And what is your opinion of people who run sshd on non-standard poorts? I recently had to smack one of my guys for that momentary brilliance.
On 7/12/10, Corey <clinge...@gmail.com> wrote: > On 07/11/2010 06:31 PM, Peter Bako wrote: >> I'm setting up (well, trying to I guess :-) ) a read-only OpenBSD system >> to >> run off a small CF card. Never having done this before, I found an >> excellent article written by Daniele Mazzocchio >> (http://www.kernel-panic.it/openbsd/embedded/) to use as my guide. I had >> a >> few minor issues crop up, but have been able to work my way through them. >> However I finally got to one that I am stumped with. >> >> Basically once I boot of my new image, I am able to log into it on the >> serial console and things look ok. I can also ping the IP address of the >> unit, but when I try to SSH into it I get the following message: >> >> "Server refused to allocate pty" >> >> I've checked over my setup and all seems fine as per the instructions. I >> have all the pty* devices from /dev (which is RO) linked to /var/run/dev >> (which is in memory), so the problem cannot be that these devices are not >> writeable. (Actually /var is linked to /tmp/var, where the /tmp directory >> is in memory and populated by the image from a directory called >> /template.) >> >> Unfortunately this goes a bit beyond my current skill set, so if anyone >> has >> any suggestions I really would appreciate the help. >> >> BTW, in case it matters. I'm using OpenBSD 4.6 as both the host on which >> I >> setup the image and OS on the CF card. The card in question is a 64M >> SanDisk CF and is being plugged into a Soekris Net4801 box. None of these >> should make a difference, but you never know... :-) >> >> Thanks, >> Peter >> > You probably need your entire /dev directory in memory. It worked that > way for me. > > But I'll tell you something from my own experience: I got this whole > RO-flash, RW-on-MFS thing working on a Soekris net5501, but it was a big > hassle -- a hassle that I would have to repeat on every upgrade. I > started with the link you mentioned, plus several others, and still had > to work through several more issues myself (I had read plenty of, shall > we say, admonitions on this list about not doing what I was trying to > do, so I decided I needed to fix everything myself :). Some of those > issues didn't rear their ugly heads until several days after the initial > install. > > After much suffering, and reading this list and the experiences of many > folks getting reasonable life out of modern CF cards (at least > comparable to hard disks), I decided that a standard OpenBSD install was > the way to go. On my next snapshot install I did exactly that; it went > much more smoothly. The only real reason to do the RO-flash setup is to > make the device "unpluggable with impunity", i.e., it will not have > corrupt filesystems after a non-orderly shutdown (but you may of course > still lose data on the MFS). For me, unless I was making and selling > these things to the unwashed public, even that is not worth the hassle > of the RO-flash setup. CF cards are cheaper than my time. If you want > to do it for the learning experience alone, then OK, but be prepared to > do it mostly, if not all, yourself. And once you do, or once you do an > upgrade, I suspect you will want to go back to a standard install. > > My $2.98 US, FWIW. > > Corey > > -- Sent from my mobile device http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=30v_g83VHK4
