Shulou(Shulou.com)06/01 Report--

Dropbear is a relatively small SSH server and client.

Technology:

Dropbear implements secure Shell (SSH) protocol version 2. The encryption algorithm is implemented within the Dropbear allocation using a third-party encryption library. It comes from some local OpenSSH to deal with BSD-style pseudo-terminals.

Features:

Dropbear implements the complete SSH client and server version 2 protocol. It does not support backward compatibility with SSH version 1 to save space and resources, and to avoid the security vulnerabilities inherent in SSH version 1. It also implemented SCP's. SFTP support depends on a binary file, which can be provided through the OpenSSH or similar plan.

Here is a simple installation and configuration of dropbear:

1. Compile and install:

1)。 Extract the prepared dropbear-2013.58:

# tar xf dropbear-2013.58.tar.bz2

2)。 Compile / install and generate the required tool dropbear:

# cd dropbear-2013.58#. / configure-- prefix=/usr/local/dropbear/# make PROGRAMS= "dropbear dbclient dropbearkey scp" # make PROGRAMS= "dropbear dbclient dropbearkey scp" install

two。 Configure the service script:

1)。 Edit the / etc/rc.d/init.d/dropbear file:

# vim / et _ c _ etc/rc.d/init.d/functions _ r _ r / etc/rc.d/init.d/functions [- r / etc/sysconfig/dropbear] & &. / etc/sysconfig/dropbearkeysize=$ {keysize:-1024} port=$ {port:-22} gendsskey () {[- d / etc/dropbear] | | mkdir / etc/dropbear echo-n "Starting generate the dsskey:" $dropbearkey-t dss-f $dsskey & > / dev/null RETVAL=$?if [$RETVAL-eq 0] Then success echo return 0else failure echo return 1fi} genrsakey () {[- d / etc/dropbear] | | mkdir / etc/dropbear echo-n "Starting generate the rsakey:" $dropbearkey-t rsa-s $keysize-f $rsakey & > / dev/null RETVAL=$?if [$RETVAL-eq 0] Then success echo return 0else failure echo return 1fi} start () {[- e $dsskey] | gendsskey [- e $rsakey] | | genrsakey if [- e $lockfile]; then echo-n "dropbear daemon is already running:" success echo exit 0fi echo-n "Starting dropbear:" daemon-- pidfile= "$pidfile" $dropbear-p $port-d $dsskey-r $rsakey RETVAL=$? Echoif [$RETVAL-eq 0]; then touch $lockfile return 0else rm-f $lockfile $pidfile return 1fi} stop () {if [!-e $lockfile]; then echo-n "dropbear service is stopped:" success echo exit 1fi echo-n "Stopping dropbear daemon:" killproc dropbear RETVAL=$? Echo If [$RETVAL-eq 0] Then rm-f $lockfile $pidfile return 0 else return 1fi} status () {if [- e $lockfile]; then echo "dropbear is running..." Else echo "dropbear is stopped..." Fi} usage () {echo "Usage: dropbear {start | stop | restart | status | gendsskey | genrsakey}"} case $1 instart) start;; stop) stop;; restart) stop start;; status) status;; gendsskey) gendsskey;; genrsakey) genrsakey;; *) usage;; esac

3. Script file configuration (also a file for a custom port):

# vim / etc/sysconfig/dropbearkeysize=2048port=22022

4. Assign the appropriate attributes:

1)。 Grant executable permissions:

# chmod + x / etc/rc.d/init.d/dropbear

2)。 Add dropbear as a system service to facilitate startup using service.

# chkconfig-- add dropbear# chkconfig-- list | grep dropbear

3)。 Start the service:

# service dropbear start

4)。 View the port:

# ss-tunl

5. Use terminals such as Xshell to test:

Use the self-defined port to test the port.

A smile is the most beautiful language!!!

Write a blog based on my understanding, if there are any mistakes, welcome to point out.

-> little girl

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.