From owner-freebsd-stable@FreeBSD.ORG Thu Oct 4 08:45:07 2007 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 42F4116A41A; Thu, 4 Oct 2007 08:45:07 +0000 (UTC) (envelope-from kim.attree@za.verizonbusiness.com) Received: from mx01.uunet.co.za (mx01.uunet.co.za [196.7.142.153]) by mx1.freebsd.org (Postfix) with ESMTP id C5BF313C4A8; Thu, 4 Oct 2007 08:45:06 +0000 (UTC) (envelope-from kim.attree@za.verizonbusiness.com) Received: from [196.30.158.7] (helo=pixproxy.so.jnb6.za.uu.net) by mx01.uunet.co.za with esmtp (Exim 4.67 (FreeBSD)) (envelope-from ) id 1IdLpY-0006I7-R6; Thu, 04 Oct 2007 10:13:12 +0200 Received: from chickenboo.ops.uunet.co.za (chickenboo.ops.uunet.co.za [196.22.64.216]) by pixproxy.so.jnb6.za.uu.net (Postfix) with ESMTP id C94AF1088C0; Thu, 4 Oct 2007 10:13:12 +0200 (SAST) Message-ID: <4704A17E.6030703@za.verizonbusiness.com> Date: Thu, 04 Oct 2007 10:17:02 +0200 From: Kim Attree User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070728) MIME-Version: 1.0 To: d@delphij.net References: <1191428709.1475.26.camel@localhost> <4703CA06.7050103@delphij.net> In-Reply-To: <4703CA06.7050103@delphij.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Tom Evans , freebsd-jail@freebsd.org, freebsd-stable@freebsd.org Subject: Re: Cannot ssh from jail X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Oct 2007 08:45:07 -0000 LI Xin wrote: > Tom Evans wrote: > >> Hi stable@, jail@ [jail@ plz cc me as I'm not subscribed] >> >> I'm having some problems setting up some jails for semi-isolated >> development (ie, so we can isolate the developers into a jail, give them >> all the root access they want, and not worry about them blowing up more >> than their own jail) on 6.2-RELEASE-p5. >> >> I have set up a jail, using ezjail, which appeared to work fine. I can >> start the jail, and use jexec to spawn a shell inside the jail. However, >> if I then try to ssh from the jail to another box, ssh fails with the >> error message (with -v): >> > > I think the problem is that if you jexec into a jail then you don't have > a TTY at hand, so bad things would happen. If you login into the jail > by some ways (e.g. by ssh or telnet or whatever that spawns a TTY for > you) then it would work I bet. > > Cheers, > I had the same problem, setup SSHD in the jail, ssh'ed into that, and then from there got a TTY and could ssh to anywhere. Li is right, with jexec you don't get allocated a TTY. Laters, Kim