[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-hackers
Subject: Re: Allow to run SSHd in Installer (12.2 patch)
From: Ben RUBSON <ben.rubson () gmx ! com>
Date: 2020-03-16 9:46:38
Message-ID: A3E1BDAF-E1F2-4D9B-B153-2BB2DEA6B482 () gmx ! com
[Download RAW message or body]
Thank you Ruben & Rodney for your interest into this.
Of course your solution works Rodney but is not really convenient trough a remote \
console. What my patch tends to fix :)
Fingers crossed !
Ben
> On 12 Mar 2020, at 19:29, Rodney W. Grimes <freebsd-rwg@gndrsh.dnsmgr.net> wrote:
>
> I have been starting sshd from install media since 5.4 or so,
> here is my current method that should work on 11, 12 and 13:
>
> # This version for FreeBSD 11.0R, works for 12.0 too
>
> mkdir /tmp/ssh
> cp -p /etc/ssh/sshd_config /tmp/ssh
> echo 'PermitRootLogin yes' >> /tmp/ssh/sshd_config
> echo 'AllowGroups wheel' >> /tmp/ssh/sshd_config
> echo 'PermitEmptyPasswords yes' >> /tmp/ssh/sshd_config
> echo 'HostKey /tmp/ssh/ssh_host_rsa_key' >> /tmp/ssh/sshd_config
> echo 'HostKey /tmp/ssh/ssh_host_dsa_key' >> /tmp/ssh/sshd_config
> echo 'UsePAM no' >> /tmp/ssh/sshd_config
> echo 'PasswordAuthentication yes' >> /tmp/ssh/sshd_config
>
> ssh-keygen -t rsa -f /tmp/ssh/ssh_host_rsa_key -N ''
> ssh-keygen -t dsa -f /tmp/ssh/ssh_host_dsa_key -N ''
>
> /usr/sbin/sshd -f /tmp/ssh/sshd_config
>
> For those that "need" this feature today :-) Just drop to
> a shell after booting from install media, run the above
> commands, and you can get in. BEWARE, passwordless root login enabled!
>
> > Hi Ben,
> >
> > I'm not a FreeBSD developer (so not your targeted audience) but would
> > very much like to see this land in a release!
> >
> > Kind regards,
> >
> > Ruben
> >
> > On 3/10/20 4:07 PM, Ben RUBSON wrote:
> >
> > > > On 2 Mar 2020, at 13:09, Ben RUBSON <ben.rubson@gmx.com> wrote:
> > > >
> > > > Hi,
> > > >
> > > > I've done some work to allow to connect to FreeBSD installer through SSH.
> > > > It can be useful for example if we have specific tasks to perform before \
> > > > installation, such as disks configuration etc... Working through a SSH \
> > > > connection is much more convenient than in front of a console. FreeBSD \
> > > > installer can then also be used as a rescue disk.
> > > > To achieve this, I've modified FreeBSD installer, so that after having \
> > > > installed SSHd, if performs following configuration \
> > > > modifications :
> > > > - generate host keys into /var/ssh (as default /etc/ssh is not writable) ;
> > > > - only allow keys authentication ;
> > > > - allow root authentication ;
> > > > - read authorized_keys file from /var/ssh (as default homedirs are not \
> > > > writable).
> > > > SSHd can then be started thanks to the installer shell : service sshd start
> > > > And a public key put into for example /var/ssh-keys/root/authorized_keys, \
> > > > thanks to fetch or whatever.
> > > > Work is here :
> > > > https://github.com/freebsd/freebsd/pull/156
> > > > Rather simple, and ready to be merged.
> > > >
> > > > This job is more than 2 years old, I would then really be glad if we could \
> > > > see this in 12.2 installation ISOs. It would prevent me from having to modify \
> > > > the new ISO files to implement this patch.
> > >
> > > Any thoughts ? :)
> > >
> > > Thank you very much !
> > >
> > > Ben
_______________________________________________
freebsd-hackers@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic