jail and networking

doug doug at fledge.watson.org
Wed Feb 20 21:29:21 UTC 2013 

On Wed, 20 Feb 2013, Jeff Tipton wrote:

> On 02/20/2013 20:59, Teske, Devin wrote:
>> On Wed, 20 Feb 2013, Bernt Hansson wrote:
>> 
>>> On 2013-02-20 19:07, Jeff Tipton wrote:
>>>> On 02/20/2013 19:42, Bernt Hansson wrote:
>>>>> On 2013-02-20 17:23, Teske, Devin wrote:
>>>>>> On Wed, 20 Feb 2013, Bernt Hansson wrote:
>>>>>> 
>>>>>>> Hello list!
>>>>>>> 
>>>>>>> I dont seem to get net working in a test jail.
>>>>>>> 
>>>>>>> These I've tried;
>>>>>>> 
>>>>>>> ftp, fetch, telnet
>>>>>>> 
>>>>>>> They time out.
>>>>>>> 
>>>>>>> Ssh sort of work.
>>>>>>> 
>>>>>>> 32bit# ssh 10.0.0.3
>>>>>>> ssh_askpass: exec(/usr/local/bin/ssh-askpass): No such file or
>>>>>>> directory
>>>>>>> Host key verification failed.
>>>>>>> 
>>>>>>> jail is 8.3-STABLE i386 GENERIC
>>>>>>> 
>>>>>>> host is FreeBSD 8.3-STABLE amd64 GENERIC
>>>>>>> 
>>>>>>> I'm sure you want more info so just tell me what info.
>>>>>> Commonly the problem is that you are "jexec'd" into the jail and I
>>>>>> find that tools like ssh, ftp, telnet, etc. don't work when you're in
>>>>>> the jail via "jexec" but instead what works way better is if you ssh
>>>>>> into the jail (via the jail'd ssh process of course).
>>>>>> 
>>>>>> Does that seem to be the case in your situation?
>>>>> If you mean this sshd  IsJ    0:00,00 /usr/sbin/sshd
>>>>> 
>>>>> Then no.
>>>>> 
>>>>> %ssh 10.0.0.10 ssh: connect to host 10.0.0.10 port 22: Operation timed
>>>>> out
>>>>> 
>>>>> I did have an alias on the host to the jail's ip.
>>>>> Tried to restart the jail it went fine, but now I can't jexec in to
>>>>> the jail.
>>>>> 
>>>>> testbox# jexec 1 tcsh
>>>>> jexec: jail_attach(1): Invalid argument
>>>>> 
>>>>> Sooo... I'm kind of out of ideas.
>>>> What does "jls" command say? If you have restarted your jail, it's ID
>>>> most likely has changed.
>>> The ID did change, didn't know about that, thank you.
>>> 
>>> But still, sshd isn't running in the jail
>>> 
>>> 32bit# ps ax
>>>     PID  TT  STAT      TIME COMMAND
>>>    2385  ??  IsJ    0:00,00 sendmail: Queue runner at 00:30:00 for
>>> /var/spool/clientmqueue (sendmail)
>>>    2391  ??  SsJ    0:00,00 /usr/sbin/cron -s
>>>    2464   0  SJ     0:00,01 tcsh
>>>    2482   0  R+J    0:00,00 ps ax
>>> 
>>> testbox# ps ax | grep J
>>>    2385  ??  IsJ    0:00,00 sendmail: Queue runner at 00:30:00 for
>>> /var/spool/clientmqueue (sendmail)
>>>    2391  ??  SsJ    0:00,00 /usr/sbin/cron -s
>>>    2488   0  S+     0:00,00 grep J
>>> 
>>> testbox is the host.
>> A stab in the dark, but...
>> 
>> Did you add sshd_enable="YES" to the jail's rc.conf(5)?
> Or, from within the jail, what does
>
> service sshd status
>
> say?
>
Or from the host: sockstat | grep :22. You should see something like

   root     sshd       2016  3  tcp4   192.168.17.15:22       *:*

for each jail

More information about the freebsd-questions mailing list