I've been running lots of FreeBSD jails on various servers I maintain, and one thing I've noticed is that using
scp from inside a jail often results in the error:
Host key verification failed. A little Google searching turns up this explanation, that the problem is caused when you
jexec into the jail instead of logging in normally through SSH.
I often run the jails in a pretty minimal way and don't really want to run
sshd in them, and fortunately the problem can be worked around somewhat. Apparently the
Host key verification failed. error is caused when SSH is unable to show you this type of prompt:
The authenticity of host 'foobar.edu' can't be established. DSA key fingerprint is 7c:ac:b0:da:be:3c:c2:00:00:00:00:ce:db:fb:49:77. Are you sure you want to continue connecting (yes/no)?
when connecting to a host you haven't connected to before. All you have to do to get around this is manually add a line to the jail's
~/.ssh/known_hosts for the server you're trying to connect to, probably by copying one from a
known_hosts on another box or outside the jail.
Once past that, you may find that SSH is still unhappy in the jail if you don't have publickey authentication setup with the server you're trying to connect to, with an error like:
Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,password).
Fixing that is just a matter of generating or copying a private/public key pair into the jail's
~/.ssh directory, and putting the public key on the server you're connecting to.