Date: Mon, 6 Aug 2001 08:35:09 -0300 (BRT) From: Paulo Fragoso <paulo@nlink.com.br> To: Igor Podlesny <poige@morning.ru> Cc: Kris Kennaway <kris@obsecurity.org>, <security@FreeBSD.ORG> Subject: Re[2]: SSHD in JAIL Message-ID: <20010806082311.E84271-100000@mirage.nlink.com.br> In-Reply-To: <15963958557.20010804103012@morning.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 4 Aug 2001, Igor Podlesny wrote: > > > On Tue, Jul 31, 2001 at 06:35:28PM -0300, Paulo Fragoso wrote: > >> On Tue, 31 Jul 2001, Kris Kennaway wrote: > >> > >> > On Tue, Jul 31, 2001 at 05:53:21PM -0300, Paulo Fragoso wrote: > >> > > Hi, > >> > > > >> > > We are making a jail using FBSD 4.3-RELEASE but in the jail sshd can't > >> > > starting: > >> > > > >> > > ssh-keygen: no RSA support in libssl and libcrypto. See ssl(8). > >> > > > >> > > How we can buildworld with RSA support in libssl or libcrypto? > >> > > >> > The error message really means "I can't find /dev/urandom" :-) > >> > >> How we can start sshd in the jail using jail directory mounted with nodev? > > Let me ask what is the purpose of nodev in your situation? I was thinking if jail dir mounted on file system with "nodev" it will more secure. Anyone colud acess any disks in the jails enviroment. Is it all right? > > I suggest using devfs (5) mounted inside your jail dir (not sure, > though, how about urandom there, but think it should be okay)... seems > it will solve the problem. At least there is a hope there ;) > > > You can't: it needs /dev/urandom. > > Kris > Thanks, Paulo Fragoso. > -- > Igor mailto:poige@morning.ru > http://www.morning.ru/~poige > > -- __O _-\<,_ Why drive when you can bike? (_)/ (_) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010806082311.E84271-100000>