From owner-freebsd-hackers@FreeBSD.ORG Tue Sep 16 01:07:34 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 855A016A4C2; Tue, 16 Sep 2003 01:07:34 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 77C1A43FAF; Tue, 16 Sep 2003 01:07:32 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h8G87F7T036415 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 16 Sep 2003 09:07:27 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)h8G87FqG036414; Tue, 16 Sep 2003 09:07:15 +0100 (BST) (envelope-from matthew) Date: Tue, 16 Sep 2003 09:07:15 +0100 From: Matthew Seaman To: maillist bsd Message-ID: <20030916080715.GA35605@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: maillist bsd , freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org References: <20030915201631.10323.qmail@web9506.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="2fHTh5uZTiUOsy+g" Content-Disposition: inline In-Reply-To: <20030915201631.10323.qmail@web9506.mail.yahoo.com> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-11.2 required=5.0 tests=AWL,BAYES_00,EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, REFERENCES,REPLY_WITH_QUOTES,USER_AGENT_MUTT autolearn=ham version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) cc: freebsd-hackers@freebsd.org cc: freebsd-questions@freebsd.org Subject: Re: My jail can not ssh.. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Sep 2003 08:07:35 -0000 --2fHTh5uZTiUOsy+g Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Sep 16, 2003 at 04:16:31AM +0800, maillist bsd wrote: > I am just testing jail on my FreeBSD4.8-stable box, i found i can not ssh= to the jail environment, but i can telnet to jail environment, the sshd is= running both inside and outside jail. What's the problem. This is freebsd-questions@... material, rather than freebsd-hackers@... I suspect that your problem is that the sshd(8) in your host and jail environments are both binding to IN_ADDR_ANY. That means both daemons are fighting over the loopback interface (at least). Cure is to tell sshd which interfaces to bind to explicitly. So, assuming your host environment uses 192.168.0.1 and your jail uses 192.168.0.2, then add: ListenAddress 127.0.0.1 ListenAddress 192.168.0.1 ListenAddress ::1 to /etc/ssh/sshd_config in the host environment, and=20 ListenAddress 192.168.0.2 to /etc/ssh/sshd_config in the jail environment. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --2fHTh5uZTiUOsy+g Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/ZsSzdtESqEQa7a0RAocVAJ0c67OgkzvkdwJqhzEZNquSXUqUYACeIl4u 32EWngvbVpc4V+57ndwSPuw= =zKeq -----END PGP SIGNATURE----- --2fHTh5uZTiUOsy+g--