From owner-freebsd-questions@FreeBSD.ORG Mon Apr 14 07:38:53 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6C8538E7 for ; Mon, 14 Apr 2014 07:38:53 +0000 (UTC) Received: from mail.cyberleo.net (mtumishi.cyberleo.net [216.226.128.201]) by mx1.freebsd.org (Postfix) with ESMTP id 49A421CEA for ; Mon, 14 Apr 2014 07:38:53 +0000 (UTC) Received: from [172.16.44.4] (vitani.den.cyberleo.net [216.80.73.130]) by mail.cyberleo.net (Postfix) with ESMTPSA id 9BC3760F1; Mon, 14 Apr 2014 03:38:43 -0400 (EDT) Message-ID: <534B9085.4010300@cyberleo.net> Date: Mon, 14 Apr 2014 02:38:45 -0500 From: CyberLeo Kitsana User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 MIME-Version: 1.0 To: tyler@tysdomain.com, freebsd-questions@freebsd.org Subject: Re: numerous questions: ssh and jails, installation with YASR support, migration, and development References: <534B24D0.8050903@tysdomain.com> In-Reply-To: <534B24D0.8050903@tysdomain.com> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 07:38:53 -0000 On 04/13/2014 06:59 PM, Littlefield, Tyler wrote: > Hello all: > I had a few questions. I'm sorry for the long email, but I wanted to > lump them all together so I wasn't sending 90 emails. > > 1) I have a bunch of different jails configured on my BSD system. right > now I have PF doing RDR from port 30000+ to the port on the internal > jail IP. Obviously having 90 different ssh ports is a bit messy, is > there a way around this? Can I somehow set up SSH on the host to let me > log into the jail provided a username and password? Not that I've found yet. It might be a good idea to reconsider why you need all 90+ jails to be directly accessible via SSH in the first place. If you're on the same LAN as the host, you might be able to give each jail its own IP address, and just use those. Other options are the use of a VPN to grant you an IP in the jails' private subnet, or to use a locked down jail as a jump box into that subnet. A lot of the more specialized jails I run don't even have sshd running; I just use jexec to hop into them whenever necessary. > 3) I'm starting to migrate my Linode services over to BSD. Is there a > way using DNS to migrate web first, then mail? I don't want to shut > everything off until I can move web over, make sure it works then move > mail. Is there a failsafe solution in case my postfix is broken for the > mail to fallback to the Linux server? How have people done this in the > past? Read up on the DNS MX RRtype for details on how to direct mail for a domain to dedicated machines. > 4) I would really like to start contributing code and patches to > FreeBSD. As of right now, I don't have a bsd system at home that I can > reinstall and upgrade without having to worry about breaking things. Is > there perhaps a way to do an installation over SSH or something so that > I can install FreeBSD in a vm? What do people use for development > systems? I thought about buying a cheap $10 server from Arpnetworks, but > money is a bit tight at the moment for me. Virtual machines work great for development, as long as you're not developing hardware drivers. Whatever you choose, just keep in mind that, when hacking the operating system itself, at some point you will probably break things to an extent that will require console access, if not a live CD, to correct. Using a machine for which you have naught but SSH access is risky. -- Fuzzy love, -CyberLeo Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net Furry Peace! - http://www.fur.com/peace/