Date: Thu, 19 Oct 2017 20:59:08 +0200 From: Emmanuel Vadot <manu@bidouilliste.com> To: Adam Vande More <amvandemore@gmail.com> Cc: Steve Kargl <sgk@troutmask.apl.washington.edu>, FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Two jail questions Message-ID: <20171019205908.f7062a2a6c70fede16d3cac1@bidouilliste.com> In-Reply-To: <CA%2BtpaK3CUod4jg9gFwJ4k9VwAxcz%2BLU-2ds1W1ASz7Bcok=mGQ@mail.gmail.com> References: <20171019173224.GA31648@troutmask.apl.washington.edu> <CA%2BtpaK2c99mSXXPVWLQL0q_%2BkJ-xtoLzJtjLqbxDzwTM5KKhNg@mail.gmail.com> <20171019180038.GA32097@troutmask.apl.washington.edu> <CA%2BtpaK3CUod4jg9gFwJ4k9VwAxcz%2BLU-2ds1W1ASz7Bcok=mGQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 19 Oct 2017 13:13:09 -0500 Adam Vande More <amvandemore@gmail.com> wrote: > On Thu, Oct 19, 2017 at 1:00 PM, Steve Kargl < > sgk@troutmask.apl.washington.edu> wrote: > > > > > > sshd in the jail needs to run on a different port if you're using the > > same > > > ip, otherwise if you use an independent networking stack you would > > > configure as normal. > > > > So, then this comes down to > > > > ssh normal@a.b.c.d <-- host system's sshd listening on default > > port > > ssh -p 1111 guest@a.b.c.d <-- jailed sshd listening on port 1111 > > > > On a non-VNET/VIMAGE jail, this is the standard way. For a VNET/VIMAGE you > could do a regular > > ssh guest@w.x.y.z > > since the jail would have it's own real ip. That is assuming you added the > guest user to the jail and all the networking/routing is good. > > -- > Adam Even with non-VNET/VIMAGE a jail can have it's own IP and you can ssh directly into it. For a standard /etc/jail.conf configuration I think you need to add the IP to the host as an alias, for iocage it does that for you. -- Emmanuel Vadot <manu@bidouilliste.com> <manu@freebsd.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171019205908.f7062a2a6c70fede16d3cac1>