From: Trevor Nichols (tnichols_at_syc.net.au)
Date: Fri 16 Jan 2004 - 01:25:28 GMT
I also had this problem on VSM, which I posted previously about. I spoke
with Herbet on IRC and went through our setup. The conclusion was that
for the setup, the v_sshd scripts was limiting the IP address that any ssh
sessions could bind to (by default).
Using chbind as a prefix to the commands allowed me to get around the
problem and then the problem went away. This is a bit hacky, so in the end
I removed the v_sshd scripts and use the bind option in sshd to correct
it.
Now we have no problems, in an identical manner to Rod. The interesting
thing is getting a sshd running without readily available console access.
:-)
-Trev.
> On Thu, 15 Jan 2004, Darryl Ross wrote:
>
>> Quick question.
>>
>> I'm currently running 2.4.23-vs1.21 on a RH7.3 host and am having the
>> same problem that a few other people have posted about, namely not being
>> able to connect to remote hosts from the host server, but being able to
>> from within a vserver. I'm not sure if a fix has been posted for this
>> yet, but I thought I'd describe the behavior on my system, in case it
>> helps.
>
> Darryl,
>
> I was one of the first to report this problem but it was on a very old
> version of a vserver kernel so it got lost in the new kernel stuff.
>
> After a couple of suggestions concerning sshd and some of the other
> services binding to 0.0.0.0, I configured sshd to bind only to the two IPs
> (on two different cards eth0 and eth1) and restarted sshd. Everything
> started working correctly.
> Since I now only build vservers and the root/main server is only used
> to administratively access the vservers I've got away from using the v_
> scripts completely.
>
> I'm don't know enough to say why a ssh in _would not_ allow so much other
> outbound traffic but from the console it would. Magic is magic. If the
> incantation works I'll use it!
>
>
> Best,
> Rod
> --
> "Open Source Software - You usually get more than you pay for..."
> "Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL"
>
>
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
>
-- Trevor Nichols Network & Systems Administrator Information & Communication Technology Service to Youth Council Inc tnichols_at_syc.net.au _______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver