Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
TIP: 2 sshd servers possible (1 in chroot)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
turtles
Veteran
Veteran


Joined: 31 Dec 2004
Posts: 1341

PostPosted: Sat Jun 07, 2014 8:49 pm    Post subject: TIP: 2 sshd servers possible (1 in chroot) Reply with quote

I dont know if this correct or useful or somewhere obvious but...
Say I have a hozed Gentoo install that is on a server that dual boots another *nix. The thing has super old bios (no usb boot) and no cd-drive it does have grub1.
Grub1 works and I boot up the super old *nix and I have taken whatever steps to get connected to this old box (headless) via ssh.
I can mount Gentoo, back up what is of interest (kernel configs settings www and home) from the old Gentoo and basically wipe everything but /var/www /home /proc /sys and /dev. I untar a current stage 3 over the old install and chroot (as per install manual) into Gentoo to to a fresh install.
Next I
Code:
emerge screen
and started start stuff like configuring the kernel from within a screen session.
But wait...
Now my internet connection is choppy or I want to leave the chroot and comeback or whatever reason.

So I configure sshd in the Gentoo chroot on old *nix box to use a different port than the old *nix box I am on.
Code:
nano /etc/ssh/sshd_config

Manually do a new keygen: (or just find and keep the old keys from the old Gentoo install)
Code:
/usr/bin/ssh-keygen -A

And manually start ssh:
Code:
/usr/sbin/sshd

Now from my client computer I can ssh in in a different terminal window on the new ssh process on the new port, and come and go as I please not exiting the chroot when I do.

Usefull?
Happy weekend --turtle
_________________
Donate to Gentoo
Back to top
View user's profile Send private message
szatox
Veteran
Veteran


Joined: 27 Aug 2013
Posts: 1729

PostPosted: Sun Jun 08, 2014 6:15 pm    Post subject: Reply with quote

Whad does screen have to do with sshd running from chroot?
Yes, you can have sshd listen on non-standard port
Yes, you can run sshd from withing chroot
Yes, you can use screen

But, if you use screen, and you logout or your connection drops or whatever, you can simply connect again to the very same sshd and once you log in run `screen -D -R` to force reattach to previous screen session. You don't need second sshd to do that. In fact I would be surprised if you logged in to the sshd running from chroot and retrieved results of whatever you left on screen using host's sshd.

Well, I just don't understand what the whole point is about, you seem to have done something much more complicated than you actually needed. Login, run screen, do whatever you need (including chroot) within screen session. If you're interrutped due to any reason, save for server gonig down, just run screen -D -R and carry on.
Back to top
View user's profile Send private message
turtles
Veteran
Veteran


Joined: 31 Dec 2004
Posts: 1341

PostPosted: Sun Jun 08, 2014 10:54 pm    Post subject: Reply with quote

szatox wrote:
Whad does screen have to do with sshd running from chroot?
Yes, you can have sshd listen on non-standard port
Yes, you can run sshd from withing chroot
Yes, you can use screen

But, if you use screen, and you logout or your connection drops or whatever, you can simply connect again to the very same sshd and once you log in run `screen -D -R` to force reattach to previous screen session. You don't need second sshd to do that. In fact I would be surprised if you logged in to the sshd running from chroot and retrieved results of whatever you left on screen using host's sshd.

Problem this solves for me:
A I was running a chroot right on top of an ssh login (no screen session), I lost connectivity and the ssh session closes and there was no way to re attach to the chroot.

B If I run a chroot from within screen I am only chrooted in that screen window.

C The screen may or may not be on the original box or may not be functional, the sshd on the Gentoo chroot will be more secure and upto date as the old nix box has something from 2006 with some failed updates.

szatox wrote:

Well, I just don't understand what the whole point is about, you seem to have done something much more complicated than you actually needed. Login, run screen, do whatever you need (including chroot) within screen session. If you're interrutped due to any reason, save for server gonig down, just run screen -D -R and carry on.

I was surprised I can run 2 sshd's on 1 kernel.
It is preferable for me to have several screen 'windows' inside the Gentoo chroot, and be able to access configs outside of the chroot I don't know how you can achieve this a simpler way? (but I am sure there is)

This is the scenario:
You have no working cd-drive, no usb boot in bios, limited access to the box (not much monitor/keybord time as its a server located in a difficult to reach area)
You do have a working old *nix that barely boots and a working grub legacy.
_________________
Donate to Gentoo
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum