How to use ssh with floppyfw 1.9.x

This brief document will describe one way to use ssh with floppyfw. I assume that you know how to get around using floppyfw, and won't describe, for example, how to mount the disk. If you have questions, please post them to the floppyfw.general newsgroup, located at news.zelow.no.

You can also use this procedure to fit larger packages, which might not fit onto the default floppyfw ramdisk, onto your system.

(Please keep in mind that I haven't tested this extensively yet with 1.9.20. If you find bugs, please let me know.)

A fairly recent version of floppyfw (near 1.9.20, to fit mke2fs.bz2 onto it)
A second floppy drive
More than 8MB of RAM. I'd recommend at least 12MB, with 16MB a nice round number that gives some breathing room.

Make sure you have all the needed files:
- a floppyfw 1.9 image (I used 1.9.20)
- the login.bz2 package
- the sshd1.bz2 package
- the ssh-keygen1.bz2 package
- the post-login.ini script
  All the above are at the main floppyfw site. In addition, you will need the following files (which are available from my site, and are *not* the same as on the floppyfw site):
- the mke2fs.bz2 package, http://wombat.san-francisco.ca.us/linux/mke2fs.bz2
- the post-sshd.ini script, http://wombat.san-francisco.ca.us/linux/post-sshd.ini
- Not needed, but my modified floppyfw.ini script might be helpful, http://wombat.san-francisco.ca.us/linux/floppyfw.ini
Add the line
```
RAMDISK_SIZE=2048
```
to your config file. It doesn't have to be 2048, but it does need to be at least 1024 to fit sshd and friends.
Change the SECOND_DEVICE line to your second device, probably /dev/fd1, in the config file.
Make sure your nameservers will be able to reverse-resolve any IPs that will be shelling in. In particular, if you are NATing an unroutable IP range (like 10.*), floppyfw needs to be able to resolve your IPs somehow. Therefore you need to name your local DNS server, or add all of your LAN hosts which might be ssh'ing in to your floppyfw box to your hosts file. (This isn't actually *necessary*, but if you don't do it, ssh will stall while it tries and fails to reverse-resolve your IP.)
Add mke2fs.bz2 and the .ini files to the /packages directory on your first diskette.
Add the other bz2 files to the /packages directory on your second diskette.

Either copy my floppyfw.ini to the /floppyfw directory on your first diskette, or add these lines *after* the licences are copied and *before* the extra packages are loaded:

if test "$RAMDISK_SIZE" != "n" ; then
  echo "$0: Attempting to make ${RAMDISK_SIZE}k RAM disk on /usr"
  mke2fs -m0 /dev/ram2 $RAMDISK_SIZE
  mount -t ext2 /dev/ram2 /usr
  mkdir /usr/tmp
fi

Update the etc/passwd and etc/shadow files in the login.bz2 package to reflect your desired passwords. There are many ways to do this; here's what I did (with 1.9.9):
- Boot the new diskettes
- Change the root password
- Copy /etc/passwd and /etc/shadow from your floppyfw box to another diskette
- tar xyf login.bz2 to a scratch area on a convenient machine (we'll use login/)
- Replace etc/passwd and etc/shadow in the scratch area with the copies from your diskette
- (cd login; tar cyf ../login.bz2 *)
- Copy the new login.bz2 to your second floppyfw diskette
Brad has a mkpkg utility bundled with sshd1.bz2 that you can use under floppyfw to create the login.bz2 package. I didn't use it because I already had an older package made. There are undoubtedly other ways to accomplish this step, as well--as long as you get *your* root password into login.bz2.
Reboot and test.
Make sure your iptables/ipchains configuration reflects the hosts you want able to ssh in to your floppyfw box. You can change the port sshd listens on by modifying post-sshd.ini to say
```
/usr/bin/sshd -p nnn
```
where nnn is your desired port number.
Don't blame me if it doesn't work. :)

Good luck!