SSH From within a Jail

d c casteld73 at yahoo.com
Tue Nov 15 13:57:26 GMT 2005 


Koen Martens <fbsd at metro.cx> wrote:
  Koen Martens wrote:
> d c wrote:
> 
>>Greetings:
>>
>>I currently am running Freebsd 6.0 Release.
>>
>>I am experimenting with jails and have run into a
>>problem. I need to ssh from within my jail to another
>>server. Actually I need to use scp. WHen I try it I
>>get the error: "Host key verification failed."
> 
> 
> This could also be something related to permissions on the .ssh
> directory, but you cleared that out of the way if i understand the
> rest of this thread correctly. I remember having this problem once,
> but can't remember right now what i did to solve it.. I usually
> compile openssh from source anyway, so you might try that. If that
> works, it would probably be interesting to see what is the
> difference between your own hand-rolled openssh and the one that
> came with your world.

Just remembered something else: do you jexec into the jail, or do
you do a proper logon (eg. ssh into the jail). I think that if you
jexec into the jail and then try to ssh, you might have a problem
because you aren't really logged in to the jail and thus have no
(psuedo) tty associated with your session..

Koen

-- 
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, hosting, embedded systems, unix, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/
_______________________________________________
freebsd-hackers at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to freebsd-hackers-unsubscribe at freebsd.org
   
   
  Yes- Koen you hit the nail on the head.  If I use jexec I cannot use ssh to connect to other servers.  I also ran into problems with make in ports tree and using screen.  However-  If I ssh in I can perform all functions (ssh and make) as if it were it own system...aka- jail.  
   
  The man page should reflect this.  That is...all compiling and management of the jail should be done through ssh.  Only use jexec for intial configuration and emergency related work.
   
  Thanks everyone for their response and ideas.
  


		
---------------------------------
 Yahoo! FareChase - Search multiple travel sites in one click.

More information about the freebsd-hackers mailing list