website annotate en/doc/handbook/secure-server.html @ rev 107
fixed typos in system-admin pages : tick.greyware.com is the right URL
for the time server, tick.grayware.com doesn't work
for the time server, tick.grayware.com doesn't work
| author | tux@HarimaKenji |
|---|---|
| date | Mon Jul 14 22:22:15 2008 +0200 (2008-07-14) |
| parents | 2c26e23b76f8 |
| children | 9e30e64c8198 |
| rev | line source |
|---|---|
| paul@68 | 1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
| paul@68 | 2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| paul@68 | 3 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
| paul@68 | 4 <head> |
| paul@68 | 5 <title>SliTaz Handbook (en) - Secure SHell (SSH)</title> |
| paul@42 | 6 <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> |
| paul@42 | 7 <meta name="description" content="slitaz English handbook" /> |
| paul@42 | 8 <meta name="expires" content="never" /> |
| paul@42 | 9 <meta name="modified" content="2008-02-26 18:30:00" /> |
| paul@42 | 10 <meta name="publisher" content="www.slitaz.org" /> |
| paul@42 | 11 <meta name="author" content="Christophe Lincoln" /> |
| paul@42 | 12 <link rel="shortcut icon" href="favicon.ico" /> |
| paul@68 | 13 <link rel="stylesheet" type="text/css" href="book.css" /> |
| paul@68 | 14 </head> |
| paul@68 | 15 <body bgcolor="#ffffff"> |
| paul@42 | 16 |
| paul@42 | 17 <!-- Header and quick navigation --> |
| paul@42 | 18 <div id="header"> |
| paul@42 | 19 <div id="quicknav" align="right"> |
| paul@42 | 20 <a name="top"></a> |
| paul@49 | 21 <a href="security.html">Security</a> | |
| paul@42 | 22 <a href="index.html">Table of contents</a> |
| paul@42 | 23 </div> |
| paul@42 | 24 <h1><font color="#3e1220">SliTaz Handbook (en)</font></h1> |
| paul@42 | 25 </div> |
| paul@42 | 26 |
| paul@42 | 27 <!-- Content. --> |
| paul@42 | 28 <div id="content"> |
| paul@42 | 29 <div class="content-right"></div> |
| paul@42 | 30 |
| paul@42 | 31 <h2><font color="#df8f06">Secure SHell (SSH)</font></h2> |
| paul@42 | 32 |
| paul@42 | 33 <ul> |
| paul@42 | 34 <li><a href="#about">About Dropbear.</a></li> |
| paul@42 | 35 <li><a href="#dbclient">Connecting to a remote host.</a> - (dbclient).</li> |
| paul@42 | 36 <li><a href="#scp">Transfer files</a> - (scp).</li> |
| paul@42 | 37 <li><a href="#dropbearkey">Generate keys rsa/dss.</a> - (dropbearkey).</li> |
| paul@42 | 38 <li><a href="#start-stop-restart">Start, stop, restart SSH server.</a></li> |
| paul@42 | 39 </ul> |
| paul@42 | 40 |
| paul@42 | 41 <a name="about"></a> |
| paul@42 | 42 <h3>About Dropbear</h3> |
| paul@42 | 43 <p> |
| paul@42 | 44 Control and administer remotely with the Dropbear SSH secure server. Dropbear is a small SSH client/server |
| paul@42 | 45 supporting SSH 2, it's compatible with OpenSSH and uses ~/.ssh/authorized_keys for the management of public keys. |
| paul@42 | 46 Dropbear also provides it's own version of <code>scp</code>, allowing you to copy files |
| paul@46 | 47 between machines in a secure manner. |
| paul@42 | 48 </p> |
| paul@42 | 49 <p> |
| paul@42 | 50 Project website: |
| paul@42 | 51 <a href="http://matt.ucc.asn.au/dropbear/dropbear.html">matt.ucc.asn.au/dropbear/dropbear.html</a> |
| paul@42 | 52 </p> |
| paul@42 | 53 |
| paul@42 | 54 <a name="dbclient"></a> |
| paul@42 | 55 <h3>Connecting to a remote host with dbclient</h3> |
| paul@42 | 56 <p> |
| paul@42 | 57 The configuration files for the SSH client are located in the ~/.ssh directory of each user, this contains |
| paul@42 | 58 the authorized_keys and known_hosts files. The directory ~/.ssh and known_hosts file are automatically created |
| paul@46 | 59 the first time you run the Dropbear client (dbclient). |
| paul@42 | 60 </p> |
| paul@42 | 61 <p> |
