SOLVED SSH to jail not working

[der.roedler]

Hi, I want to have a personal git server and created a Jail for that, no I want/need SSH for that.
I created a second User in the Jail, which is a member oft the wheel group. Also I set sshd_enable to yes in the /etc/rc.conf file.
Why does this not work?

 

[der.roedler]

I also restarted the Jail and the service multiple times...

 

[dlavigne]

What exact error do you get?

Also, any related entries in /var/log/messages or /var/log/auth.log?

 

[der.roedler]

I will just dump it here:

/var/log/messages:

Code:

May 16 13:25:31 Git newsyslog[27941]: logfile first created
May 16 13:25:31 Git syslogd: kernel boot file is /boot/kernel/kernel
May 16 13:51:23 Git pkg: pkg upgraded: 1.10.1 -> 1.10.5_1
May 16 13:51:35 Git pkg: nano-2.9.6 installed
May 16 13:52:20 Git sshd[30470]: error: Bind to port 22 on 2003:5f:6e23:a900:: failed: Can't assign requested address.
May 16 13:52:20 Git sshd[30470]: fatal: Cannot bind any address.
May 16 13:53:47 Git dhclient[26884]: connection closed
May 16 13:53:47 Git dhclient[26884]: exiting.
May 16 13:53:55 Git syslogd: kernel boot file is /boot/kernel/kernel
May 16 13:53:55 Git sshd[32911]: error: Bind to port 22 on 2003:5f:6e23:a900:: failed: Can't assign requested address.
May 16 13:53:55 Git sshd[32911]: fatal: Cannot bind any address.
May 16 13:56:42 Git sshd[33300]: error: Bind to port 22 on 2003:5f:6e23:a900:: failed: Can't assign requested address.
May 16 13:56:42 Git sshd[33300]: fatal: Cannot bind any address.
May 16 14:05:24 Git sshd[34269]: error: Bind to port 22 on 2003:5f:6e23:a900:: failed: Can't assign requested address.
May 16 14:05:24 Git sshd[34269]: fatal: Cannot bind any address.

/var/log/auth.log:

Code:

May 16 13:25:31 Git newsyslog[27941]: logfile first created
May 16 13:52:20 Git sshd[30470]: error: Bind to port 22 on 2003:5f:6e23:a900:: failed: Can't assign requested address.
May 16 13:52:20 Git sshd[30470]: fatal: Cannot bind any address.
May 16 13:53:55 Git sshd[32911]: error: Bind to port 22 on 2003:5f:6e23:a900:: failed: Can't assign requested address.
May 16 13:53:55 Git sshd[32911]: fatal: Cannot bind any address.
May 16 13:56:42 Git sshd[33300]: error: Bind to port 22 on 2003:5f:6e23:a900:: failed: Can't assign requested address.
May 16 13:56:42 Git sshd[33300]: fatal: Cannot bind any address.
May 16 14:05:24 Git sshd[34269]: error: Bind to port 22 on 2003:5f:6e23:a900:: failed: Can't assign requested address.
May 16 14:05:24 Git sshd[34269]: fatal: Cannot bind any address.

 

[sretalla]

Looks like you have no IP address...

Can you send the output of ifconfig from within the jail?

 

[der.roedler]

I have set up the Jail as DHCP.
ifconfig:

Code:

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
		options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
		inet6 ::1 prefixlen 128
		inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
		inet 127.0.0.1 netmask 0xff000000
		nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
		groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=8<VLAN_MTU>
		ether da:40:b7:ff:30:be
		inet 192.168.188.103 netmask 0xffffff00 broadcast 192.168.188.255
		inet6 2003:5f:6e23:a900:: prefixlen 64 tentative
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
		status: active
		groups: epair

 

[sretalla]

OK, nothing seems wrong there... how about ifconfig on the FreeNAS host system?

 

[der.roedler]

I also had done a Port scan from the Jail and no Ports are Open, Maybye that could help?
ifconfig of host:

Code:

re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
		ether 70:85:c2:4f:85:eb
		hwaddr 70:85:c2:4f:85:eb
		inet6 fe80::7285:c2ff:fe4f:85eb%re0 prefixlen 64 scopeid 0x1
		inet6 2003:5f:6e4a:2a00:7285:c2ff:fe4f:85eb prefixlen 64 autoconf
		inet 192.168.188.84 netmask 0xffffff00 broadcast 192.168.188.255
		nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
		options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
		inet6 ::1 prefixlen 128
		inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
		inet 127.0.0.1 netmask 0xff000000
		nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
		groups: lo
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		ether 02:e6:2b:08:35:00
		nd6 options=1<PERFORMNUD>
		groups: bridge
		id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
		maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
		root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
		member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
				ifmaxaddr 0 port 4 priority 128 path cost 2000
		member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
				ifmaxaddr 0 port 1 priority 128 path cost 55
epair0a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=8<VLAN_MTU>
		ether 02:af:50:00:04:0a
		hwaddr 02:af:50:00:04:0a
		nd6 options=1<PERFORMNUD>
		media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
		status: active
		groups: epair

 

[m0nkey_]

Update your sshd_config to use ListenAddress 0.0.0.0 and remove ListenAddress ::.

 

[der.roedler]

Now it works, Tanks!
Can you explain me what that does?

 

[sretalla]

Now it works, Tanks!
Can you explain me what that does?

ListenAddress 0.0.0.0 tells the service to listen on all IPv4 addresses on the server (in this case in the jail).
Removing ListenAddress :: stops the service from listening on IPv6