Xin Li <[email protected]> writes: > a) you have account on *both* jail and host system. > b) you attempted to log in into jail's IP, which is also bound to host > system; > c) your configuration didn't explicitly specify SSH's listening > address on host, so it's a wildcard (Listen 22 instead of Listen > hostip:22, where you can see in sockstat -4l as *:22 for sshd). > d) when jail is shut down, when you connect to the jail's IP, you > connected into the host.
I would like to point out that if you follow the documented procedure for configuring and managing jails, the jail's IP goes away when the jail shuts down. This has been the case since at least 8.x using the old-style rc.conf variables (jail_foo_interface, jail_foo_ip), and it is still the case in 10.0 using the new-style jail.conf. DES -- Dag-Erling Smørgrav - [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
