[Semibug] sshd configuration for Jails questions

Mike Wayne semibug15 at post.wayne47.com
Wed Jan 25 23:54:09 EST 2023

On Wed, Jan 25, 2023 at 04:52:36PM -0500, Mark Moellering wrote:
> Question.  I am configuring a server , the ip address comes from DHCP but I
> want to run jails, which means restricting the IP Addresses sshd listens on.

Need a little more info here.

Are you trying to ssh to the host or a jail on the host?

If a jail, are you using private IP space?

If the host, it should "just work" by default and you can add
firewalls and/or disable it on the jails as desired.

> Of course, I can use a non-standard port but not sure I want that either

Consider NAT.

> P.S. Michael Lucas appears to not have addressed this in his book about
> Jails  ;-)

   There's a LOT of really important things missing from that jail
   book.  It needed another bunch of reviews and at LEAST 6 more
   months to get the rest of the information in there. And I've had
   discussions with several of the jails guys and came away thinking
   they worked for Apple ("why would you want to do THAT?").

More information about the Semibug mailing list