Package Details: mkinitcpio-tinyssh 0.0.3-3

Git Clone URL: (read-only)
Package Base: mkinitcpio-tinyssh
Description: Archlinux mkinitcpio hook to install and enable the tinyssh daemon in early userspace
Upstream URL:
Keywords: mkinitcpio network ssh tinyssh
Licenses: BSD
Conflicts: mkinitcpio-dropbear
Submitter: grazzolini
Maintainer: grazzolini
Last Packager: grazzolini
Votes: 7
Popularity: 0.109402
First Submitted: 2015-07-11 02:45
Last Updated: 2016-10-21 11:25

Dependencies (7)

Required by (2)

Sources (1)

Latest Comments

T4cC0re commented on 2018-08-08 18:55

To keep your host keys the same you need to install tinyssh-convert. Man, that took me a while to figure out. Apparently I can't read... Also, for people who are wondering why they get 'permission denied (publickey)': Make sure you use a ed25519 key, then it works.

grazzolini commented on 2016-08-16 12:30

I was notified by the software author (he also uses mkinitcpio-tinyssh). So I went ahead and packaged it. He is trying to improve it so it can also convert ecdsa keys. The software is pretty simple, since it mostly uses openssh-portable source code to convert the keys. But the author is willing to improve it to not depend upon it and also some minor improvements.

I managed to quickly adapt mkinitcpio-tinyssh to use it, because I already had the logic for the whole "convert or create" thing from mkinitcpio-dropbear. Now we can use the same host key for both tinyssh and openssh.

ArchangeGabriel commented on 2016-08-16 12:18

@Evils: There is now tinyssh-convert! And guess what: grazzolini already packaged it in AUR. ;)

Evils commented on 2016-04-04 20:54


After some research I came up with the same problem and ended up going with mkinitcpio-dropbear to avoid said problem! Thanks for the explanation!

grazzolini commented on 2016-04-01 14:17

Yes, this is an issue. I usually deal with this by using a different IP address on the initramfs than the other being used by the booted system. There is no tool (that I know of) to convert OpenSSH's ed25519 key format to tinyssh's. I'm co-maintainer of the tinyssh package and I look regularly into tinyssh code base.

It probably wouldn't be hard to develop some tool to do this, as dropbear does in fact have one. I don't know if dropbear builds on arm (I recall it doing), but the only way right know to use the same key is by using dropbear and mkinitcpio-dropbear. The format tinyssh uses is incompatible with OpenSSH's which in turn is incompatible with dropbear's.

This might change in the near future if I or someone else develop such tool. For now, configure your early userspace ip to be different than your booted system ip. Avoid dhcp if possible.

Evils commented on 2016-04-01 02:45

This package will generate new ssh keys for tinyssh that'll end up in the client's known host. As they are most likely different from the one's that are already on being used for (Open-)ssh, the client won't connect due to key mismatches.
Why not use the existing keys so there won't be a mismatch or if not, make a note about that?