at home server without screen blocked by bad ipfw conf -- live boot usb with sshd
Fabian Keil
freebsd-listen at fabiankeil.de
Sun Apr 2 11:29:31 UTC 2017
Orka Edison <orka.edison at ovh.fr> wrote:
> i brink my at home by a bad ipfw.rules...
>
> how can i créate an usb boot key with sshd for access to my server ?
> with an fixed IP and tools-box for repair my machine.
I use a script to adjust the UFS partition on an image
created by the "memstick" target after it has been copied
to the USB stick.
The relevant script content:
set -e -x
mount "${device}" /mnt/
[...]
mkdir -p /mnt/root/.ssh
echo 'ssh-ed25519 [...]' > /mnt/root/.ssh/authorized_keys
chmod -R go-rwx /mnt/root/.ssh
echo 'PermitRootLogin yes' >> /mnt/etc/ssh/sshd_config
echo 'ifconfig_re0=192.168.5.48' >> /mnt/etc/rc.conf
echo 'sshd_enable="YES"' >> /mnt/etc/rc.conf
sed -e 's at ro, at rw,@' -i.bak /mnt/etc/fstab
cat /mnt/etc/fstab
umount /mnt
You'll have to add your own public ssh key, adjust the rc.conf
modification and maybe add a default router if needed.
If you simply messed up the ipfw rules the memstick image
should contain everything you need to fix it.
If you are in a hurry and don't mind using unreproducible binaries
built by third parties you could download a memstick image from
freebsd.org instead of building it yourself.
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20170402/4b03b5d2/attachment.sig>
More information about the freebsd-hackers
mailing list