numerous questions: ssh and jails, installation with YASR support, migration, and development

CyberLeo Kitsana cyberleo at
Mon Apr 14 07:38:53 UTC 2014

On 04/13/2014 06:59 PM, Littlefield, Tyler wrote:
> Hello all:
> I had a few questions. I'm sorry for the long email, but I wanted to
> lump them all together so I wasn't sending 90 emails.
> 1) I have a bunch of different jails configured on my BSD system. right
> now I have PF doing RDR from port 30000+ to the port on the internal
> jail IP. Obviously having 90 different ssh ports is a bit messy, is
> there a way around this? Can I somehow set up SSH on the host to let me
> log into the jail provided a username and password?

Not that I've found yet. It might be a good idea to reconsider why you
need all 90+ jails to be directly accessible via SSH in the first place.
If you're on the same LAN as the host, you might be able to give each
jail its own IP address, and just use those. Other options are the use
of a VPN to grant you an IP in the jails' private subnet, or to use a
locked down jail as a jump box into that subnet.

A lot of the more specialized jails I run don't even have sshd running;
I just use jexec to hop into them whenever necessary.


> 3) I'm starting to migrate my Linode services over to BSD. Is there a
> way using DNS to migrate web first, then mail? I don't want to shut
> everything off until I can move web over, make sure it works then move
> mail. Is there a failsafe solution in case my postfix is broken for the
> mail to fallback to the Linux server? How have people done this in the
> past?

Read up on the DNS MX RRtype for details on how to direct mail for a
domain to dedicated machines.

> 4) I would really like to start contributing code and patches to
> FreeBSD. As of right now, I don't have a bsd system at home that I can
> reinstall and upgrade without having to worry about breaking things. Is
> there perhaps a way to do an installation over SSH or something so that
> I can install FreeBSD in a vm? What do people use for development
> systems? I thought about buying a cheap $10 server from Arpnetworks, but
> money is a bit tight at the moment for me.

Virtual machines work great for development, as long as you're not
developing hardware drivers.

Whatever you choose, just keep in mind that, when hacking the operating
system itself, at some point you will probably break things to an extent
that will require console access, if not a live CD, to correct. Using a
machine for which you have naught but SSH access is risky.

Fuzzy love,
Technical Administrator
CyberLeo.Net Webhosting
<CyberLeo at CyberLeo.Net>

Furry Peace! -

More information about the freebsd-questions mailing list