Date: Thu, 13 Mar 2003 15:29:18 -0600 (CST) From: Cary Mathews <scattered@babel.acu.edu> To: freebsd-questions@freebsd.org Subject: ssh'ing into jail(8) Message-ID: <Pine.BSO.4.40.0303131526580.19858-100000@babel.acu.edu>
next in thread | raw e-mail | index | archive | help
(I sent this two days ago, when I was not subscribed. As I did not get
any replies, I have subscribed to freebsd-questions and am resending it.)
If this is not the right fourm to ask this question, please redirect me to
the correct place, or documentation which addresses this issue.
I am setting up an internal (192.168.x.x) "network" of computers consisting
of jail(8)'d virtual machines. I have set up djbdns to provide DNS service
for this internal network.
I have assigned my 192.168.x.x addresses to the lo0 interface so I don't
have to make major adjustments to my firewall ruleset.
I am able to ping all my internal machines from the host computer. I am
able to do dns lookups using the dns tools provided with djbdns, and the
nslookup and dig tools. So I am confident that name resolution is working.
Within the jailed hosts, I have turned off the portmap, syslogd, sendmail,
and inetd daemons and am running only cron and sshd daemons upon start up.
But when I attempt to ssh into one of the jailed hosts, the connection
times out and reports: "Connection closed by 192.168.1.100".
A partial sockstat reading while the hosts are attempting to connect
shows:
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
sshd sshd 59613 4 tcp4 192.168.1.100:22 192.168.1.100:2604
sshd sshd 59613 7 udp4 192.168.1.100:2625 192.168.1.1:53
root sshd 59612 4 tcp4 192.168.1.100:22 192.168.1.100:2604
cary ssh 59611 3 tcp4 192.168.1.100:2604 192.168.1.100:22
A quick description of the addresses:
150.252.106.57 - external IP address of host computer, also running
dnscache for external lookups
192.168.1.1 - IP address of internal dnscache for 192.168.x.x addresses
192.168.1.100 - IP address of jail(8)'d host
192.168.53.1 - IP address of jail(8)'d tinydns server host
ssh debugging output shows:
[snip initial key-exchange]
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
{and ssh "hangs" here... Acutally waits and eventually times out.}
The messages, security, and auth logs under /var/log in the jail'd host
are completly empty. Under the host machine logs , there is nothing as
well.
I'm at a loss of what else to trouble shoot. Thank you in advance for any
help offered!
Cary Mathews
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSO.4.40.0303131526580.19858-100000>