From owner-freebsd-security@FreeBSD.ORG Tue Aug 5 04:53:48 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6CB7737B401 for ; Tue, 5 Aug 2003 04:53:48 -0700 (PDT) Received: from mail.takas.lt (mail-src.takas.lt [212.59.31.78]) by mx1.FreeBSD.org (Postfix) with ESMTP id E003F43F75 for ; Tue, 5 Aug 2003 04:53:46 -0700 (PDT) (envelope-from stakys@punktas.lt) Received: from ss ([81.7.109.95]) by mail.takas.lt with Microsoft SMTPSVC(5.0.2195.5329); Tue, 5 Aug 2003 14:53:44 +0300 Message-ID: <006601c35b48$35e3cb80$0900a8c0@ss> From: "stakys" To: Date: Tue, 5 Aug 2003 14:53:39 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-OriginalArrivalTime: 05 Aug 2003 11:53:44.0805 (UTC) FILETIME=[38F7E950:01C35B48] Subject: Re: Problems with JAIL in 4.8R X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Aug 2003 11:53:48 -0000 sockstat -4l | grep sshd root sshd 76407 3 tcp4 Jailed_system_outside_ip:22 *:* root sshd 111 4 tcp4 *:22 *:* I get this... Btw: i have just that firewall rules for testing if it's not ipfw fault. Also as i see for now i need to set for my main system and for jail'ed system to ListenAddress options yes? Ok i tried to do so, and changed ListenAddress parameter in jail'ed and main system sshd_config, the sockstat shows: root sshd 294 3 tcp4 Jailed_system_outside_ip:22 *:* root sshd 111 3 tcp4 Main_system_outside_ip:22 *:* But when i tried to connect to the jail'ed system from outside i get the message of connection timed out. > ----- Original Message ----- > From: "Sander de Leeuw" > To: > Sent: Tuesday, August 05, 2003 1:22 PM > Subject: RE: Problems with JAIL in 4.8R > > > > > > Hi, > > > > I'm not really sure about this, just writing what comes up in my mind. I > > also have running jails in FreeBSD 4.8, and one is running sshd without > > problems. First of all, I assume that you followed the procedure > > explained in 'man jail'. It is important to be sure that if you run some > > sort of daemon in a jail, while running the same daemon in you're host > > environment, they do NOT bind on the same TCP socket. So, doing a > > 'sockstat -4l | grep sshd' should return something like this: > > > > root sshd 19906 3 tcp4 192.168.25.16:22 *:* > > root sshd 116 3 tcp4 192.168.25.1:22 *:* > > > > AND NOT: > > > > root sshd 19906 3 tcp4 192.168.25.16:22 *:* > > root sshd 116 3 tcp4 *:22 *:* > > > > In this case you should set the ListenAddress parameter in you're > > /etc/ssh/sshd_config file. > > > > I hope you can do something with it, good luck. > > Sander de Leeuw > > sander@delete-it.nl > > > > > > -----Oorspronkelijk bericht----- > > Van: owner-freebsd-security@freebsd.org > > [mailto:owner-freebsd-security@freebsd.org] Namens stakys@punktas.lt > > Verzonden: dinsdag 5 augustus 2003 14:57 > > Aan: freebsd-security@freebsd.org > > Onderwerp: Problems with JAIL in 4.8R > > > > Hi, i've set the outside ip for the jail..It works.. When i try to ssh > > to > > jail'ed system from the main system (in which is created jail) the > > connection is successful, but when i try to connect to jailed system > > from > > anywhere else i get this message: > > ssh: connect to host IP_NUMBER port 22: Operation timed out > > What can be wrong here? How to solve this problem? > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > > "freebsd-security-unsubscribe@freebsd.org" > > > > >