Here're my 2 cents on the subject : what about adding a way to pass overrides parameters instead?
This patch is interesting for what it would allow but such functions might be in a better place outside dropbear, in a more general setting. The exemple I presented to the author is the relation between a HTTP proxy (ex: stunnel) and a HTTP server. The HTTP proxy can pass X-Forwarded-For IP to the HTTP server, which, if configured to accept that, will be use in the logs files. A command line flags seems wrong to me. Adding the possibility to pass parameters to dropbear *before* it sends the SSH banner, ex: OVERRIDE_USER=xx, OVERRIDE_SHELL=yy would cover more use cases, while remaining very light. This would just require a wrapper to *send* informations to the tcp port- and the patch could simply be something like "if dropbear receives something before the connection do... otherwise business as usual". "accept override" would be a perfect command line flag for dropbear, instead of specifying which are the overrides. Guylhem
