On Thu, 21 Feb 2013, Shane Ambler wrote:
It's been a while since I experimented with jails but I'm pretty sure it is
the reason I changed my sshd_config
When you start sshd on the base system by default it binds against 0.0.0.0
and :: which is every ip4 and ip6 address configured on the base system,
which includes the aliased ip's for your jails. This is represented by the
*:22 from sockstat. When you start the jail it can't start sshd because the
base already has that address/port in use.
In /etc/ssh/sshd_config comment out the ListenAddress 0.0.0.0 and
ListenAddress :: then add ListenAddress 10.0.0.3
service sshd restart
start your jail and try again
The jail config is fine as the jail only sees the one ip address assigned to
it.
This is what fixed the problem. From the jail man page, "... The following
frequently deployed services must have their individual configuration files
modified to limit the application to listening to a specific IP address ...". It
then specifically mentions ssh and send mail.
The system I looked at runs seven jails fine without my having made that change.
I am not sure why I am getting away with this, but I also thank you
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
