From owner-freebsd-questions@FreeBSD.ORG Tue Jun 6 16:42:03 2006 Return-Path: <owner-freebsd-questions@FreeBSD.ORG> X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3EC4416A91E for <freebsd-questions@freebsd.org>; Tue, 6 Jun 2006 16:42:03 +0000 (UTC) (envelope-from kris@obsecurity.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD8B543D48 for <freebsd-questions@freebsd.org>; Tue, 6 Jun 2006 16:42:02 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196]) by elvis.mu.org (Postfix) with ESMTP id A485E1A3C19; Tue, 6 Jun 2006 09:42:02 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id D7CBE515B2; Tue, 6 Jun 2006 12:42:01 -0400 (EDT) Date: Tue, 6 Jun 2006 12:42:01 -0400 From: Kris Kennaway <kris@obsecurity.org> To: Kevin Wortman <kevin.wortman@gmail.com> Message-ID: <20060606164201.GA4187@xor.obsecurity.org> References: <6bcb65c40606060931s6b35ce3fo238625d6120ecd01@mail.gmail.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4Ckj6UjgE2iN1+kY" Content-Disposition: inline In-Reply-To: <6bcb65c40606060931s6b35ce3fo238625d6120ecd01@mail.gmail.com> User-Agent: Mutt/1.4.2.1i Cc: freebsd-questions@freebsd.org Subject: Re: PTY's in a FreeBSD Jail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions <freebsd-questions.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions> List-Post: <mailto:freebsd-questions@freebsd.org> List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=subscribe> X-List-Received-Date: Tue, 06 Jun 2006 16:42:03 -0000 --4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 06, 2006 at 12:31:19PM -0400, Kevin Wortman wrote: > All, >=20 > Sometime ago there was a question posed about the error "Server refused to > allocate pty" when trying to ssh into a freebsd jail. It seemed to be > answered by someone saying that the command "mount_devfs devfs > /your/jail/dir/dev" needed to enter, which in fact does make the jail sta= rt > working. However, it was stated in the same posting that this was not > considered to be secure. >=20 > Hence my question, if this is in fact not secure, how can I get my jail > properly configured in FreeBSD 6.0 without compromising the security of t= he > box? I ask because I have several boxes currently running in my environm= ent > with jails (FreeBSD 4.x) and do not see this command anywhere in the star= tup > scripts yet the jailed environment appears to be working like a champ. >=20 > I am fairly new to the FreeBSD world so please pardon my ignorance, if I > have displayed any. See the jail manpage for how to set up devfs. Kris --4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEhbBZWry0BWjoQKURAo8pAJ9KvEPc/lolQGz4wNNSCk+pfw4TcwCdHq3D nKhwKkqP6eiQZGslis9IqQg= =XlMo -----END PGP SIGNATURE----- --4Ckj6UjgE2iN1+kY--