dbclient
Connect to a remote SSH server
TLDR
Connect to a remote host
Connect to a remote host on [p]ort 2222
Connect to a remote host using a specific [i]dentity key in dropbear format
Run a command on the remote host with a [t]ty allocation allowing interaction with the remote command
Connect and forward [A]gent connections to remote host
SYNOPSIS
dbclient [options] user@host [command]
PARAMETERS
-h
Display help message and exit.
-V
Display version information and exit.
-p port
Connect to the specified port on the remote host. Defaults to 22.
-i identity_file
Specify the path to the private key file for authentication.
-l username
Specify the username to log in as on the remote host.
-y
Always accept new host keys without prompting. Use with extreme caution as it bypasses host key verification, making it vulnerable to man-in-the-middle attacks.
-N
Do not execute a remote command or allocate a pseudo-terminal. Useful for port forwarding only.
-T
Disable pseudo-terminal allocation. Useful for executing commands non-interactively.
-C
Enable compression for the connection, which can be useful over slow links.
-L local_port:remote_host:remote_port
Local port forwarding. Forward local port to a remote host and port via the SSH tunnel.
-R remote_port:local_host:local_port
Remote port forwarding. Forward a remote port to a local host and port via the SSH tunnel.
-W host:port
Proxy forwarding. Forward stdio to a remote host and port.
-s
Request subsystem (e.g., used for sftp). If this option is used, command specifies the subsystem name.
-f
Go to background after successful authentication. Requires -N (no command).
user@host
The remote user and hostname or IP address to connect to.
[command]
An optional command to execute on the remote host. If not provided, an interactive shell will be opened.
DESCRIPTION
dbclient is the client program for Dropbear, a small and efficient SSH 2 server and client. It's designed to be lightweight and resource-friendly, making it suitable for embedded systems, routers, and environments where OpenSSH might be considered too large.
It allows users to securely connect to remote servers, execute commands, and transfer files over an encrypted channel. While offering a subset of OpenSSH's features, it provides essential SSH protocol version 2 functionality, focusing on minimal overhead and efficient operation for systems with constrained resources.
CAVEATS
Feature Limitations: Compared to OpenSSH, dbclient has fewer features, notably lacking support for X11 forwarding, SSH agent forwarding (though private key files can be specified), and a wider range of authentication methods.
Security Warning (-y): Using the -y option is highly discouraged in production environments as it disables critical host key verification, making connections susceptible to active man-in-the-middle attacks. Always verify host keys manually or via known_hosts.
Community Support: While stable, Dropbear and its client generally have a smaller community and less extensive public documentation than OpenSSH.
PORTABILITY AND RESOURCE USAGE
dbclient is known for its exceptional portability and minimal resource requirements. Its small binary size and low memory footprint make it an ideal choice for resource-constrained environments like IoT devices, network appliances, and older hardware where a full-fledged OpenSSH installation might be too heavy.
HISTORY
Dropbear, including its client dbclient, was developed by Matt Johnston with its initial release around 2003. It emerged as a lightweight, small-footprint alternative to the more feature-rich OpenSSH suite, specifically targeting embedded Linux systems, routers, and devices with limited memory and storage. Its design prioritizes efficiency and low resource consumption, which has cemented its place in the embedded systems world.