Date: Wed, 20 Feb 2013 23:57:10 +0100 From: Bernt Hansson <bah@bananmonarki.se> To: doug@safeport.com Cc: doug <doug@fledge.watson.org>, freebsd-questions@freebsd.org Subject: Re: jail and networking Message-ID: <512554C6.3070306@bananmonarki.se> In-Reply-To: <alpine.BSF.2.00.1302201613280.27836@fledge.watson.org> References: <5124F505.4040906@bananmonarki.se> <13CA24D6AB415D428143D44749F57D7201EABA71@ltcfiswmsgmb21> <51250B20.4000308@bananmonarki.se> <512510ED.6080807@mail.com>, <51251496.4050701@bananmonarki.se> <13CA24D6AB415D428143D44749F57D7201EABC1F@ltcfiswmsgmb21> <51251FA5.6030903@mail.com> <alpine.BSF.2.00.1302201613280.27836@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
2013-02-20 22:17, doug skrev: > > On Wed, 20 Feb 2013, Jeff Tipton wrote: > >> On 02/20/2013 20:59, Teske, Devin wrote: >>> On Wed, 20 Feb 2013, Bernt Hansson wrote: >>> >>>> On 2013-02-20 19:07, Jeff Tipton wrote: >>>>> On 02/20/2013 19:42, Bernt Hansson wrote: >>>>>> On 2013-02-20 17:23, Teske, Devin wrote: >>>>>>> On Wed, 20 Feb 2013, Bernt Hansson wrote: >>>>>>> >>>>>>>> Hello list! >>>>>>>> >>>>>>>> I dont seem to get net working in a test jail. >>>>>>>> >>>>>>>> These I've tried; >>>>>>>> >>>>>>>> ftp, fetch, telnet >>>>>>>> >>>>>>>> They time out. >>>>>>>> >>>>>>>> Ssh sort of work. >>>>>>>> >>>>>>>> 32bit# ssh 10.0.0.3 >>>>>>>> ssh_askpass: exec(/usr/local/bin/ssh-askpass): No such file or >>>>>>>> directory >>>>>>>> Host key verification failed. >>>>>>>> >>>>>>>> jail is 8.3-STABLE i386 GENERIC >>>>>>>> >>>>>>>> host is FreeBSD 8.3-STABLE amd64 GENERIC >>>>>>>> >>>>>>>> I'm sure you want more info so just tell me what info. >>>>>>> Commonly the problem is that you are "jexec'd" into the jail and I >>>>>>> find that tools like ssh, ftp, telnet, etc. don't work when >>>>>>> you're in >>>>>>> the jail via "jexec" but instead what works way better is if you ssh >>>>>>> into the jail (via the jail'd ssh process of course). >>>>>>> >>>>>>> Does that seem to be the case in your situation? >>>>>> If you mean this sshd IsJ 0:00,00 /usr/sbin/sshd >>>>>> >>>>>> Then no. >>>>>> >>>>>> %ssh 10.0.0.10 ssh: connect to host 10.0.0.10 port 22: Operation >>>>>> timed >>>>>> out >>>>>> >>>>>> I did have an alias on the host to the jail's ip. >>>>>> Tried to restart the jail it went fine, but now I can't jexec in to >>>>>> the jail. >>>>>> >>>>>> testbox# jexec 1 tcsh >>>>>> jexec: jail_attach(1): Invalid argument >>>>>> >>>>>> Sooo... I'm kind of out of ideas. >>>>> What does "jls" command say? If you have restarted your jail, it's ID >>>>> most likely has changed. >>>> The ID did change, didn't know about that, thank you. >>>> >>>> But still, sshd isn't running in the jail >>>> >>>> 32bit# ps ax >>>> PID TT STAT TIME COMMAND >>>> 2385 ?? IsJ 0:00,00 sendmail: Queue runner@00:30:00 for >>>> /var/spool/clientmqueue (sendmail) >>>> 2391 ?? SsJ 0:00,00 /usr/sbin/cron -s >>>> 2464 0 SJ 0:00,01 tcsh >>>> 2482 0 R+J 0:00,00 ps ax >>>> >>>> testbox# ps ax | grep J >>>> 2385 ?? IsJ 0:00,00 sendmail: Queue runner@00:30:00 for >>>> /var/spool/clientmqueue (sendmail) >>>> 2391 ?? SsJ 0:00,00 /usr/sbin/cron -s >>>> 2488 0 S+ 0:00,00 grep J >>>> >>>> testbox is the host. > Or from the host: sockstat | grep :22. You should see something like > > root sshd 2016 3 tcp4 192.168.17.15:22 *:* > > for each jail testbox# sockstat | grep :22 bernt sshd 3541 3 tcp4 10.0.0.3:22 80.x.x.x:25605 root sshd 3539 3 tcp4 10.0.0.3:22 80.x.x.x:25605 root sshd 1296 3 tcp6 *:22 *:* root sshd 1296 4 tcp4 *:22 *:* The jail has ip 10.0.0.10. There is only one jail.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?512554C6.3070306>