how to run dropbear on a system with a R/O /dev?

Robert P. J. Day rpjday at crashcourse.ca
Tue Dec 23 23:19:39 WST 2008 

On Tue, 23 Dec 2008, Matt Johnston wrote:

> On Mon, Dec 22, 2008 at 10:51:26AM -0500, Robert P. J. Day wrote:
> > > We do have /dev/pts mounted, that may or may not make a
> > > difference (didn't check the code).
> >
> >   i may do that at the earliest possible opportunity, but here's
> > what's happening.  certainly, without mounting /dev/pts, i expect
> > a login failure since all of /dev is read-only.
> >
> >   however, after i mount /dev/pts RW, i can see that i have two
> > char device files under there:  /dev/pts[01].  and i've verified i
> > can change their permissions with "chmod".  so that's a good sign
> > -- that the contents under /dev/pts are modifiable, at least to
> > that extent.
> >
> >   however, when i try to ssh into that system from elsewhere and i
> > watch the destination system /var/log/messages, i can see that the
> > password authentication succeeds, after which i get an
> > authpriv.warn log message complaining about
> > syslogin_perform_logout: logout(pts/2) returned an error: No such
> > file or directory
>
> Devices in /dev/pts get "automatically" created by the
> openpty() call made by Dropbear - you don't create files
> there yourself.

  here's the first issue.  when i'm connecting to a system that has
its root FS mounted via NFS, i can connect one of two ways.  if i
connect using busybox's telnetd running on the system, "tty" shows me
that telnetd uses one of the /dev/pts/ tty devices.  if, however, i
connect to dropbear using "ssh", "tty" shows me that dropbear used one
of the /dev/ttyp? devices.  what does this mean?  that dropbear will
try to use one of those types, then the other if none are available?
or what?

  i ask since you mentioned /dev/pts specifically above, but that's
not the device file that dropbear is using here.  and that could make
a huge difference in what happens later.

rday
--

========================================================================
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry:
    Have classroom, will lecture.

http://crashcourse.ca                          Waterloo, Ontario, CANADA
========================================================================

More information about the Dropbear mailing list