Date: Tue, 25 Aug 2009 10:07:12 +0200 From: Stefan Bethke <stb@lassitu.de> To: Peter Jeremy <peterjeremy@optushome.com.au> Cc: freebsd-current@freebsd.org Subject: Re: sshd failing in jail Message-ID: <2CDE9A31-C924-439F-8394-6325F821F9C2@lassitu.de> In-Reply-To: <20090824193344.GA34949@server.vk2pj.dyndns.org> References: <20090824193344.GA34949@server.vk2pj.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 24.08.2009 um 21:33 schrieb Peter Jeremy: > I am attempting to build an i386 jail on an amd64 box to build > packages for my netbook. The host is running -current from just over > two weeks ago and the jail is -current from early June. The jail was > built by doing a dump|restore of my netbook and then tweaking various > config files to give it a new identity. The jail's devfs is using > "devfsrules_jail" from /etc/default/devfs.rules. > > The jail starts OK but when I attempt to ssh into it, I just get > "Connection closed by <jail IP address>". Adding debugging on the > child, I see that it occurs immediately following: > "debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY". > > Looking at a ktrace of the jailed sshd, the problem is inside the > privilege separation child. When I turned off privilege separation, I > can log into the jail. When I added a syslog socket inside the jailed > chroot and left privilege separation enabled, I got: > Aug 24 19:04:40 server sshd[70809]: error: buffer_put_bignum2_ret: > BN too small > Aug 24 19:04:40 server sshd[70809]: fatal: buffer_put_bignum2: > buffer error > Unfortunately, buffer_put_bignum2() is called from a number of > locations > so the actual problem is not clear. > > Looking at google doesn't turn up anything useful. > > Does anyone have any suggestions? I had similar symptoms during a recent make world. Finishing installworld in the jails and rebooting made it all work again, so I did not investigate further. Stefan -- Stefan Bethke <stb@lassitu.de> Fon +49 151 14070811
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2CDE9A31-C924-439F-8394-6325F821F9C2>