From owner-freebsd-security  Fri Aug  3 19:30:10 2001
Delivered-To: freebsd-security@freebsd.org
Received: from ns.morning.ru (ns.morning.ru [195.161.98.5])
	by hub.freebsd.org (Postfix) with ESMTP id 67E8337B405
	for <security@FreeBSD.ORG>; Fri,  3 Aug 2001 19:30:04 -0700 (PDT)
	(envelope-from poige@morning.ru)
Received: from NIC1 ([195.161.98.236])
	by ns.morning.ru (8.11.5/8.11.5) with ESMTP id f742Tmf17847;
	Sat, 4 Aug 2001 10:29:49 +0800 (KRAST)
Date: Sat, 4 Aug 2001 10:30:12 +0800
From: Igor Podlesny <poige@morning.ru>
X-Mailer: The Bat! (v1.52 Beta/7) UNREG / CD5BF9353B3B7091
Organization: Morning Network
X-Priority: 3 (Normal)
Message-ID: <15963958557.20010804103012@morning.ru>
To: Kris Kennaway <kris@obsecurity.org>
Cc: Paulo Fragoso <paulo@nlink.com.br>, security@FreeBSD.ORG
Subject: Re[2]: SSHD in JAIL
In-Reply-To: <20010731183530.A40773@xor.obsecurity.org>
References: <20010731141613.A37314@xor.obsecurity.org>
 <20010731183006.T5827-100000@mirage.nlink.com.br>
 <20010731183530.A40773@xor.obsecurity.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


> On Tue, Jul 31, 2001 at 06:35:28PM -0300, Paulo Fragoso wrote:
>> On Tue, 31 Jul 2001, Kris Kennaway wrote:
>> 
>> > On Tue, Jul 31, 2001 at 05:53:21PM -0300, Paulo Fragoso wrote:
>> > > Hi,
>> > >
>> > > We are making a jail using FBSD 4.3-RELEASE but in the jail sshd can't
>> > > starting:
>> > >
>> > > ssh-keygen: no RSA support in libssl and libcrypto.  See ssl(8).
>> > >
>> > > How we can buildworld with RSA support in libssl or libcrypto?
>> >
>> > The error message really means "I can't find /dev/urandom" :-)
>> 
>> How we can start sshd in the jail using jail directory mounted with nodev?

Let me ask what is the purpose of nodev in your situation?

I  suggest  using  devfs  (5)  mounted inside your jail dir (not sure,
though, how about urandom there, but think it should be okay)... seems
it will solve the problem. At least there is a hope there ;)

> You can't: it needs /dev/urandom.
> Kris

-- 
 Igor                            mailto:poige@morning.ru
http://www.morning.ru/~poige



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message