<p>Without doing some experimentation, I can't tell you exactly what to do, but basically you need a minimal /dev there. Leave out block devices and so forth so that the environment is (relatively) secure, but note that chroot jails can be easily broken out of. </p>
<p>Also, as an aside; telnet doesn't have to be insecure. If memory serves, it is possible to use Kerberos with Telnet so long as both client and server support it, for both confidentiality and authentication. </p>
<div class="gmail_quote">On Aug 17, 2012 8:32 PM, "Ted W" <<a href="mailto:ted@techmachine.net">ted@techmachine.net</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
So, before anyone gets up in arms about telnet being a bad idea (I've had this lecture already, can you tell!?), I am setting this up as an educational exercise. This VM is running on an isolated virtual network, etc, etc, yada, yada.<br>
<br>
I'm trying to accomplish something similar to ssh chroot but using telnet. The server is running Slackware Linux. I've get xinetd installed and have the following in /etc/xinetd.d/telnet-server:<br>
<br>
service telnet<br>
{<br>
socket_type = stream<br>
protocol = tcp<br>
wait = no<br>
disable = no<br>
user = root<br>
port = 23<br>
server = /usr/bin/chroot<br>
server_args = /chroot /usr/sbin/in.telnetd -h<br>
flags = NORETRY<br>
instances = 32<br>
per_source = 2<br>
cps = 5 10<br>
max_load = 2<br>
nice = 10<br>
}<br>
<br>
xinetd starts without issue, however, whenever I try to connect to my server over telnet I get a message saying that there are no available connections and am booted out of the system. From the research I've done it seems it's because the chroot environment is missing /dev/pty*, /dev/pts* (one or both of those, not quite sure). This is where I hit a dead end, however. I found how to create /dev/null and /dev/zero using mknod and I believe I may have to do the same for these but I'm not exactly sure what.<br>
<br>
If someone could point me in the right direction I would be greatly appreciative. I've got everything I need setup for this over ssh but I need telnet so I can listen in on the communication between the client and server.<br>
<br>
Thanks in advance,<br>
--<br>
Ted W. < Ted@Techmachine.net ><br>
Registered GNU/Linux user #413569<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div>