DaemonForums  

Go Back   DaemonForums > Miscellaneous > Off-Topic

Off-Topic Everything else.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 23rd May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default Using multiple BSDs: How have you implemented them?

Since it is still not completely finished- see the mailing lists for more information- I decided to use the FreeBSD G3 and an OpenBSD i386 install together. The G3 acts a s a viewer/thinclient and the P4/i386 acts as a server. I haven't quite gotten the ssh and X11 forwarding setup.
What ways did you setup different BSDs to work together?

Last edited by Mr-Biscuit; 23rd May 2010 at 06:30 PM. Reason: Spelling.
Reply With Quote
  #2   (View Single Post)  
Old 24th May 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

It should be no problem getting X11, OpenSSH, and most other programs working together with various operating systems (Including FreeBSD & OpenBSD).

Xorg is still Xorg no matter what OS it runs, the same applies to OpenSSH and most other applications. While details, versions, and default configurations may be different, it is conceptually the same.

If you want a more specific answer regarding your X11 forwarding: Ask a more specific question
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #3   (View Single Post)  
Old 25th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

Right now, I'm at the "I don't understand this quite enough" point.
OpenSSH is at the point of not exporting keys properly.
X11 forwarding is at the point- A strange way to be.- of which .Xauth and how?

I've kept the experimenting on the FreeBSD x86 install with the host and jail.
(The fear that a clusterf* will ensue- by reason of me- is enough for me not to want to mess up the G3 or the OpenBSD install.)

What I'd like is SSH with X11 forwarding- and maybe on another display; but, what I'd settle for- and am right now- is the VNC setup.

Last edited by Mr-Biscuit; 9th July 2010 at 01:13 PM.
Reply With Quote
  #4   (View Single Post)  
Old 26th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I have setup an rsa key on the openbsd machine and will setup another on the G3 later.
Here are the questions:
It's a LAN behind the router and the machines have an assigned IP address.

Do I need to use a command such as scp to the name of the machine or to the assigned IP?

Let me know what work I need to show.
Reply With Quote
  #5   (View Single Post)  
Old 26th May 2010
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by Mr-Biscuit View Post
Do I need to use a command such as scp to the name of the machine or to the assigned IP?
If you want to copy files between machines using hostnames, then you will need to set up DNS or set the appropriate entries in the hosts(5) file. And if you think about it, what DNS (or the hosts(5) file) is doing is figuring out what IP address matches the specified hostname.

Otherwise, you can specify each machine by IP address when copying files about.
Reply With Quote
  #6   (View Single Post)  
Old 28th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I get the following error:

Code:
debug1: Roaming not allowed by server
It then refuses to connect.

On both machines I have set: port to a higher number, user only has ssh access, X11 is forwarded.
Reply With Quote
  #7   (View Single Post)  
Old 29th May 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Did you set up both the ~/.ssh/authorized_hosts and ~/.ssh/id_rsa (Your public and private key) on both machines?
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #8   (View Single Post)  
Old 29th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

Yes.
Reply With Quote
  #9   (View Single Post)  
Old 29th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I've exported the key from Open to Free.

Code:
$ ssh -p 2442 -Y moleque@192.168.1.3
Permission denied (publickey,keyboard-interactive).
Reply With Quote
Old 31st May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I'm having a problem with host key importing/exporting.

Code:
$ uname -a
FreeBSD tima.tiza 9.0-20100418-SNAP FreeBSD 9.0-20100418-SNAP #0: Sun Apr 18 06:51:02 UTC 2010     root@dynode.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC  powerpc
$ ssh -Y -p 2442 moleque@192.168.1.3
The authenticity of host '[192.168.1.3]:2442 ([192.168.1.3]:2442)' can't be established.
DSA key fingerprint is bd:7c:29:4e:48:df:01:01:46:75:68:fb:fb:2a:90:07.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.1.3]:2442' (DSA) to the list of known hosts.
Permission denied (publickey,keyboard-interactive).
$ ssh -Y -p 2442 moleque@192.168.1.3
Permission denied (publickey,keyboard-interactive).
$

