Create this jail to permit to test rocket.chat based on the Meteor framework.
rocket.chat repo
meteor repo
Description
Description
Related Objects
Related Objects
Event Timeline
Comment Actions
DNS configuration
uncle-slovius.nasqueron.org. 86400 IN CNAME app1.nasqueron.org.
This is a good candidate for Drake network too:
172.27.26.35 PTR uncle-slovius.nasqueron.drake uncle-slovius.nasqueron.drake A 172.27.26.35
Comment Actions
Ports assign
Range 35000-35999 is reserved for Uncle Slovius jail.
Jail creation
$ ezjail-admin create uncle-slovius.nasqueron.org 'em0|172.27.26.35, em0|212.83.187.132' [ The usual warnings about services listening to these IPs, like nginx *:80 ] $ ezjail-admin start uncle-slovius.nasqueron.org Starting jails: uncle-slovius.nasqueron.org. /etc/rc.d/jail: WARNING: Per-jail configuration via jail_* variables is obsolete. Please consider to migrate to /etc/jail.conf.
Root and initial user account
$ jexec 5 csh $ passwd $ adduser Username: amj Full name: Amaury J. Uid (Leave empty for default): Login group [amj]: Login group is amj. Invite amj into other groups? []: wheel Login class [default]: Shell (sh csh tcsh nologin) [sh]: Home directory [/home/amj]: Home directory permissions (Leave empty for default): Use password-based authentication? [yes]: no Lock out the account after creation? [no]: Username : amj Password : <disabled> Full Name : Amaury J. Uid : 1001 Class : Groups : amj wheel Home : /home/amj Home Mode : Shell : /bin/sh Locked : no OK? (yes/no): yes adduser: INFO: Successfully added (amj) to the user database. Add another user? (yes/no): no Goodbye! $ mkdir -m 700 ~amj/.ssh $ fetch -o ~amj/.ssh/authorized_keys http://… $ chown -R amj ~amj/.ssh
Root password is stored in K58.
Run SSH server
$ cat >> /etc/rc.conf sshd_enable="YES" $ $EDITOR /etc/ssh/sshd_config # Changed the port to 35022 $ /etc/rc.d/sshd start Generating RSA1 host key. 2048 35:a3:9b:b2:07:99:29:fb:56:f0:46:31:a3:6a:ac:db root@uncle-slovius.nasqueron.org (RSA1) Generating RSA host key. 2048 46:ca:24:a0:4e:93:a3:9e:10:a6:1a:68:20:b2:69:ee root@uncle-slovius.nasqueron.org (RSA) Generating DSA host key. 1024 c0:1f:11:5e:21:1c:14:30:53:9d:a6:ec:2d:5b:f5:38 root@uncle-slovius.nasqueron.org (DSA) Generating ECDSA host key. 256 c8:d0:63:30:51:12:56:69:1c:f0:27:ee:9a:07:b5:a4 root@uncle-slovius.nasqueron.org (ECDSA) Performing sanity check on sshd configuration. Starting sshd.
Okay, jail created and operational.
Should be reachable from Ysul through ssh -p 35022 172.27.26.35.
Edit /etc/sshd/sshd_config if you need it to be world reachable, you can listen to public IP too from the jail.
Comment Actions
Okay network modified to use Ysul public IPs, not private IP.
So you can SSH to uncle-slovius.nasqueron.org port 35022.
$ jls | grep slovius 3 212.83.187.132 uncle-slovius.nasqueron.org /usr/local/jails/uncle-slovius.nasqueron.org
DNS configuration
DNS weren't configured by the way.
$ jexec 3 csh $ host www.perdu.com ;; connection timed out; no servers could be reached $ cat /etc/resolv.conf cat: /etc/resolv.conf: No such file or directory $ cat > /etc/resolv.conf nameserver 4.2.2.1 nameserver 4.2.2.3 ^D $ host www.perdu.com www.perdu.com has address 208.97.177.124