bionic (1) dbclient.1.gz

Provided by: dropbear-bin_2017.75-3build1_amd64 bug

NAME
       dbclient - lightweight SSH client


SYNOPSIS
       dbclient [flag arguments] [-p port] [-i id] [-L l:h:p] [-R l:h:p] [-l user] host [more flags] [command]

       dbclient [args] [user1]@host1[^port1],[user2]@host2[^port2],...


DESCRIPTION
       dbclient is a small SSH client


OPTIONS
       command
              A command to run on the remote host. This will normally be run by the remote host using the user's
              shell. The command begins at the first hyphen argument after the host argument. If no  command  is
              specified an interactive terminal will be opened (see -t and -T).

       -p port
              Connect  to  port  on  the  remote  host.  Alternatively a port can be specified as hostname^port.
              Default is 22.

       -i idfile
              Identity file.  Read the identity key from file idfile (multiple allowed). This  file  is  created
              with   dropbearkey(1)  or  converted  from  OpenSSH  with  dropbearconvert(1).  The  default  path
              ~/.ssh/id_dropbear is used

       -L [listenaddress]:listenport:host:port
              Local port forwarding.  Forward the port listenport on the local host through the  SSH  connection
              to port port on the host host.

       -R [listenaddress]:listenport:host:port
              Remote port forwarding.  Forward the port listenport on the remote host through the SSH connection
              to port port on the host host.

       -l user
              Username.  Login as user on the remote host.

       -t     Allocate a PTY. This is the default when no command is given, it gives a full  interactive  remote
              session.  The  main  effect  is  that keystrokes are sent remotely immediately as opposed to local
              line-based editing.

       -T     Don't allocate a PTY. This is the default a command is given. See -t.

       -N     Don't request a remote shell or run any commands. Any command arguments are ignored.

       -f     Fork into the background after authentication. A command argument (or -N) is  required.   This  is
              useful when using password authentication.

       -g     Allow  non-local hosts to connect to forwarded ports. Applies to -L and -R forwarded ports, though
              remote connections to -R forwarded ports may be limited by the ssh server.

       -y     Always accept hostkeys if they are unknown. If a hostkey mismatch occurs the connection will abort
              as  normal.  If  specified a second time no host key checking is performed at all, this is usually
              undesirable.

       -A     Forward agent connections to the remote host. dbclient will use any OpenSSH-style agent program if
              available  ($SSH_AUTH_SOCK will be set) for public key authentication.  Forwarding is only enabled
              if -A is specified.

       -W windowsize
              Specify  the  per-channel  receive  window  buffer  size.  Increasing  this  may  improve  network
              performance at the expense of memory use. Use -h to see the default buffer size.

       -K timeout_seconds
              Ensure  that  traffic  is transmitted at a certain interval in seconds. This is useful for working
              around firewalls or routers that drop connections after a certain period of inactivity. The trade-
              off  is  that  a  session  may  be closed if there is a temporary lapse of network connectivity. A
              setting if 0 disables keepalives. If no response is received  for  3  consecutive  keepalives  the
              connection will be closed.

       -I idle_timeout
              Disconnect the session if no traffic is transmitted or received for idle_timeout seconds.

       -J proxy_command
              Use  the  standard  input/output  of  the  program  proxy_command  rather  than using a normal TCP
              connection. A hostname should be still be provided, as this is used for comparing saved  hostkeys.
              This command will be executed as "exec proxy_command ..." with the default shell.

       -B endhost:endport
              "Netcat-alike"  mode,  where  Dropbear  will  connect  to  the given host, then create a forwarded
              connection to endhost. This will then be presented as dbclient's standard input/output.

       -c cipherlist
              Specify a comma separated list of ciphers to enable. Use -c help to list possibilities.

       -m MAClist
              Specify  a  comma  separated  list  of  authentication  MACs  to  enable.  Use  -m  help  to  list
              possibilities.

       -o option
              Can  be  used  to  give  options  in  the  format  used by OpenSSH config file. This is useful for
              specifying options for which there is no separate command-line flag.   For  full  details  of  the
              options listed below, and their possible values, see ssh_config(5).

              For now following options have been implemented:

              ExitOnForwardFailure
                     Specifies  whether  dbclient  should  terminate  the  connection  if  it  cannot set up all
                     requested local and remote port forwardings. The argument  must  be  “yes”  or  “no”.   The
                     default is “no”.

              UseSyslog
                     Send dbclient log messages to syslog in addition to stderr.

       -s     The  specified command will be requested as a subsystem, used for sftp. Dropbear doesn't implement
              sftp itself but the OpenSSH sftp client can be used eg sftp -S dbclient user@host

       -V     Print the version


MULTI-HOP
       Dropbear will also allow multiple "hops" to be specified, separated by commas. In this case a  connection
       will  be  made to the first host, then a TCP forwarded connection will be made through that to the second
       host, and so on. Hosts other than the final destination will not see anything other  than  the  encrypted
       SSH  stream.   A  port  for a host can be specified with a caret (eg matt@martello^44 ).  This syntax can
       also be used with scp or rsync (specifying dbclient as the ssh/rsh command).  A  file  can  be  "bounced"
       through multiple SSH hops, eg

       scp -S dbclient matt@martello,root@wrt,canyons:/tmp/dump .

       Note  that  hostnames are resolved by the prior hop (so "canyons" would be resolved by the host "wrt") in
       the example above, the same way as other -L TCP forwarded hosts are. Host keys are checked locally  based
       on the given hostname.


ESCAPE CHARACTERS
       Typing a newline followed by the  key sequence ~. (tilde, dot) will terminate a connection.  The sequence
       ~^Z (tilde, ctrl-z) will background the connection. This behaviour only applies when a PTY is used.


ENVIRONMENT
       DROPBEAR_PASSWORD
              A password to use  for  remote  authentication  can  be  specified  in  the  environment  variable
              DROPBEAR_PASSWORD.  Care  should  be  taken  that  the password is not exposed to other users on a
              multi-user system, or stored in accessible files.

       SSH_ASKPASS
              dbclient can use an external program to request a password from a user.  SSH_ASKPASS should be set
              to the path of a program that will return a password on standard output. This program will only be
              used if either DISPLAY is set and standard input  is  not  a  TTY,  or  the  environment  variable
              SSH_ASKPASS_ALWAYS is set.


NOTES
       If compiled with zlib support and if the server supports it, dbclient will always use compression.


AUTHOR
       Matt Johnston (matt@ucc.asn.au).
       Mihnea Stoenescu wrote initial Dropbear client support
       Gerrit Pape (pape@smarden.org) wrote this manual page.


SEE ALSO
       dropbear(8), dropbearkey(1)

       https://matt.ucc.asn.au/dropbear/dropbear.html

                                                                                                     dbclient(1)