From owner-freebsd-hackers@FreeBSD.ORG Tue Sep 16 01:18:32 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 46D7216A4B3; Tue, 16 Sep 2003 01:18:32 -0700 (PDT) Received: from smtp.volant.org (gate.volant.org [207.111.218.246]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4228543FDD; Tue, 16 Sep 2003 01:18:31 -0700 (PDT) (envelope-from patl+freebsd@volant.org) Received: from 64-144-229-193.client.dsl.net ([64.144.229.193] helo=[192.168.0.13]) by smtp.volant.org with asmtp (TLSv1:AES256-SHA:256) (Exim 4.22) id 19zB2c-0005na-AS; Tue, 16 Sep 2003 01:18:30 -0700 Date: Tue, 16 Sep 2003 01:18:29 -0700 From: Pat Lashley To: freebsd-questions@freebsd.org, maillist bsd Message-ID: <3927478112.1063700309@mccaffrey.phoenix.volant.org> In-Reply-To: <20030916080715.GA35605@happy-idiot-talk.infracaninophile.co.uk> References: <20030915201631.10323.qmail@web9506.mail.yahoo.com> <20030916080715.GA35605@happy-idiot-talk.infracaninophile.co.uk> X-Mailer: Mulberry/3.1.0b6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Scan-Signature: 106a317f3e33c1e32c9ba517d70ce429824ba71c X-Spam-Score: 0.2 (/) X-Spam-Score-Int: 2 X-Spam-Report: 0.2/5.0 This mail has matched the spam-filter tests listed below. See http://spamassassin.org/tag/ for details about the specific tests reported. In general, the higher the number of total points, the more likely that it actually is spam. (The 'required' number of points listed below is the arbitrary number above which the message is normally considered spam.) Content analysis details: (0.20 points total, 5 required)header IN_REP_TO (-0.5 points) Has a In-Reply-To header quoted email text REPLY_WITH_QUOTES (-0.5 points) Reply with quoted text AWL (2.2 points) AWL: Auto-whitelist adjustment cc: freebsd-hackers@freebsd.org Subject: Re: My jail can not ssh.. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Sep 2003 08:18:32 -0000 --On Tuesday, September 16, 2003 09:07:15 +0100 Matthew Seaman wrote: > On Tue, Sep 16, 2003 at 04:16:31AM +0800, maillist bsd wrote: > >> I am just testing jail on my FreeBSD4.8-stable box, i found i can not >> ssh to the jail environment, but i can telnet to jail environment, the >> sshd is running both inside and outside jail. What's the problem. > > I suspect that your problem is that the sshd(8) in your host and jail > environments are both binding to IN_ADDR_ANY. That means both daemons > are fighting over the loopback interface (at least). Another subtle thing that can cause problem is if the jailed SSH can't do DNS resolution. Telnet in and run your favorite DNS query app (host, dnsip, dig, nslookup, etc.). If it fails, check resolv.conf in the jail; and check the access controls on your name server If that isn't it, lsof is your friend. Install it on the host system and try something like 'lsof -i :ssh' to see what processes are listening at what addresses. -Pat