/etc/ttys
The /etc/ttys file configures terminal devices attached to the system. You can enable, disable, and manage physical terminals here. "Physical terminals" are either on the keyboard and monitor attached to the computer or on a console over a serial line. Historically, a UNIX terminal device resembled a teletype; that's where the "tty" label comes from. You'll see all sorts of UNIX architectural decisions that descend from this bit of trivia. Each of these attached terminal devices can be configured differently through /etc/ttys.
Terminal Types
You'll see a few different sorts of terminal devices in /etc/ttys: the console, keyboard and mouse console, serial ports, and pseudo-terminals. The console is where console error messages are sent and where the system can be managed during boot. It's usually sent to the keyboard and mouse console, although you can send it out the serial port instead. The console uses the device node of /dev/console.
The standard keyboard and mouse are usually called the "console," but that term isn't strictly correct — the console is an abstraction that just usually happens to be pointing at your physical keyboard. On the i386 architecture, OpenBSD supports several multiple virtual consoles. If you hit CTRL-ALT-F2, you'll see brand-new login screen. CTRL-ALT-F1 will take you back to the main console. You can have as many virtual consoles as you have function keys. These virtual consoles have device names beginning with "ttyC" and ending in a hexadecimal number.
Serial ports can be used as login devices, once you attach either an old-fashioned serial terminal or a null-modem cable and another device with a serial port, just like a null-modem cable. Each serial port can have one terminal attached to it. Serial port terminals have device names of "tty" and end in a hexadecimal number.
Finally there are pseudo-terminals, which are used for remote connections such as SSH. Even though your remote xterm has no physical hardware for it, OpenBSD treats it in some ways as a teletype. These pseudo-terminal connections use two types of device nodes, masters and slaves. Master pseudo-terminal devices are named "pty," a letter p through q, and a hexadecimal number. Slave pseudo terminals have names starting with "tty," but have the same ending as their matching "pty" device. For example, /dev/ptyq0a is tied to /dev/ttyq0a. The slave terminal appears in /etc/ttys.
Configuring /etc/ttys
Each terminal has an entry in /etc/ttys, containing at least three entries and possibly up to five.
1 console 2 "/usr/libexec/getty Pc" 3 vt220 4 off 5 secure
The first entry is the 1 device name, without the leading /dev.
The second entry is the 2 name of the program that configures the terminal. Physical devices must have a program that handles setting up the system to communicate with that physical device. The standard program for handling terminals is getty(8). You can use multiple words in the second entry, as we have here, by including the entire entry in quotes. While getty(8) is the standard program for this purpose, you could choose to replace it. Pseudo-terminals do not require a terminal configuration program and use a "none" in this space.
Then 3 define the terminal type used for this terminal device. The keyboard and mouse virtual consoles all use the "vt220" terminal type, as documented in /etc/termcap. Other physical terminals will have their own terminal type, which will usually be documented with the terminal. If you specify a terminal type of "unknown," the user will be prompted for their terminal type. Pseudo-terminals, which are accessed over the network, have a terminal type of "network."
After these three required fields, you can list flags that modify the terminal's behavior.
Physical terminal devices need an "on" or "off" flag, showing if the particular terminal is usable or not. If the terminal is off, you cannot access it. If the terminal is on, you can access it. For example, here's the /etc/ttys entry for the eighth virtual console, accessible by hitting CTRL-ALT-F8.
ttyC7 "/usr/libexec/getty Pc" vt220 off secure
If you hit CTRL-ALT-F8, nothing will happen. This console is off. Change the "off" to an "on," and the next time you reboot your system this console will be usable.
If you use the flag "secure," this terminal can be used for direct root logins. Note that every physically attached device in /etc/ttys has the secure flag set. Anyone with the root password can walk up to the system and log in. This might not be desirable.
If you use serial consoles, you might find it useful to be able to log in to the system via that same serial connection. The entry for the serial ports looks much like the entry for the virtual consoles; the getty command is slightly different, and the device name has changed, but it's basically the same. If you're using the first serial port as your serial console, change the "off" to an "on," and you will be able to log in to the system via the serial console connection.
No comments:
Post a Comment