Provided by: tinysshd_20180201-1_amd64 bug

NAME

       tinysshd - Tiny SSH daemon

SYNOPSIS

       tinysshd [ options ] keydir

DESCRIPTION

       tinysshd is a minimalistic SSH server which implements only a subset of SSHv2 features.

       tinysshd  supports  only  secure cryptography (minimum 128-bit security, protected against
       cache-timing attacks)

       tinysshd doesn't implement unnecessary features (such as SSH1 protocol, compression, ...)

       tinysshd doesn't implement older crypto (such as RSA, DSA, HMAC-MD5, HMAC-SHA1, 3DES, RC4,
       ...)

       tinysshd doesn't implement unsafe features (such as password or hostbased authentication)

       tinysshd doesn't use dynamic memory allocation (no allocation failures, etc.)

OPTIONS

       -q     no error messages

       -Q     print error messages (default)

       -v     print extra information

       -o     enable   older   standardized  crypto  -  ecdsa-sha2-nistp256,  ecdh-sha2-nistp256,
              aes256-ctr, hmac-sha2-256

       -O     disable older standardized crypto (default)

       -s     enable  state-of-the-art  crypto   -   ssh-ed25519,   curve25519-sha256@libssh.org,
              chacha20-poly1305@openssh.com (default)

       -S     disable state-of-the-art crypto

       -p     enable post-quantum crypto - TODO, TODO, chacha20-poly1305@openssh.com

       -P     disable post-quantum crypto

       -l     use syslog instead of standard error output (useful for running from inetd)

       -L     don't use syslog, use standard error output (default)

       -x name=command
              add subsystem command (e.g.: sftp=/usr/libexec/openssh/sftp-server)

       keydir directory containing TinySSH keys, typically /etc/tinyssh/sshkeydir

AUTHORIZATION

       tinysshd     supports     only    public-key    authorization    via    AuthorizedKeysFile
       ~/.ssh/authorized_keys. Each line  of  the  file  contains  one  key  in  format  "keytype
       base64-encoded-key   comment".    tinyssh   supports   only   "ssh-ed25519"   and  "ecdsa-
       sha2-nistp256" keytypes.

       ~/.ssh/authorized_keys example:
         ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILV5AGhGQ1QVXjBWhTKJP3vrqE3isL4ivisBailQ14gS comment
         ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPqVpPptLAMlCzojDM6W2x5rmzAxmOyOW0K9K3wuClgqMeguHg82Ju6IrA2YP76vhjhU8atfjM+tsfTXgplEo4o= comment

RUNNING

       TCPSERVER
              tcpserver -HRDl0 0.0.0.0 22 /usr/sbin/tinysshd -v /etc/tinyssh/sshkeydir &

       BUSYBOX
              busybox tcpsvd 0 22 tinysshd -v /etc/tinyssh/sshkeydir &

       INETD
           /etc/inetd.conf:
               ssh   stream   tcp    nowait    root    /usr/sbin/tinysshd    tinysshd    -l    -v
               /etc/tinyssh/sshkeydir

       SYSTEMD
           tinysshd.socket:
               [Unit]
               Description=TinySSH server socket
               ConditionPathExists=!/etc/tinyssh/disable_tinysshd

               [Socket]
               ListenStream=22
               Accept=yes

               [Install]
               WantedBy=sockets.target

           tinysshd@.service:
               [Unit]
               Description=Tiny SSH server
               After=network.target auditd.service

               [Service]
               ExecStartPre=-/usr/sbin/tinysshd-makekey -q /etc/tinyssh/sshkeydir
               EnvironmentFile=-/etc/default/tinysshd
               ExecStart=/usr/sbin/tinysshd ${TINYSSHDOPTS} -- /etc/tinyssh/sshkeydir
               KillMode=process
               StandardInput=socket
               StandardError=journal

               [Install]
               WantedBy=multi-user.target

SEE ALSO

       tinysshd-makekey(1), tinysshd-printkey(1)

       https://tinyssh.org/

                                                                                      tinysshd(8)