From owner-freebsd-questions@freebsd.org  Wed Dec  7 16:04:55 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 065F6C6BB6D
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Wed,  7 Dec 2016 16:04:55 +0000 (UTC)
 (envelope-from markham@ssimicro.com)
Received: from barracuda.ssimicro.com (barracuda.ssimicro.com [96.46.39.196])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits))
 (Client CN "*.ssimicro.com", Issuer "RapidSSL SHA256 CA - G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id CE2132FE
 for <freebsd-questions@freebsd.org>; Wed,  7 Dec 2016 16:04:54 +0000 (UTC)
 (envelope-from markham@ssimicro.com)
Received: from mail.ssimicro.com (mail.ssimicro.com [64.247.129.10]) by
 barracuda.ssimicro.com with ESMTP id SNgVNntEkStzdV1o (version=TLSv1.2
 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for
 <freebsd-questions@freebsd.org>; Wed, 07 Dec 2016 10:53:06 -0500 (EST)
Received: from markham.ssimicro.com (markham.ssimicro.com [64.247.130.99])
 (authenticated bits=0)
 by mail.ssimicro.com (8.15.2/8.15.2) with ESMTPSA id uB7FqxFR083154
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
 for <freebsd-questions@freebsd.org>; Wed, 7 Dec 2016 08:53:00 -0700 (MST)
 (envelope-from markham@ssimicro.com)
Subject: Re: Closed port 22 in the jail redirects to the outer system
To: freebsd-questions@freebsd.org
References: <20161207002440.GA26711@becker.bs.l>
From: markham breitbach <markham@ssimicro.com>
Message-ID: <e28ad23b-1a55-c23a-de30-8738302cd9ca@ssimicro.com>
Date: Wed, 7 Dec 2016 08:52:59 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0)
 Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
In-Reply-To: <20161207002440.GA26711@becker.bs.l>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by bsmtpd at ssimicro.com
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Dec 2016 16:04:55 -0000

On 2016-12-06 5:24 PM, Bertram Scharpf wrote:
>
> How can I make a port 22 request fail if an SSH server is
> running on the outer machine but not inside the jail?
>
>
>
By default sshd on the jail host (outer machine) will bind to all
available addresses.  You can just set the listenAddress for sshd to be
the IP address that you want it to listen to in /etc/ssh/sshd_config and
restart sshd.

-M