From owner-freebsd-jail@FreeBSD.ORG  Tue Jan 31 19:35:25 2012
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1D2901065673
	for <freebsd-jail@freebsd.org>; Tue, 31 Jan 2012 19:35:25 +0000 (UTC)
	(envelope-from erdgeist@erdgeist.org)
Received: from elektropost.org (elektropost.org [217.13.206.130])
	by mx1.freebsd.org (Postfix) with ESMTP id 71D378FC1C
	for <freebsd-jail@freebsd.org>; Tue, 31 Jan 2012 19:35:23 +0000 (UTC)
Received: (qmail 61118 invoked from network); 31 Jan 2012 19:38:11 -0000
Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org)
	by elektropost.org with CAMELLIA256-SHA encrypted SMTP;
	31 Jan 2012 19:38:11 -0000
Message-ID: <4F284279.7070904@erdgeist.org>
Date: Tue, 31 Jan 2012 20:35:21 +0100
From: Dirk Engling <erdgeist@erdgeist.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7;
	rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: "Bender, Chris" <chris_bender@cellularatsea.com>
References: <863259E16B6C464DAD1E9DD10BB311540582ED4C@wmsexg01.corp.cellularatsea.com>
	<4F283FE6.1060905@erdgeist.org>
	<assp.0377d38ba3.863259E16B6C464DAD1E9DD10BB311540582ED50@wmsexg01.corp.cellularatsea.com>
In-Reply-To: <assp.0377d38ba3.863259E16B6C464DAD1E9DD10BB311540582ED50@wmsexg01.corp.cellularatsea.com>
X-Enigmail-Version: 1.3.4
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: freebsd-jail@freebsd.org
Subject: Re: jails
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2012 19:35:25 -0000

On 31.01.12 20:27, Bender, Chris wrote:
> zs1# ezjail-admin list
> STA JID  IP              Hostname                       Root Directory
> --- ---- --------------- ------------------------------
> ------------------------
> DR  14   172.19.4.36     wiki                           /usr/jails/wiki
> DR  9    172.19.4.41     tools2
> /usr/jails/tools2
> DR  16   172.19.4.45     rt3                            /usr/jails/rt3
> DR  17   172.19.4.42     rep                            /usr/jails/rep
> DR  11   172.19.4.190    npins                          /usr/jails/npims
> DR  13   172.19.4.39     logger
> /usr/jails/logger
> DR  12   172.19.4.44     inventory
> /usr/jails/inventory
> DR  15   172.19.4.38     dns2                           /usr/jails/dns2
> DSN N/A  172.19.4.37     dns1                           /usr/jails/dns1
> DSN N/A  172.19.4.32     db                             /usr/jails/db
> DSN N/A  172.19.4.31     coremon
> /usr/jails/coremon
> DR  10   172.19.4.43     cf                             /usr/jails/cf

This shows that all the jails that are supposed to run, are actually
running. You can console into the jail by

  ezjail-admin console tools2

and check if there are any services running. For starters you could
check if in the jail's rc.conf you have sshd enabled.

If that is the case, you can check if the host system's sshd binds on
*:22, making it impossible for the jail's sshds to bind to their port 22.

Check for:

#ListenAddress 0.0.0.0

in the host system's /etc/ssh/sshd_config and make it bind to the host
system's primary IP address.

A 'sockstat -4l | grep 22' in the host system will also tell you about
services listening on all IP addresses.

Regards,

  erdgeist