DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 27th March 2010
pico pico is offline
Real Name: Pico
Complete openbsd beginner
 
Join Date: Mar 2010
Location: Scotland
Posts: 19
Thanked 0 Times in 0 Posts
Default Introduction plus SSH login hang question.

Hello ladies and gents,

Im an engineer and it has is becoming apparent that in my in undustry web servers are becoming more necessary for every day use. I have therefore taken on the duty of learning an OS. Having looked around and various flavours of linux etc I have opted to go for Openbsd. The reason being security and the fact that you have to get your hands dirty in order to get things running smoothly and as you want. At the moment I'm reading through the ABSOLUTE OPENBSD book by Michael W Lucas and it's great. I have been looking around for a forum that covers bsd and this seems to fit the bill. There seem to be some very knowledgable characters around and I'm sure If I had the knowledge they did I too would help fledgling users such as myself.

My reason for the post is to introduce myself and let you know what I have done so far having started to study the anatomy of the file structure etc. It really is a baptism of fire for myself and trial and error seem to be the call of the day at the moment. That is until I pick up some second nature command line skills. Please forgive my newbie way of explanations below as I do not work in the industry and only have to pick the slang terms up in time.

Anyway I have

Installed Openbsd 4.6 on an old optiplex gx110 at home it is old but for all intense and purposes I think it is powerful enough for my needs at home.

My topoglogy is as follows

External Firewall (192.168.1.254) - 24port switch - Internal lan (192.168.1.x)
The External firewall acts as a dhcp server for internal lan clients including my bsd box (initially).

Now I have fixed the IP address in bsd with the

/etc/hostname.xl0
inet 192.168.1.64 255.255.255.0 NONE

and set

/etc/mygate
192.168.1.254


I have also changed the default ssh port to 1234 using the /etc/ssh/sshd_config file the computer will not be exposed to the outside world until I'm absolutely sure the box is secure. This will be done using pf but I'm a way off that yet.

Over the last couple of evening I have been using vi for editing although I have installed nano and find it a little easier for the newb that I am.

-----------------------------------------------------

The reason I have been prompted to join a forum is I have an alterior motive (here it comes).

Over the last day or so I have logged into ssh and after typing tin the username and pressing return the command prompt will hang for about 1 minutes then ask for the password. Having typed the password I can the login and get on with whatever it is I wish to do.

My first quaetion would be does anyone have an idea as to why the system would hang like this.

All other scripts are in a default state untouched.

Thanks people

Pico

--------------------

Print out of /var/run/dmesg.boot

OpenBSD 4.6 (GENERIC) #58: Thu Jul 9 21:24:42 MDT 2009
deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III ("GenuineIntel" 686-class) 665 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MC A,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem = 132399104 (126MB)
avail mem = 119201792 (113MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/18/00, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf0450 (58 entries)
bios0: vendor Dell Computer Corporation version "A05" date 09/18/2000
bios0: Dell Computer Corporation OptiPlex GX110
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf0000/0x10000
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfbc40/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82371AB PIIX4 ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0x8000 0xc8000/0x8000
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82810E Host" rev 0x03
vga1 at pci0 dev 1 function 0 "Intel 82810E Video" rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xf8000000, size 0x4000000
ppb0 at pci0 dev 30 function 0 "Intel 82801AA Hub-to-PCI" rev 0x02
pci1 at ppb0 bus 1
rl0 at pci1 dev 8 function 0 "Realtek 8139" rev 0x10: irq 10, address 00:30:bd:07:90:af
rlphy0 at rl0 phy 0: RTL internal PHY
xl0 at pci1 dev 12 function 0 "3Com 3c905C 100Base-TX" rev 0x78: irq 5, address 00:b0:d0:b9:25:e7
bmtphy0 at xl0 phy 24: 3C905C internal PHY, rev. 7
ichpcib0 at pci0 dev 31 function 0 "Intel 82801AA LPC" rev 0x02: 24-bit timer at 3579545Hz
pciide0 at pci0 dev 31 function 1 "Intel 82801AA IDE" rev 0x02: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <Maxtor 6E040L0>
wd0: 16-sector PIO, LBA, 39205MB, 80293248 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <SAMSUNG, CD-ROM SC-148C, C002> ATAPI 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
uhci0 at pci0 dev 31 function 2 "Intel 82801AA USB" rev 0x02: irq 11
ichiic0 at pci0 dev 31 function 3 "Intel 82801AA SMBus" rev 0x02: SMBus disabled
auich0 at pci0 dev 31 function 5 "Intel 82801AA AC97" rev 0x02: irq 10, ICH AC97
ac97: codec id 0x41445348 (Analog Devices AD1881A)
ac97: codec features headphone, Analog Devices Phat Stereo
audio0 at auich0
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 "Intel UHCI root hub" rev 1.00/1.00 addr 1
biomask fb45 netmask ff65 ttymask ffff
mtrr: Pentium Pro MTRR support
softraid0 at root
root on wd0a swap on wd0b dump on wd0b

