Re: Issue with numbers of pty

2016-07-02 Thread Gabriel Nieto 
Stuart Henderson  spacehopper.org> writes:

> 
> On 2016-07-01, Gabriel N  gmail.com> wrote:
> > Open pty´s without limits is something I hope a long time ago. I use Authpf
> > for securing a large network and need to overcome the limit of 992 ptys . I
> > refuse to use FreeBSD to overcome this limit .
> 
> See PermitTTY in sshd_config(5).
> 
> 
Authpf does not work without pty (PermitTTY no) , but the question isn´t 
pty vs no pty.
PTY is Important for many reasons. It permit monitoring and controlling
terminal session . If you need a SSH server for thousands users and your
server hardware is powerful to bear it, this limit is a handicap.

Re: Issue with numbers of pty

2016-07-01 Thread Stuart Henderson 
On 2016-07-01, Gabriel N  wrote:
> Open pty´s without limits is something I hope a long time ago. I use Authpf
> for securing a large network and need to overcome the limit of 992 ptys . I
> refuse to use FreeBSD to overcome this limit .

See PermitTTY in sshd_config(5).

Re: Issue with numbers of pty

2016-07-01 Thread Gabriel N . 
Theo de Raadt  cvs.openbsd.org> writes:

> 
> > Todd C. Miller wrote:
> > > On Fri, 01 Jul 2016 10:50:24 -0400, "Ted Unangst" wrote:
> > > 
> > > > Stuart Henderson wrote:
> > > > > On 2016-06-30, Oriol Demaria  the-grid.xyz> wrote:
> > > > > > Trying tmuxinator here I have noticed that I ran out of pty,
according
> > > > > > to man pty(4) there is a kernel parameter specifiying the max
> > > > > > number. I'm running a snapshot from last Friday, and I don't seem to
> > > > > > have kern.tty.maxptys.
> > > > > 
> > > > > You probably just ran out of device nodes, the default (62) is a
bit small
> > > > > for some uses (often exhibited as not being able to open new
xterms), but y
> > > > ou
> > > > > can create more like this:
> > > > > 
> > > > > cd /dev
> > > > > sh MAKEDEV pty1
> > > > 
> > > > This shouldn't be a problem for software using openpty().
> > > 
> > > I don't think that is correct.  You still need to device nodes in
> > > /dev to exist.  Otherwise, the PTMGET ioctl will fail.
> > 
> > oh, my bad. I thought ptm would create the pty nodes as needed, but
apparently
> > not.
> 
> That would be a little strange.  Even just thinking of the first special case
> (chroot) makes me feel uneasy.
> 
> 

Open pty´s without limits is something I hope a long time ago. I use Authpf
for securing a large network and need to overcome the limit of 992 ptys . I
refuse to use FreeBSD to overcome this limit .
Thank you.

Re: Issue with numbers of pty

2016-07-01 Thread Theo de Raadt 
> Todd C. Miller wrote:
> > On Fri, 01 Jul 2016 10:50:24 -0400, "Ted Unangst" wrote:
> > 
> > > Stuart Henderson wrote:
> > > > On 2016-06-30, Oriol Demaria  wrote:
> > > > > Trying tmuxinator here I have noticed that I ran out of pty, according
> > > > > to man pty(4) there is a kernel parameter specifiying the max
> > > > > number. I'm running a snapshot from last Friday, and I don't seem to
> > > > > have kern.tty.maxptys.
> > > > 
> > > > You probably just ran out of device nodes, the default (62) is a bit 
> > > > small
> > > > for some uses (often exhibited as not being able to open new xterms), 
> > > > but y
> > > ou
> > > > can create more like this:
> > > > 
> > > > cd /dev
> > > > sh MAKEDEV pty1
> > > 
> > > This shouldn't be a problem for software using openpty().
> > 
> > I don't think that is correct.  You still need to device nodes in
> > /dev to exist.  Otherwise, the PTMGET ioctl will fail.
> 
> oh, my bad. I thought ptm would create the pty nodes as needed, but apparently
> not.

That would be a little strange.  Even just thinking of the first special case
(chroot) makes me feel uneasy.

Re: Issue with numbers of pty

2016-07-01 Thread Ted Unangst 
Todd C. Miller wrote:
> On Fri, 01 Jul 2016 10:50:24 -0400, "Ted Unangst" wrote:
> 
> > Stuart Henderson wrote:
> > > On 2016-06-30, Oriol Demaria  wrote:
> > > > Trying tmuxinator here I have noticed that I ran out of pty, according
> > > > to man pty(4) there is a kernel parameter specifiying the max
> > > > number. I'm running a snapshot from last Friday, and I don't seem to
> > > > have kern.tty.maxptys.
> > > 
> > > You probably just ran out of device nodes, the default (62) is a bit small
> > > for some uses (often exhibited as not being able to open new xterms), but 
> > > y
> > ou
> > > can create more like this:
> > > 
> > > cd /dev
> > > sh MAKEDEV pty1
> > 
> > This shouldn't be a problem for software using openpty().
> 
> I don't think that is correct.  You still need to device nodes in
> /dev to exist.  Otherwise, the PTMGET ioctl will fail.

oh, my bad. I thought ptm would create the pty nodes as needed, but apparently
not.

