If this is not the right fourm to ask this question, please redirect me to the correct place, or documentation which addresses this issue.
Maybe [EMAIL PROTECTED] may a better place, maybe not. By the way, now you're here ...
nslookup and dig tools. So I am confident that name resolution is working.
Ok.
Within the jailed hosts, I have turned off the portmap, syslogd, sendmail, and inetd daemons and am running only cron and sshd daemons upon start up.
But when I attempt to ssh into one of the jailed hosts, the connection times out and reports: "Connection closed by 192.168.1.100".
Maybe starting sshd in debug mode could be very helpful.
A partial sockstat reading while the hosts are attempting to connect shows: USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS sshd sshd 59613 4 tcp4 192.168.1.100:22 192.168.1.100:2604 sshd sshd 59613 7 udp4 192.168.1.100:2625 192.168.1.1:53 root sshd 59612 4 tcp4 192.168.1.100:22 192.168.1.100:2604 cary ssh 59611 3 tcp4 192.168.1.100:2604 192.168.1.100:22
A quick description of the addresses: 150.252.106.57 - external IP address of host computer, also running dnscache for external lookups 192.168.1.1 - IP address of internal dnscache for 192.168.x.x addresses 192.168.1.100 - IP address of jail(8)'d host 192.168.53.1 - IP address of jail(8)'d tinydns server host
ssh used with which command? And - using 3 -v's may help get more info, too.
ssh debugging output shows:
[snip initial key-exchange]
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
{and ssh "hangs" here...}
It doesn't hang. If it would hang, it wouldn't tell you that the remote host has closed the connection. Enabling syslog in the jail (you didn't have to enable networking syslog!) and starting sshd in debug mode will give you some important information.
The messages, security, and auth logs under /var/log in the jail'd host are completly empty. Under the host machine logs , there is nothing as well.
This is, because you have disabled syslogd. You should thinking about enabling it but protect it against external access using ipfiler or ipfirewall.
I'm at a loss of what else to trouble shoot. I'm not subscribed to the list so if you could Cc: me, I would appreciate it.
Thank you in advance for any help offered!
Cary Mathews
So long, Jens
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