/var/log/authlog

Mar 27 07:24:38 pico sshd[9094]: Server listening on :: port 1234.
Mar 27 07:24:38 pico sshd[9094]: Server listening on 0.0.0.0 port 1234.
Mar 27 07:59:58 pico sshd[24941]: Accepted password for pico from 192.168.1.78 port 1536 ssh2
Mar 27 08:00:14 pico su: pico to root on /dev/ttyp0
Mar 27 08:11:02 pico sshd[8614]: Server listening on :: port 1234.
Mar 27 08:11:02 pico sshd[8614]: Server listening on 0.0.0.0 port 1234.
Mar 27 08:29:25 pico sshd[20526]: Accepted password for pico from 192.168.1.78 port 1771 ssh2
Mar 27 08:30:20 pico su: pico to root on /dev/ttyp0
Mar 27 08:51:02 pico sshd[8287]: Server listening on :: port 1234.
Mar 27 08:51:02 pico sshd[8287]: Server listening on 0.0.0.0 port 1234.
Mar 27 08:54:50 pico su: pico to root on /dev/ttyC0
Mar 27 08:56:57 pico sshd[11891]: Server listening on :: port 1234.
Mar 27 08:56:57 pico sshd[11891]: Server listening on 0.0.0.0 port 1234.
Mar 27 09:03:39 pico sshd[17745]: Accepted password for pico from 192.168.1.78 port 1858 ssh2
Mar 27 09:03:52 pico su: pico to root on /dev/ttyp0

/var/log/daemon (sorry dont know what this file does yet thought I would put it up anyway)

Mar 23 19:09:28 pico savecore: no core dump
Mar 23 21:24:28 pico savecore: no core dump
Mar 23 22:12:12 pico savecore: no core dump
Mar 23 21:18:22 pico savecore: no core dump
Mar 24 18:13:19 pico savecore: no core dump
Mar 24 18:41:13 pico savecore: no core dump
Mar 25 19:30:00 pico savecore: no core dump
Mar 25 19:33:02 pico savecore: no core dump
Mar 25 21:42:52 pico savecore: no core dump
Mar 26 06:49:23 pico savecore: no core dump
Mar 26 19:48:04 pico savecore: no core dump
Mar 26 19:52:12 pico savecore: no core dump
Mar 26 20:47:06 pico savecore: no core dump
Mar 27 07:24:36 pico savecore: no core dump
Mar 27 08:11:00 pico savecore: no core dump
Mar 27 08:51:00 pico savecore: no core dump
Mar 27 08:56:55 pico savecore: no core dump

# ifconfig

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33200
priority: 0
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
rl0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:30:bd:07:90:af
priority: 0
media: Ethernet autoselect
status: no carrier
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:b0:d0:b9:25:e7
priority: 0
groups: egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.1.64 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::2b0:d0ff:feb9:25e7%xl0 prefixlen 64 scopeid 0x2
enc0: flags=0<> mtu 1536
priority: 0
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33200
priority: 0
groups: pflog
#
Reply With Quote
  #2   (View Single Post)  
Old 27th March 2010
pico pico is offline
Real Name: Pico
Complete openbsd beginner
 
Join Date: Mar 2010
Location: Scotland
Posts: 19
Thanked 0 Times in 0 Posts
Default Ok a little further

I'm sure this will engage someone into slapping some sense into me.

I have been playing around a little and it appears that if I put my hostname file into dhcp rather than fixed the ssh login is fluent. When I put it back to my config above it halts on login. I'm sure this is basic so any ideas would be greatly appreciated.

Below is my dhcp info above is my fixed info (maybe my fixed info has something incorrect).


# dhclient xl0
DHCPDISCOVER on xl0 to 255.255.255.255 port 67 interval 1
DHCPOFFER from 192.168.1.254 (00:19:e4:a2:74:29)
DHCPREQUEST on xl0 to 255.255.255.255 port 67
DHCPACK from 192.168.1.254 (00:19:e4:a2:74:29)
bound to 192.168.1.64 -- renewal in 43200 seconds.
#

# ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33200
priority: 0
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
rl0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:30:bd:07:90:af
priority: 0
media: Ethernet autoselect
status: no carrier
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:b0:d0:b9:25:e7
priority: 0
groups: egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::2b0:d0ff:feb9:25e7%xl0 prefixlen 64 scopeid 0x2
inet 192.168.1.64 netmask 0xffffff00 broadcast 192.168.1.255
enc0: flags=0<> mtu 1536
priority: 0
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33200
priority: 0
groups: pflog

Cheers

Pico
Reply With Quote
  #3   (View Single Post)  
Old 27th March 2010
pico pico is offline
Real Name: Pico
Complete openbsd beginner
 
Join Date: Mar 2010
Location: Scotland
Posts: 19
Thanked 0 Times in 0 Posts
Talking Fixed it myself

After going through /etc/ with a fine toothed comb I found out it was my

/etc/resolv.conf

I had the name server set to a bogus ip address rather than the firewalls address.

