Provided by: tinysshd_20230101-2_amd64 bug

NAME
       tinysshd - Tiny SSH daemon


SYNOPSIS
       tinysshd [ options ] keydir


DESCRIPTION
       tinysshd is a minimalistic SSH server which implements only a subset of SSHv2 features.

       tinysshd  supports  only  secure cryptography (minimum 128-bit security, protected against
       cache-timing attacks)

       tinysshd doesn't implement older crypto (such as RSA, DSA, HMAC-MD5, HMAC-SHA1, 3DES, RC4,
       ...)

       tinysshd doesn't implement unsafe features (such as password or hostbased authentication)

       tinysshd  doesn't  have  features such: SSH1 protocol, compression, port forwarding, agent
       forwarding, X11 forwarding ...

       tinysshd doesn't use dynamic memory allocation (no allocation failures, etc.)


OPTIONS
       -q     no error messages

       -Q     print error messages (default)

       -v     print extra information

       -s     enable state-of-the-art crypto (default)

              signing - ssh-ed25519

              key-exchange - curve25519-sha256

              symmetric - chacha20-poly1305@openssh.com

       -S     disable state-of-the-art crypto

       -p     enable post-quantum crypto (default)

              signing - TODO (not implemented yet)

              key-exchange - sntrup761x25519-sha512@openssh.com

              symmetric -  chacha20-poly1305@openssh.com

       -P     disable post-quantum crypto

       -l     use syslog instead of standard error output (useful for running from inetd)

       -L     don't use syslog, use standard error output (default)

       -x name=command
              add subsystem command (e.g.: sftp=/usr/libexec/openssh/sftp-server)

       -e command
              execute the given command instead of spawning the  shell  (disables  exec/subsystem
              channel requests)

       keydir directory containing TinySSH keys, typically /etc/tinyssh/sshkeydir


AUTHORIZATION
       tinysshd     supports     only    public-key    authorization    via    AuthorizedKeysFile
       ~/.ssh/authorized_keys. Each line  of  the  file  contains  one  key  in  format  "keytype
       base64-encoded-key comment".  tinyssh supports only "ssh-ed25519" keytype.

       ~/.ssh/authorized_keys example:
         ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILV5AGhGQ1QVXjBWhTKJP3vrqE3isL4ivisBailQ14gS comment


RUNNING
       TCPSERVER
              tcpserver -HRDl0 0.0.0.0 22 /usr/sbin/tinysshd -v /etc/tinyssh/sshkeydir &

       BUSYBOX
              busybox tcpsvd 0 22 tinysshd -v /etc/tinyssh/sshkeydir &

       INETD
           /etc/inetd.conf:
               ssh    stream    tcp    nowait    root    /usr/sbin/tinysshd    tinysshd   -l   -v
               /etc/tinyssh/sshkeydir

       SYSTEMD
           tinysshd.socket:
               [Unit]
               Description=TinySSH server socket
               ConditionPathExists=!/etc/tinyssh/disable_tinysshd

               [Socket]
               ListenStream=22
               Accept=yes

               [Install]
               WantedBy=sockets.target

           tinysshd@.service:
               [Unit]
               Description=Tiny SSH server
               After=network.target auditd.service

               [Service]
               ExecStartPre=-/usr/sbin/tinysshd-makekey -q /etc/tinyssh/sshkeydir
               EnvironmentFile=-/etc/default/tinysshd
               ExecStart=/usr/sbin/tinysshd ${TINYSSHDOPTS} -- /etc/tinyssh/sshkeydir
               KillMode=process
               SuccessExitStatus=111
               StandardInput=socket
               StandardError=journal

               [Install]
               WantedBy=multi-user.target


SEE ALSO
       tinysshd-makekey(8), tinysshd-printkey(8)

       https://tinyssh.org/

                                                                                      tinysshd(8)