> The main work has been to create a script that "upgrades" (not everybody
> will agree this is an upgrade :-)) a m0n0wall iso image with this module,
> sshd and related files and some executables (tcpdump, grep, vi, ...)
> that allows you to do something useful with that ssh access.
> The script does the following:
> - Unpacks the iso
> - Unpacks the mfsroot filesystem to a new, bigger, mfsroot filesystem
> - Updates mfsroot with sshd and other FreeBSD files
> - Creates an sshd_config file that's a copy of the default FreeBSD
> sshd_config with one modification: it has: PermitRootLogin yes
> - Generates ssh host key files, if not present yet (they are preserved
> between runs of the script)
> - Creates the one-and-only-module-file: /etc/inc/ext/ssh/rc
> - Adds group sshd and login sshd to the m0nowall group and passwd databases
> - Creates a new iso image
Perhaps you could take a look at the script I did for the OpenVPN module and
see how that differs from yours. I would be very interested in creating a
generic 'package manager' type approach to build a modified m0n0 image for
any module. If we do a good job, we may even be able to pursuade Manuel to
put it into the standard distro so that it can be run from the CF, rather
than having to modify the image directly.
Dinesh (I think it was) suggested a way of doing this a few days ago.
One big question on this SSH stuff is how big it is? Are you basing it on
OpenSSH (which ISTR is BIG) or an alternative. There was mention of a small
SSH implementation on the Soekris-tech list a few days ago?
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.