| Click here to select a new forum. |
| OpenBSD @ SE/30 => no SSH login? |
Posted by: sbreit on 2012-06-13 06:25:28
Hi there!
Maybe one of you guys might have an idea about this:
I've installed OpenBSD 5.1 to my SE/30. Works OK except for the fact that I can't SSH to the box. Making SSH connections from the SE/30 to other machines on the other hand works just fine.
This is what the client sees:
debug2: mac_setup: found hmac-md5-96
debug1: kex: server->client aes128-ctr hmac-md5-96 none
debug2: mac_setup: found hmac-md5-96
debug1: kex: client->server aes128-ctr hmac-md5-96 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 125/256
debug2: bits set: 520/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY and then fails.
The server will log the incoming connection and then after a few minutes prints "Timeout before authentication".
I already tried "Ciphers none" and "MACs hmac-md5-96" and also SSH protocol version 1 without much success. xx(
Any other hints?
Regards
Steffen
|
Posted by: ChristTrekker on 2012-06-13 06:39:24
May be a stupid question, but is the ssh daemon running? If the SE30 isn't listening, nothing's ever going to connect to it.
|
Posted by: sbreit on 2012-06-13 07:45:10
May be a stupid question, but is the ssh daemon running? If the SE30 isn't listening, nothing's ever going to connect to it. If it wasn't running, the client would exit with "ssh: connect to host $hostname port 22: Connection refused" rather than starting to negotiate the key exhange. 😉
Oh, and the sever wouldn't log anything SSH-wise, would it? 😀
|
Posted by: Charlieman on 2012-06-13 13:43:58
Err, enable verbose logging on the SE/30 if possible. Then talk to the devs -- in the bug report, identify model and OpenBSD version.
|
Posted by: sbreit on 2012-06-14 00:14:45
Err, enable verbose logging on the SE/30 if possible. Then talk to the devs -- in the bug report, identify model and OpenBSD version. I already raised the loglevel for the sshd to DEBUG3. As the standard log facility is the AUTH log, I suppose I should be able to see everything in the auth log, which kind of isn't verbose at all :?:
Is there an other log (given that I didn't change the log facilities/log file locations) that I should look into?
|
Posted by: sbreit on 2012-06-16 03:12:29
Solved it. :beige:
The logging facility was correct, but the syslog configuration wasn't. I had to change the /etc/syslog.conf line
auth.info /var/log/authlog
to
auth.* /var/log/authlog
to get the debug level messages.
On the server, I always got something like
sshd[17111]: fatal: Timeout before authentication for 192.168.23.26
in the log file. This timeout was cased by the LoginGraceTime parameter in the sshd_config. I set that to 10m now and voila: I can ssh to my Mac! ;D
It, quite obviously, tages ages to log in, tough 😉
|
| 1 |