Rhyous

December 2, 2009

How to enable sshd from the FreeBSD 8 install’s fixit environment?

Filed under: FreeBSD — J. Abram barneck @ 1:28 pm
Tags: ,

How to enable sshd from the FreeBSD 8 install’s fixit environemnt?

So there are lots of documents out there on how to do something in fixit and some times (most the time) those are long drawn out processes with a lot of typing.

What if you could copy and paste? Well, you can’t. But you could if you could ssh in right.

So lets boot to the FreeBSD 8 Installation DVD and see if we can enable sshd.

I just got it to work so let me document my steps:

  1. Run ifconfig to find what ethernet controller you have. Mine was em0.
    fixit# ifconfig
  2. Now assign an IP address. Make sure to find an open IP Address that is not already in use.
    fixit# ifconfig em0 inet 192.168.0.25 netmask 255.255.255.0

    That is it for configuring your IP address. You may be asking yourself, what about the DNS server and the default route? Well, you only need those if you are connecting from a different subnet and since you are booted to a fixit environment, I assume you are on the same subnet. Just in case you aren’t, you can enable DNS and give yourself a default route with these commands:

    fixit#
    fixit#     		echo nameserver 192.168.0.1 > /etc/resolv.conf
    route add default 192.168.0.1

  3. Create the directory where the default sshd configuration and keys are stored.
    fixit# mkdir /etc/ssh
  4. Copy the sshd_config to this directory.
    fixit# cp /dist/etc/ssh/sshd_config /etc/ssh
  5. Change the configuration file to allow root logins.
    fixit# echo PermitRootLogin yes >> /etc/ssh/sshd_config
  6. Create the rsa1, rsa, and dsa keys.

    fixit#
    fixit#
    fixit#     		ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''
    ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
    ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''

  7. Make sure that root can find a shell.
    fixit# ln -s /mnt2/bin/csh /bin/csh
  8. Make sure root has a home directory.
    fixit# mkdir /root
  9. Start the sshd daemon.
    fixit# /mnt2/usr/sbin/sshd
  10. Prepare the environment for login. We probably want similar environment variables, because the defaults won't work, since most our binary files are in subdirectories of /mnt2.

5 Comments »

  1. Hi,

    Your post really helped doing a complex setup from Fixit. Being able to ssh in and copy/paste commands made things a LOT faster!

    If anyone else comes across this post, i tweaked the steps a bit and dumped them in a .sh file. If you run the script bellow from a usb stick, it will set everything up. It uses dhcp for net setup, and i changed the .cshrc a little because the one rhyous created in his post behaved a bit weird for me (no command history for one).

    Thanks goes to rhyous 🙂

    #!/bin/sh
    # setup network (set the correct device for your system)

    mkdir /var/db
    ifconfig re0 up
    sleep 5
    dhclient re0

    # setup sshd

    mkdir /etc/ssh
    cp /dist/etc/ssh/sshd_config /etc/ssh
    echo ‘PermitRootLogin yes’ >> /etc/ssh/sshd_config

    mkdir /usr/bin/
    ln -s /dist/usr/bin/ssh /usr/bin/ssh

    ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ”
    ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ”
    ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ”

    # setup login shell for root

    mkdir /root
    echo “setenv PATH ‘/bin:/sbin:/usr/bin:/usr/sbin:/stand:/mnt2/stand:/mnt2/bin:/mnt2/sbin:/mnt2/usr/bin:/mnt2/usr/sbin'” > /root/.cshrc
    echo “setenv EDITOR ‘/mnt2/usr/bin/ee'” >> /root/.cshrc
    echo “set prompt=’Fixit# ‘” >> /root/.cshrc
    ln -s /mnt2/bin/csh /bin/csh

    # start sshd

    /mnt2/usr/sbin/sshd

    Comment by phatfish — December 11, 2009 @ 5:08 am | Reply

  2. Thanks phatfish for the update.

    I mostly did the .cshrc the way I did to make it easy to type and try to get the same environment as best as I could.

    Adding a USB stick is great idea to eliminate the pain of typing it all in.

    Comment by rhyous — December 11, 2009 @ 1:35 pm | Reply

  3. Thanks, this is really useful! Just tried it in vmware and it works like a treat.
    There is a small typo in step 5, you obviously want to echo PermitRootLogin to /etc/ssh/sshd_config rather than /dist/etc/ssh/sshd_config

    Comment by Manolis Kiagias — January 3, 2010 @ 2:31 pm | Reply

  4. Thanks for the guide – most useful. I did find a slight problem if you need geom tools. GEOM_LIBRARY_PATH doesn’t get exported so gpart etc. can’t see the required libraries. This is fixed after login via ssh by running:

    export GEOM_LIBRARY_PATH

    Comment by Matthew Willsher — February 25, 2010 @ 2:06 pm | Reply

  5. thanks a lot… its really helpful

    Comment by s0ta — March 29, 2010 @ 3:55 am | Reply


RSS feed for comments on this post. TrackBack URI

Leave a reply to rhyous Cancel reply

Blog at WordPress.com.