Changed it to the correct on and shazam one working ssh with no hang ups.

I'm happy how far I have got with this system.

Now on to apache I suspect I have a lot of reading to do in order to make sure I have security sewn up although ny default from reading it looks pretty good.

Cheers

Pico
Reply With Quote
  #4   (View Single Post)  
Old 27th March 2010
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Welcome to the forums,

You were definitely on the right track, sshd was blocking while doing reverse DNS lookups.. you can disable it outright in /etc/ssh/sshd_config, by setting UseDNS to no.

As for the difficulty with vi(1), you may have better luck using mg(1).. which is an emacs clone, but ultimately it's worth learning how to use vi.

Good luck.
Reply With Quote
  #5   (View Single Post)  
Old 28th March 2010
pico pico is offline
Real Name: Pico
Complete openbsd beginner
 
Join Date: Mar 2010
Location: Scotland
Posts: 19
Thanked 0 Times in 0 Posts
Default Thanks for the tip BSDfan666

Thanks for the tip BSDfan666.

I will have a look.

All I can say is I'm loving this Openbsd. I have always toyed around with electrical equipment for years and been on computers in various types.

What I can say for Openbsd is the anatomy of file system is great for a logical breakdown of things.

Now I'm looking into cobbling together a pf rule set and hopefully someone can have a look here and give me the nod as to it's integrity.

Then its on to finding some form of native openbsd intrusion detection system like tripwire nut a openbsd flavour. That is of course unless you people don't think one is necessary. It would be great to have most bases covered and getting an audit trail back to potential compromises would be great (of course this is an art in itself).

So many things to do and my weekend is running out very quickly then it's back to the grind. Damn

What I can say though is if you do this for a living it certainly is a full time job because presumably you would have numerous system all running different OS and all suffering from needed patches etc. It makes my head spin just thinking about it . I take my hat off to you all.

Regards

Pico
Reply With Quote
  #6   (View Single Post)  
Old 28th March 2010
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,888
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by pico View Post
I will have a look.
Recognize that vi(1) is available on virtually all Unix & Unix-like systems. It helps to have some level of fluency.
Quote:
Now I'm looking into cobbling together a pf rule set...
There are essentially four places for finding out information about pf(4):Hansteen also wrote a book based on this manuscript called The Book of PF. pf(4) has undergone a number of changes since the book was released, so staying with the above four sources is a prudent decision.
Quote:
Then its on to finding some form of native openbsd intrusion detection system like tripwire nut a openbsd flavour.
It all depends upon your goals & requirements.
Reply With Quote
  #7   (View Single Post)  
Old 1st April 2010
tetrodozombie tetrodozombie is offline
Real Name: bill slusser
Banned
 
Join Date: Dec 2009
Location: atlanta, ga
Posts: 82
Thanked 1 Time in 1 Post
Default

I just got two new OpenBSD books I wish I had a year ago: 'The Book of PF' and 'Secure Architectures with OpenBSD'. I'd seriously get my hands on these two if you want get up to speed a lot faster and use a secure X configuration and SSh. I have 'Absolute OpenBSD' I love it I read it from cover to cover all the time hoping I remember important facets of the OBSD OS.
Reply With Quote
  #8   (View Single Post)  
Old 2nd April 2010
pico pico is offline
Real Name: Pico
Complete openbsd beginner
 
Join Date: Mar 2010
Location: Scotland
Posts: 19
Thanked 0 Times in 0 Posts
Default

Just got the book of pf tetro very good indeed. I have a bank holiday off now so a little time to read and play. My wife has roped me into digging over the veggie patch though... bummer.

I will look into the secure architectures book sounds good.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
external drive partition question + fdisk question gosha OpenBSD General 15 15th June 2009 02:00 PM
cannot login after installation ccc FreeBSD Installation and Upgrading 3 28th October 2008 11:54 AM
How to set up ssh login cssgalactic FreeBSD General 12 28th June 2008 06:00 PM
Designing BSD Rootkits: An Introduction to Kernel Hacking cajunman4life Book reviews 2 21st June 2008 03:27 PM
Semi-brief introduction to file permissions, BSDfan666 Guides 4 7th June 2008 02:38 PM


All times are GMT. The time now is 06:39 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick