From owner-freebsd-jail@FreeBSD.ORG Mon Jun 29 12:10:43 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B8ADF10656ED for ; Mon, 29 Jun 2009 12:10:43 +0000 (UTC) (envelope-from jon@passki.us) Received: from mail-yx0-f181.google.com (mail-yx0-f181.google.com [209.85.210.181]) by mx1.freebsd.org (Postfix) with ESMTP id 7C2588FC21 for ; Mon, 29 Jun 2009 12:10:43 +0000 (UTC) (envelope-from jon@passki.us) Received: by yxe11 with SMTP id 11so3743227yxe.3 for ; Mon, 29 Jun 2009 05:10:43 -0700 (PDT) MIME-Version: 1.0 Received: by 10.231.39.65 with SMTP id f1mr585970ibe.15.1246275750353; Mon, 29 Jun 2009 04:42:30 -0700 (PDT) X-Originating-IP: [209.98.139.33] In-Reply-To: <20090629112655.R22887@maildrop.int.zabbadoz.net> References: <736c47cb0906290422y756a6a74i9029b4d27d2ade34@mail.gmail.com> <20090629112655.R22887@maildrop.int.zabbadoz.net> Date: Mon, 29 Jun 2009 06:42:30 -0500 Message-ID: From: Jon Passki To: freebsd-jail@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: Sam Wun Subject: Re: Can't login Jailed system X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jun 2009 12:10:46 -0000 (Un-CC'd freebsd-net@) On Mon, Jun 29, 2009 at 6:29 AM, Bjoern A. Zeeb wrote: > On Mon, 29 Jun 2009, Sam Wun wrote: > >> After I login 192.168.1.242, I ended up logged in twp1 which is my host >> system. >> Now I am stuck. I don't know how I logged in the jailed system a month >> ago. >> >> Can anyone shred some lights on me? > > Try to jexec 5 /bin/sh (5 is the jailID from the jls output) =A0and check > with ps if sshd is running inside the jail, and check the usual things > are up and there. Sam, what Bjoern is alluding to is that SSH in the main system is probably running on all IP addresses on port 22/TCP. =A0The jail(8) man page has a section called "Setting up the Host Environment" which you might want to review again. For SSH, check out /etc/ssh/sshd_config and look for "ListenAddress". If it is setup for the default setting of "#ListenAddress 0.0.0.0", then uncomment it and change that line in your main system to be the main IP address. Restart sshd (/etc/rc.d/sshd restart). You will probably have to restart your jail's sshd instances since they probably tried to bind to their IP address on 22/TCP unsuccessfully. (Or, just restart all of your jails if it's not a big concern, /etc/rc.d/jail restart.) Hope that helps, Jon