| paul@46 | 62 To connect to a remote host employing the user and machine name: |
| paul@42 | 63 </p> |
| paul@42 | 64 <pre> $ dbclient user@machine.org |
| paul@42 | 65 </pre> |
| paul@42 | 66 <p> |
| paul@42 | 67 You can also connect using the IP address of the machine: |
| paul@42 | 68 </p> |
| paul@42 | 69 <pre> $ dbclient user@192.168.0.2 |
| paul@42 | 70 </pre> |
| paul@42 | 71 |
| paul@42 | 72 <a name="scp"></a> |
| paul@42 | 73 <h3>Transfer of remote files with scp</h3> |
| paul@42 | 74 <p> |
| paul@46 | 75 To copy a file from one computer to another, scp can be utilized in the following ways. To copy a file |
| paul@42 | 76 named page.html to a remote directory of the user (don't forget the <code>:</code> after the machine name or |
| paul@42 | 77 IP address): |
| paul@42 | 78 </p> |
| paul@43 | 79 <pre> $ scp page.html user@machine.org:path/remote/directory |
| paul@42 | 80 </pre> |
| paul@42 | 81 <p> |
| paul@42 | 82 Copy a file from a remote machine to your local machine: |
| paul@42 | 83 </p> |
| paul@43 | 84 <pre> $ scp user@machine.org:path/remote/directory/page.html /path/your/directory |
| paul@42 | 85 </pre> |
| paul@42 | 86 |
| paul@42 | 87 <a name="dropbearkey"></a> |
| paul@42 | 88 <h3>Generate rsa/dss keys with dropbearkey</h3> |
| paul@42 | 89 <p> |
| paul@42 | 90 Dropbear provides <code>dropbearkey</code> to generate the protected keys rsa |
| paul@42 | 91 and dss. Note that when you start the server for the first time, secure keys will be |
| paul@42 | 92 automatically generated if they don't already exist. You can use <code>dropbearkey</code> with |
| paul@42 | 93 the following argurments: |
| paul@42 | 94 </p> |
| paul@42 | 95 <pre> # dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key |
| paul@42 | 96 # dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key |
| paul@42 | 97 </pre> |
| paul@42 | 98 |
| paul@42 | 99 <a name="start-stop-restart"></a> |
| paul@42 | 100 <h3>Start, stop, restart the SSH server</h3> |
| paul@42 | 101 <p> |
| paul@42 | 102 By default SliTaz will not start the SSH server at boot, to be launched automatically <code>dropbear</code> |
| paul@42 | 103 must be added to the variable RUN_DAEMONS in the <code>/etc/rcS.conf</code> file. To start, stop or restart |
| paul@42 | 104 the SSH server; use the following commands: <code>/etc/init.d/dropbear [start|stop|restart]</code>. |
| paul@42 | 105 Example to start the server: |
| paul@42 | 106 </p> |
| paul@42 | 107 <pre> # /etc/init.d/dropbear start |
| paul@42 | 108 </pre> |
| paul@42 | 109 <p> |
| paul@42 | 110 Note that the server supports the passing of various options when launched. To change the default values, |
| paul@42 | 111 simple modify the daemons configuration file <code>/etc/daemons.conf</code>. |
| paul@42 | 112 </p> |
| paul@42 | 113 |
| paul@42 | 114 <!-- End of content --> |
| paul@42 | 115 </div> |
| paul@42 | 116 |
| paul@42 | 117 <!-- Footer. --> |
| paul@42 | 118 <div id="footer"> |
| paul@42 | 119 <div class="footer-right"></div> |
| paul@42 | 120 <a href="#top">Top of the page</a> | |
| paul@68 | 121 <a href="index.html">Table of contents</a> |
| paul@42 | 122 </div> |
| paul@42 | 123 |
| paul@42 | 124 <div id="copy"> |
| paul@42 | 125 Copyright © 2008 <a href="http://www.slitaz.org/en/">SliTaz</a> - |
| paul@42 | 126 <a href="http://www.gnu.org/licenses/gpl.html">GNU General Public License</a>;<br /> |
| paul@42 | 127 Documentation is under |
| paul@42 | 128 <a href="http://www.gnu.org/copyleft/fdl.html">GNU Free Documentation License</a> |
| paul@42 | 129 and code is <a href="http://validator.w3.org/">valid xHTML 1.0</a>. |
| paul@42 | 130 </div> |
| paul@42 | 131 |
| paul@68 | 132 </body> |
| paul@68 | 133 </html> |
| paul@42 | 134 |