ssh connect and jails

L

latinu

Hello everyone! can anyone help me with the following problem i have.

I have two jails with Ubuntu and Alpine Linux, everything works fine, but I can't ssh into them.
In other jail with FreeBSD I can connect

I will mention that the ssh service is started, but it doesn't work when I try: ssh user@<IP>
 
Firewalls? And what kind of error do you get? A "connection refused" or "connection timed-out"?

How are the jails set up? Do they have their own IPs? How are they connected?
 
SirDice said:
Firewalls? And what kind of error do you get? A "connection refused" or "connection timed-out"?

How are the jails set up? Do they have their own IPs? How are they connected?
Click to expand...

SirDice those are my settings for jails and firewall

Code: 
florin@acasa:~ $ cat /etc/pf.conf
ext_if="wlan0"

virt_net="10.0.0.0/24"

scrub all

nat on $ext_if from $virt_net to any -> ($ext_if)

pass log all

florin@acasa:~ $ cat /etc/jail.conf

ubuntu {
        host.hostname = "ubuntu";
        ip4.addr = 'tap1|10.0.0.5';
        allow.raw_sockets;
        path = /home/florin/jail/ubuntu;
        persist;

        mount.devfs;
        mount.fstab = /home/florin/jail/ubuntu/etc/fstab.ubuntu;

        allow.mount;
        allow.mount.devfs;
}
fbsd {
    host.hostname = bsdjail;
    ip4.addr = 'tap1|10.0.0.6';  
    allow.raw_sockets;                 # IP address of the jail
    path = "/home/florin/jail/fbsd";                    # Path to the jail
    mount.devfs;                               # Mount devfs inside the jail
    exec.start = "/bin/sh /etc/rc";            # Start command
    exec.stop = "/bin/sh /etc/rc.shutdown";    # Stop command
}

alpine {
        host.hostname = "alpine";
        ip4.addr = 'tap1|10.0.0.7';
        allow.raw_sockets;
        path = /home/florin/jail/alpine;
        persist;

        mount.devfs;
        mount.fstab = /home/florin/jail/alpine/etc/fstab.alpine;

        allow.mount;
        allow.mount.devfs;
}
 
Ok, that looks good at quick glance. Why tap1 though? I would have bound them to lo1.

latinu said:
but I can't ssh into them.
Click to expand...
From the host itself or from somewhere else on the network? From the host you should be able to connect to the .5, .6 and .7 addresses. That won't work from outside that host though. You will need to forward ports because of the NAT.
 
You must log in or register to reply here.
Back
Top