Skeleton files

From securityrouter.org, an OpenBSD-based firewall
Revision as of 10:15, 2 October 2011 by Anders (talk | contribs) (Created page with "The appliance's configuration is normally defined only by it's configuration file. It's however possible to edit parameters not available in the configuration file by creatin...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The appliance's configuration is normally defined only by it's configuration file. It's however possible to edit parameters not available in the configuration file by creating so-called skeleton files.

Consider for example the SSH server. It is started by setting the system { ssh-server in the configuration. It can also be configured slightly by adding attributes, such as setting system { ssh-server { listen-address "10.0.0.1". The experienced BSD administrator realizes that the SSH server is in fact OpenSSH's sshd, and that even more advanced configuration should be possible. Yes, indeed.

Adding skeleton files

Follow these steps to create a skeleton configuration file for the SSH server.

  1. Activate root access if not already activated
  2. Create the file /cfg/skel/sshd_config by
 * Either, log in using SSH, and edit the file using your favorite editor (vi?)
 * Or, create the file on your computer, and upload it using SCP

List of skeleton files

These are the supported skeleton files, that will be used if existing.

File Description
/cfg/skel/sshd_config Configuration for the SSH server; OpenSSH's sshd
Elliptic curve DSA key for the SSH server; OpenSSH's sshd
DSA key for the SSH server; OpenSSH's sshd
RSA key for the SSH server; OpenSSH's sshd