No controlling tty - BSD

This is a discussion on No controlling tty - BSD ; I have a "turnkey" OpenBSD 3.1 system on an i386 box running as a firewall. (It's turnkey in the sense that it's supported by someone else for such things as patches and OS upgrades and at present, it's stuck at ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: No controlling tty

  1. No controlling tty

    I have a "turnkey" OpenBSD 3.1 system on an i386 box running as a
    firewall. (It's turnkey in the sense that it's supported by someone else for
    such things as patches and OS upgrades and at present, it's stuck at v3.1 of
    the OS.) I'm in the configuration phase right now, so it's not hooked up to a
    network. I would still like to access it remotely, so I figured I could
    connect it's serial port to a PC (which is connected to the 'net) running
    Windows XP Pro, start a Remote Desktop session to the PC, then open a terminal
    emulation program to communicate with the firewall via the serial port. To
    this end, I've been trying to enable the firewall's serial port as a simple
    login port (in addition to the console interface). I tried specifying...

    tty00 "/usr/libexec/getty std.9600" vt220 on secure

    ....in /etc/ttys, but it wasn't functional. I modified the device name to
    "cua00" after locating suggestions to try this via Google, and now I get a
    login prompt on the serial port. After logging in, though, the following
    appears:

    sh: No controlling tty (open /dev/tty: Device busy)
    sh: warning: won't have full job control

    This essentially renders the connection unusable for full-screen editing,
    using the `more' (or `less') command(s), etc. Is there any way around this,
    or will I have to live with direct console access until I actually get the
    system going on the network? I may have a use for this functionality even
    after the firewall is installed on the network, so if I can get it to work
    properly now, all the better.

    Thanks,
    Mike
    --
    | Systems Specialist: CBE,MSE
    Michael T. Davis | Departmental Networking/Computing
    http://www.ecr6.ohio-state.edu/~davism/ | The Ohio State University
    | 197 Watts, (614) 292-6928

  2. Re: No controlling tty

    Michael T. Davis wrote:

    > I have a "turnkey" OpenBSD 3.1 system on an i386 box running as a
    > firewall. (It's turnkey in the sense that it's supported by someone else
    > for such things as patches and OS upgrades and at present, it's stuck at
    > v3.1 of
    > the OS.) I'm in the configuration phase right now, so it's not hooked up
    > to a
    > network. I would still like to access it remotely, so I figured I could
    > connect it's serial port to a PC (which is connected to the 'net) running
    > Windows XP Pro, start a Remote Desktop session to the PC, then open a
    > terminal
    >


    Can we assume you have a special reason for not using SSH ? That's how I
    access all of the boxes I support.

  3. Re: No controlling tty


    In article , Keith Matthews
    writes:

    >Michael T. Davis wrote:
    >
    >> I have a "turnkey" OpenBSD 3.1 system on an i386 box running as a
    >> firewall. (It's turnkey in the sense that it's supported by someone else
    >> for such things as patches and OS upgrades and at present, it's stuck at
    >> v3.1 of
    >> the OS.) I'm in the configuration phase right now, so it's not hooked up
    >> to a
    >> network. I would still like to access it remotely, so I figured I could
    >> connect it's serial port to a PC (which is connected to the 'net) running
    >> Windows XP Pro, start a Remote Desktop session to the PC, then open a
    >> terminal
    >>

    >
    >Can we assume you have a special reason for not using SSH ? That's how I
    >access all of the boxes I support.


    ...Because the system is not currently attached to a network. If you
    might be suggesting to initiate a ssh connection to localhost immediately
    after logging in via the serial port, that doesn't work either; I get "Host
    key verification failed." SSH will be the preferred connection mechanism once
    the system is placed in production.

    Regards,
    Mike
    --
    | Systems Specialist: CBE,MSE
    Michael T. Davis | Departmental Networking/Computing
    http://www.ecr6.ohio-state.edu/~davism/ | The Ohio State University
    | 197 Watts, (614) 292-6928

  4. Re: No controlling tty

    In article ,
    Michael T. Davis wrote:
    > ...Because the system is not currently attached to a network. If you
    >might be suggesting to initiate a ssh connection to localhost immediately
    >after logging in via the serial port, that doesn't work either; I get "Host
    >key verification failed." SSH will be the preferred connection mechanism once
    >the system is placed in production.


    Do not place an OpenBSD 3.1 system in production.

    This system is about 4 years old, and runs an OS which is by now thoroughly
    unsupported. I don't know the guy who pretends to support it, but it seems
    pretty incredible to me. There have been nasty bugs, and local holes, and
    remote holes in many applications you may have running on that box since
    OpenBSD 3.1 came out...

  5. Re: No controlling tty


    In article , espie@lain.home (Marc Espie)
    writes:

    >In article ,
    >Michael T. Davis wrote:
    >> ...Because the system is not currently attached to a network. If you
    >>might be suggesting to initiate a ssh connection to localhost immediately
    >>after logging in via the serial port, that doesn't work either; I get "Host
    >>key verification failed." SSH will be the preferred connection mechanism

    > once
    >>the system is placed in production.

    >
    >Do not place an OpenBSD 3.1 system in production.
    >
    >This system is about 4 years old, and runs an OS which is by now thoroughly
    >unsupported. I don't know the guy who pretends to support it, but it seems
    >pretty incredible to me. There have been nasty bugs, and local holes, and
    >remote holes in many applications you may have running on that box since
    >OpenBSD 3.1 came out...


