Configuring FreeBSD Jails: Difference between revisions

From ZS64
Jump to navigationJump to search
No edit summary
(Translate, wiki)
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
In dieser Seite sollten wir kleine Anmerkungen versenken wenn wir an Daemons rumspielen so dass man hinterher weiss weshalb was gemacht wurde.
After creating a jail in FreeBSD, the default configuration of many subsystems should be adapted to better suit the restrictions in a jail.


==sshd==
Normally, sshd will create X11 connections on the localhost host address only to improve security. Since jails don't have a loopback address, X11 forwarding only works if sshd uses a wildcard bind for the X11 connections.


 
In /etc/ssh/sshd_config, add:
------
X11UseLocalhost no
 
sshd
----
 
In Jails muss man
 
X11UseLocalhost yes (default) ->
X11UseLocalhost no
 
haben. Ansonsten geht das X11-forwarding nicht (die localhost Einstellung zerhaut den xauth mechanismus in einem Jail).

Latest revision as of 18:34, 5 September 2006

After creating a jail in FreeBSD, the default configuration of many subsystems should be adapted to better suit the restrictions in a jail.

sshd

Normally, sshd will create X11 connections on the localhost host address only to improve security. Since jails don't have a loopback address, X11 forwarding only works if sshd uses a wildcard bind for the X11 connections.

In /etc/ssh/sshd_config, add:

X11UseLocalhost no