|
1 | 1 | ## Setup a chroot with a SSH server running on port 220 and ready to be 'ansiblized' |
2 | 2 |
|
3 | | -1. Create the chroot |
4 | | - 1. Launch 'sudo ./create_chroot.sh' (make sure you have debootstrap installed before) |
5 | | - 2. You will be prompted for the ubuntu distribution you want to create the chroot from |
6 | | - 3. Wait for it |
7 | | - 4. Congratulations, you have a chroot created in the chroot directory |
8 | | -2. Use the chroot |
9 | | - 1. Now there is a directory named chroots_dir/${distrib} |
10 | | - 1. The global structure is: |
11 | | - * chroot: contains the chroot |
12 | | - * chrootAnsible: contains all file to customize the chroot with ansible |
13 | | - * ansible contains the chroot.yml which is the parent yml file |
14 | | - * launch_chroot.sh |
15 | | - * stop_chroot.sh |
16 | | - |
17 | | - |
18 | | -If you execute ./launch_chroot.sh it will |
| 3 | +### Prerequisites ### |
| 4 | +In order for this to work, you must have: |
| 5 | +* debootstrap |
| 6 | +* python-jinja2 |
| 7 | +* python-yaml |
| 8 | + |
| 9 | +For ubuntu, you can copy/paste |
| 10 | +```bash |
| 11 | + sudo apt-get install debootstrap python-jinja2 python-yaml |
| 12 | +``` |
| 13 | + |
| 14 | +### Usage ### |
| 15 | +Execute ./launch_chroot.sh |
| 16 | + |
| 17 | +If you dont have a chroot initialized, you will be asked to chose which distribution you want to create the chroot from. |
| 18 | +At the end of the setup, ansible will be launched and your chroot configured |
| 19 | + |
| 20 | +#### What the script does #### |
| 21 | + |
19 | 22 | * mount /proc /dev /sys and /dev/pts |
20 | 23 | * launch the chroot and an ssh server |
21 | 24 | * put your ssh public key to the root folder of the chroot |
22 | 25 | * launch ansible |
| 26 | +* connect via ssh to the chroot |
| 27 | + |
| 28 | +#### Faq #### |
| 29 | +If you have something like that: |
| 30 | + @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ |
| 31 | + @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ |
| 32 | + @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ |
| 33 | + IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! |
| 34 | + Someone could be eavesdropping on you right now (man-in-the-middle attack)! |
| 35 | + It is also possible that a host key has just been changed. |
| 36 | + The fingerprint for the ECDSA key sent by the remote host is |
| 37 | + 58:45:5b:9f:c5:33:8d:15:45:2b:81:c9:b3:28:1c:39. |
| 38 | + Please contact your system administrator. |
| 39 | + Add correct host key in /home/yourhome/.ssh/known_hosts to get rid of this message. |
| 40 | + Offending ECDSA key in /home/yourhome/.ssh/known_hosts:13 |
| 41 | + remove with: ssh-keygen -f "/home/yourhome/.ssh/known_hosts" -R [127.0.0.1]:220 |
| 42 | + ECDSA host key for [127.0.0.1]:220 has changed and you have requested strict checking. |
| 43 | + Host key verification failed. |
23 | 44 |
|
24 | | -Once this is over, you have your prompt back and you can connect to the chroot by using 'ssh root@localhost -p 220'. |
| 45 | +it means that you probably had another system running on port 220. |
| 46 | +To get rid of this message, simply run the ssh-keygen command promped by the message. In my case, this will be 'ssh-keygen -f "/home/yourhome/.ssh/known_hosts" -R [127.0.0.1]:220', stop your chroot and launch it again. |
0 commit comments