. Dropbear is a small SSH client/server supporting SSH 2. It's compatible with OpenSSH and uses //~/.ssh/authorized_keys// for the management of public keys. Dropbear also provides its own version of //scp//, allowing you to copy files between machines in a secure manner. | ||
| - | Project website: www.matt.ucc.asn.au/dropbear/dropbear.html | + | Project website: http://matt.ucc.asn.au/dropbear/dropbear.html |
| - | ===Connecting to a remote host with dbclient=== | + | ===== Connecting to a remote host with dbclient ===== |
| The configuration files for the SSH client are located in the //~/.ssh// directory of each user, this contains the //authorized_keys// and //known_hosts// files. The directory //~/.ssh// and known_hosts file are automatically created the first time you run the Dropbear client (//dbclient//). | The configuration files for the SSH client are located in the //~/.ssh// directory of each user, this contains the //authorized_keys// and //known_hosts// files. The directory //~/.ssh// and known_hosts file are automatically created the first time you run the Dropbear client (//dbclient//). | ||
| Line 27: | Line 29: | ||
| <code> $ scp user@machine.org:path/remote/directory/page.html /path/your/directory </code> | <code> $ scp user@machine.org:path/remote/directory/page.html /path/your/directory </code> | ||
| - | === Generate rsa/dss keys with dropbearkey === | + | ===== Generate rsa/dss keys with dropbearkey ===== |
| Dropbear provides dropbearkey to generate the protected rsa and dss keys. Note that when you start the server for the first time, secure keys will be automatically generated if they don't already exist. You can use //dropbearkey// with the following arguments: | Dropbear provides dropbearkey to generate the protected rsa and dss keys. Note that when you start the server for the first time, secure keys will be automatically generated if they don't already exist. You can use //dropbearkey// with the following arguments: | ||
| Line 42: | Line 44: | ||
| Note that the server supports the passing of various options when launched. To change the default values, simply modify the daemons configuration file ///etc/daemons.conf//. | Note that the server supports the passing of various options when launched. To change the default values, simply modify the daemons configuration file ///etc/daemons.conf//. | ||
| + | |||
| + | ===== Dropbear and the X server ===== | ||
| + | |||
| + | Dropbear supports X11 tunneling on the server side only. The client dbclient has no support for X11 tunneling. SliTaz provides a tiny shell script named ///usr/bin/sshx// to do the work. It opens a terminal with remote X11 protocol support if the environment variable //DISPLAY// is set. You can launch any remote X windows application on this terminal. | ||
| + | |||
| + | ===== Dropbear and VNC ===== | ||
| + | |||
| + | SliTaz provides a tiny VNC client named ///bin/fbvnc//. The VNC connections are not secure (neither encryption nor authentication). A tiny shell script named ///usr/bin/sshfbvnc// move the VNC connection to a SSH tunnel ending at the localhost interface of the remote VNC server. You will have an encrypted connection and authentication for your VNC sessions. | ||