I need your help for solving an SSH+FreeBSD+jails authentication issue.
I've (almost) successfully set up a jailed environment on my FreeBSD 8.2 box.
My FreeBSD host has 2 network interfaces: 192.168.1.41/24 (regular network) and 172.16.100.41/24 (admin network).
Its one and only jail is configured to listen on both 192.168.1.101 and 172.16.100.101 IP addresses. I have configured sshd in the jail to listen on the admin interface only (that is, 172.16.100.101).
Everything described above works, but what I can't do is, connecting to the jail via SSH from the host (being logged as root on the host). After accepting the public key, I'm asked for a password (which I believe is root's password), and after 3 attempts, I always get the message "Permission denied (publickey,keyboard-interactive)".
The same message is logged in the jail's /var/log/auth.log.
The following commands all yield the same result:
ssh 172.16.100.101
ssh root@172.16.100.101
ssh -l root 172.16.100.101
I'm expecting the jail's root password to be the same as my host's root password, right?
What am I missing? Or where should I be looking for more hints?
Thanks for your help!
Best Answer
You should confirm that the password set correctly by either manually copying the files in as Robert Novak suggests, or login to the jail with
jexec ${jailID} /bin/tcshandpasswd(you can usejlsto find out the jail ID).Also, verify that
PermitRootLogin yesin/etc/ssh/sshd_config.EDIT: After you edit or copy
/etc/master.passwd, you need to run/usr/sbin/pwd_mkdb -p /etc/master.passwdto tell FreeBSD to remake the binaries based on the new file(s).