    FWIW, the system is quite stripped down from even a base install,
    so that it can fit on a 64MB Flash card and then load and run on a RAMdisk.
    Holes are patched when necessary, and of course most holes don't exist by
    virtue of the lack of most applications and/or services that would normally
    be running. root access is strictly controlled, and the root account is the
    only real account on the system.

    Basically what I have is all I'm going to get. As such, I need to
    get the original question answered and leave discussions as to what version
    I should(n't) be running for another time.

    Thanks,
    Mike
    --
    | Systems Specialist: CBE,MSE
    Michael T. Davis | Departmental Networking/Computing
    http://www.ecr6.ohio-state.edu/~davism/ | The Ohio State University
    | 197 Watts, (614) 292-6928

  6. Re: No controlling tty

    In article ,
    Michael T. Davis wrote:
    >
    >In article , espie@lain.home (Marc Espie)
    >writes:


    >>In article ,
    >>Michael T. Davis wrote:
    >>> ...Because the system is not currently attached to a network. If you
    >>>might be suggesting to initiate a ssh connection to localhost immediately
    >>>after logging in via the serial port, that doesn't work either; I get "Host
    >>>key verification failed." SSH will be the preferred connection mechanism

    >> once
    >>>the system is placed in production.


    >>Do not place an OpenBSD 3.1 system in production.


    >>This system is about 4 years old, and runs an OS which is by now thoroughly
    >>unsupported. I don't know the guy who pretends to support it, but it seems
    >>pretty incredible to me. There have been nasty bugs, and local holes, and
    >>remote holes in many applications you may have running on that box since
    >>OpenBSD 3.1 came out...


    > FWIW, the system is quite stripped down from even a base install,
    >so that it can fit on a 64MB Flash card and then load and run on a RAMdisk.
    >Holes are patched when necessary, and of course most holes don't exist by
    >virtue of the lack of most applications and/or services that would normally
    >be running. root access is strictly controlled, and the root account is the
    >only real account on the system.



    There are ways to build stripped down OpenBSD systems for a flashcard
    that adapt quite nicely to recent versions (flashdist comes to mind).
    In fact, I run one such system on my soekris, and I update it reasonably
    frequently.


    > Basically what I have is all I'm going to get. As such, I need to
    >get the original question answered and leave discussions as to what version
    >I should(n't) be running for another time.


    Well, it's really difficult to actually answer your question in a useful
    way. *a lot* of things changed since 3.1 (I don't think there was any
    bsd_auth at the time, for instance), so anything I'm going to look at
    is probably going to be a waste of time.

    Anyways, /etc/ttys is the file that more or less controls what runs on
    whichever line.

    If you want to be able to login on a serial line, this usually looks like

    # root login on serial port 0 at 19600 baud
    /dev/tty00 "/usr/libexec/getty std.19600" vt100 on secure


    at least on a recent OpenBSD system. No idea if that changed over the
    last 4 years...

    And in case somebody else is listening, what Michael T.Davis wants to
    do here is a really bad idea. Do not ever consider putting a 4 years old
    OpenBSD system into production.

  7. Re: No controlling tty


    In article , espie@lain.home (Marc Espie)
    writes:

    >In article ,
    >Michael T. Davis wrote:
    >>
    >>In article , espie@lain.home (Marc Espie)
    >>writes:

    >
    >>>In article ,
    >>>Michael T. Davis wrote:
    >>>> ...Because the system is not currently attached to a network. If you
    >>>>might be suggesting to initiate a ssh connection to localhost immediately
    >>>>after logging in via the serial port, that doesn't work either; I get "Host
    >>>>key verification failed." SSH will be the preferred connection mechanism
    >>> once
    >>>>the system is placed in production.

    >[...]
    >
    >Anyways, /etc/ttys is the file that more or less controls what runs on
    >whichever line.
    >
    >If you want to be able to login on a serial line, this usually looks like
    >
    > # root login on serial port 0 at 19600 baud
    > /dev/tty00 "/usr/libexec/getty std.19600" vt100 on secure
    >
    >
    >at least on a recent OpenBSD system. No idea if that changed over the
    >last 4 years...


    It turns out the following in /etc/ttys did the trick:

    tty00 "/usr/libexec/getty std.9600" vt220 on secure softcar

    In particular, the "softcar" seemed to be the clincher. After this
    modification...

    # ttyflags -a
    # kill -HUP 1

    >
    >And in case somebody else is listening, what Michael T.Davis wants to
    >do here is a really bad idea. Do not ever consider putting a 4 years old
    >OpenBSD system into production.


    I couldn't agree more. Unfortunately, I'm dealing with politics and
    perhaps a sense of "something is better than nothing." If I had my way, we'd
    be running the most recent stable release of OpenBSD and it would be maintained
    fanatically. If nothing else, perhaps my /etc/ttys contribution will help
    someone else in a similar pickle.

    Regards,
    Mike
    --
    | Systems Specialist: CBE,MSE
    Michael T. Davis | Departmental Networking/Computing
    http://www.ecr6.ohio-state.edu/~davism/ | The Ohio State University
    | 197 Watts, (614) 292-6928

+ Reply to Thread