DragonFly BSD
DragonFly bugs List (threaded) for 2010-09
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: can't use ssh from jail: debug1: read_passphrase: can't open /dev/tty: Device busy


From: Oliver Fromme <check+l9606t00rspw4z28@xxxxxxxxxx>
Date: 22 Sep 2010 20:36:13 GMT

I'm not sure how to properly respond to bug tracker issues.
I hope it's ok to just post a follow-up.

Simon 'corecode' Schubert <corecode@fs.ei.tum.de> wrote:
 > Simon 'corecode' Schubert wrote:
 > > When running ssh from a jail, I get:
 > 
 > This is using jexec to get into the jail.
 > 
 > > debug1: read_passphrase: can't open /dev/tty: Device busy

That's not a bug, it's the way jexec works.  jexec attaches
to an existing jail, but it cannot create a separate tty
within the jail.  jexec is still connected to the tty outside
of the jail, and according to jail rules it is not allowed to
modify anything outside of the jail.

This FreeBSD thread explains it:

http://lists.freebsd.org/pipermail/freebsd-jail/2007-October/000106.html

If you ssh into the jail instead of using jexec, sshd(8) will
allocate a tty for you which is completely inside the jail,
so you can use ssh without problems.

If you don't want to run sshd(8) inside the jail, there's a
small hack so it also works with jexec:  You can use script(1)
to allocate a tty:

host# jexec 1 /bin/sh
jail# script -qt0 /dev/null ssh user@somewhere
password: 

(In fact I have an alias intty="script -qt0 /dev/null" because
this is also useful to have in other situations.)

I think this issue can be close.

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]