how can I ssh into a local zone if the global zone has no outside connection??
you have 2 options. 1. from the global you can simply use zlogin zonename and
ur in. 2. you can add tcp wrappers to the non-global zone to only allow ssh
connections from the global.
> Date: Fri, 26 Nov 2010 04:22:56 -0800
> From: knatte_fnatte_tja...@yahoo.com
> To: zones-discuss@opensolaris.org
> Subject: Re: [zones-discuss] Possible to use zones for hardening? Security?
>
> So you suspect there is no need to shut down the global NIC, if the zone uses
> exclusive IP and it is on a separate subnet and there is no routing between
> the zones?
>
> Ok, that is an interesting thought. What do you other people say? In that
> case a local zone can not ping (reach) the global zone?
>
> I was thinking that the only way to reach internet, would be through a local
> zone. The global zone should be completely isolated from the rest of the
> world (zones, internet) and have no working NIC. The question is, in that
> case, how can I ssh into a local zone if the global zone has no outside
> connection??
>
>
>
> (BTW, I dont know how to do what you suggest, as I am a Solaris noob. I just
> planned to create exclusive-ip vnic and a vswitch and connect them - have I
> done what you described then? Are they on a separate subnet? Or do I need to
> do some additional configuration?)
> --
> This message posted from opensolaris.org
> _______________________________________________
> zones-discuss mailing list
> zones-discuss@opensolaris.org
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
