- Schedule Thursday

- Schedule Friday

- Schedule Saturday

- Schedule Sunday

- Call For Papers







Travel & Accommodation


Spread the Word


Single User Secure Shell

Adrian Steinmann

Unix systems traditionally do integrity checks and other initialization before bringing up network services. An error during those first few steps can cause the machine to hang in 'single user', awaiting input at the physical console.

In this talk, we describe how a 'Secure Shell Maintenance RAMdisk Environment' can be built and launched very early in the boot process. The environment can be used remotely for operation system installs and upgrades or to fix a problem when the machine is stuck in single user mode. Further, system administration tasks like repartitioning a system harddisk or transferring filesystems onto a RAID device can also be performed remotely.

The talk will show how the standard 'crunchgen' utility is applied to build a small maintenance RAMdisk which supports Secure Shell as well as run-time loading for GEOM class commands like 'gmirror', 'graid3', and 'gstripe'.

The RAMdisk environment can be customized per machine via a configuration file which is read by the boot loader. As the system boots, one of the first operations is to configure networking and the Secure Shell daemon in a preloaded RAMdisk, even before the root filesystem is checked.

By adding only 3MB to the /boot/ FreeBSD hierarchy, small systems with only compact flash devices become as manageable as full-fledged systems. In fact, this method has already been in use for a number of years to upgrade remote managed FreeBSD firewall systems from one release to the next.

Please note that there is also a tutorial covering this subject on Friday.

About the Author

Adrian Steinmann earned a Ph.D. in Mathematical Physics from Swiss Federal Institute of Technology in Zurich and has over 15 years experience as consultant and software developer. He has been working on FreeBSD since 1993 (version 1.0) and since 1997 he maintains and develops the base system of STYX, a remote managed firewall. He is fluent in Perl, C, English, German, Italian, and has passion and flair for finding simple solutions to intricate problems. During his free time, he likes to play Go, to hike, and to sculpt.

Copyright © 2005 by EuroBSDCon 2005. All rights reserved.