Re: Issue with numbers of pty

2016-07-01 Thread Todd C. Miller 
On Fri, 01 Jul 2016 10:50:24 -0400, "Ted Unangst" wrote:

> Stuart Henderson wrote:
> > On 2016-06-30, Oriol Demaria  wrote:
> > > Trying tmuxinator here I have noticed that I ran out of pty, according
> > > to man pty(4) there is a kernel parameter specifiying the max
> > > number. I'm running a snapshot from last Friday, and I don't seem to
> > > have kern.tty.maxptys.
> > 
> > You probably just ran out of device nodes, the default (62) is a bit small
> > for some uses (often exhibited as not being able to open new xterms), but y
> ou
> > can create more like this:
> > 
> > cd /dev
> > sh MAKEDEV pty1
> 
> This shouldn't be a problem for software using openpty().

I don't think that is correct.  You still need to device nodes in
/dev to exist.  Otherwise, the PTMGET ioctl will fail.

 - todd

Re: Issue with numbers of pty

2016-07-01 Thread Ted Unangst 
Stuart Henderson wrote:
> On 2016-06-30, Oriol Demaria  wrote:
> > Trying tmuxinator here I have noticed that I ran out of pty, according
> > to man pty(4) there is a kernel parameter specifiying the max
> > number. I'm running a snapshot from last Friday, and I don't seem to
> > have kern.tty.maxptys.
> 
> You probably just ran out of device nodes, the default (62) is a bit small
> for some uses (often exhibited as not being able to open new xterms), but you
> can create more like this:
> 
> cd /dev
> sh MAKEDEV pty1

This shouldn't be a problem for software using openpty().

Re: Issue with numbers of pty

2016-07-01 Thread Oriol Demaria 
Yes, that was the issue. Thank you very much :)

Stuart Henderson  writes:

> On 2016-06-30, Oriol Demaria  wrote:
>> Trying tmuxinator here I have noticed that I ran out of pty, according
>> to man pty(4) there is a kernel parameter specifiying the max
>> number. I'm running a snapshot from last Friday, and I don't seem to
>> have kern.tty.maxptys.
>
> You probably just ran out of device nodes, the default (62) is a bit small
> for some uses (often exhibited as not being able to open new xterms), but you
> can create more like this:
>
> cd /dev
> sh MAKEDEV pty1
>
> If you need even more, you can do pty2,...pty15, you get 62 for each number
> (0 is /dev/ptyp[0-9a-zA-Z], 1 is ptyq*, etc).


-- 
Oriol Demaria
0x58415679

Re: Issue with numbers of pty

2016-07-01 Thread Stuart Henderson 
On 2016-06-30, Oriol Demaria  wrote:
> Trying tmuxinator here I have noticed that I ran out of pty, according
> to man pty(4) there is a kernel parameter specifiying the max
> number. I'm running a snapshot from last Friday, and I don't seem to
> have kern.tty.maxptys.

You probably just ran out of device nodes, the default (62) is a bit small
for some uses (often exhibited as not being able to open new xterms), but you
can create more like this:

cd /dev
sh MAKEDEV pty1

If you need even more, you can do pty2,...pty15, you get 62 for each number
(0 is /dev/ptyp[0-9a-zA-Z], 1 is ptyq*, etc).

Re: Issue with numbers of pty

2016-06-30 Thread Ted Unangst 
Oriol Demaria wrote:
> Trying tmuxinator here I have noticed that I ran out of pty, according
> to man pty(4) there is a kernel parameter specifiying the max
> number. I'm running a snapshot from last Friday, and I don't seem to
> have kern.tty.maxptys.
> 
> Is this a documentation error? Or that setting is not the one to look
> for?

The sysctl was removed. The maximum is 992 and does not change.

Issue with numbers of pty

2016-06-30 Thread Oriol Demaria 
Trying tmuxinator here I have noticed that I ran out of pty, according
to man pty(4) there is a kernel parameter specifiying the max
number. I'm running a snapshot from last Friday, and I don't seem to
have kern.tty.maxptys.

Is this a documentation error? Or that setting is not the one to look
for?

Thanks in advance.

-- 
Oriol Demaria
0x58415679