Code:
$ pwd
/home/moleque/.ssh
$ uname -a
OpenBSD moo.my.domain 4.6 GENERIC#58 i386
$ ls
authorized_keys     id_dsa.pub          id_rsa.pub          moleque@192.168.1.5
id_dsa              id_rsa              known_hosts
$


Code:
$ pwd
/home/moleque/.ssh
$ uname -a
FreeBSD tima.tiza 9.0-20100418-SNAP FreeBSD 9.0-20100418-SNAP #0: Sun Apr 18 06:51:02 UTC 2010     root@dynode.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC  powerpc
$ ls
known_hosts		moleque@192.168.1.3
$
I'm putting the information down because something is escaping me.

Last edited by Mr-Biscuit; 31st May 2010 at 03:21 AM.
Reply With Quote
Old 31st May 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

Quote:
Originally Posted by Mr-Biscuit View Post
Code:
$ pwd
/home/moleque/.ssh
$ uname -a
OpenBSD moo.my.domain 4.6 GENERIC#58 i386
$ ls
authorized_keys     id_dsa.pub          id_rsa.pub          moleque@192.168.1.5
id_dsa              id_rsa              known_hosts
$
Code:
$ pwd
/home/moleque/.ssh
$ uname -a
FreeBSD tima.tiza 9.0-20100418-SNAP FreeBSD 9.0-20100418-SNAP #0: Sun Apr 18 06:51:02 UTC 2010     root@dynode.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC  powerpc
$ ls
known_hosts		moleque@192.168.1.3
$
I'm putting the information down because something is escaping me.
I could be wrong but IMHO you probably have copied the keys with
Code:
$ scp id_dsa.pub moleque@192.168.1.3
That creates a local copy of the id_dsa.pub file with the name of moleque@192.168.1.3

In http://www.daemonforums.org/showthread.php?t=1758 I give a correct way to append a public key file to the .authorized_keys file.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 31st May 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Quote:
debug1: Offering public key: /home/moleque/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/moleque/.ssh/id_dsa
This would seem to indicate that your key is not being accepted for some reason.

Do you want to use a RSA or DSA key? You have both, choose one and remove the other, it will serve no puropse other then make things more complicated.

Are your authorized_hosts and id_rsa/id_dsa (As mentioned above, choose one) *exactly* the same? Check with md5 to be sure.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 31st May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

Code:
# /usr/sbin/sshd -d -d -d
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 295
debug2: parse_server_config: config /etc/ssh/sshd_config len 295
debug3: /etc/ssh/sshd_config:11 setting Port 2442
debug3: /etc/ssh/sshd_config:19 setting Protocol 2
debug3: /etc/ssh/sshd_config:39 setting PermitRootLogin no
debug3: /etc/ssh/sshd_config:59 setting PasswordAuthentication no 
debug3: /etc/ssh/sshd_config:78 setting X11Forwarding yes 
debug3: /etc/ssh/sshd_config:79 setting X11DisplayOffset 100
debug3: /etc/ssh/sshd_config:80 setting X11UseLocalhost yes
debug3: /etc/ssh/sshd_config:90 setting UseDNS no 
debug3: /etc/ssh/sshd_config:100 setting Subsystem sftp	/usr/libexec/sftp-server
debug3: /etc/ssh/sshd_config:107 setting AllowUsers moleque
debug1: sshd version OpenSSH_5.3
Could not load host key: /etc/ssh/ssh_host_rsa_key
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Could not load host key: /etc/ssh/ssh_host_dsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
I've recreated the keys a few times.
I'm wondering, what is it that I am skipping over?
Reply With Quote
Old 1st June 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Did you verify that both keys are the same as I mentioned before? I know you *think* they are the same, but that is not the same as *knowing*.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 1st June 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

No. They don't match.
Reply With Quote
Old 1st June 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I'm getting the same result after following J65nko's howto.

The power here has gone out twice; so, I have no idea what the set of commands were to setup login from X.5 to X.3.

Edit: the problem is in the OpenBSD conf files.



Now, how do I disable the keyboard and publickey checking?

The /etc/ssh/Known_hosts file on the OpenBSD is empty while the G3 has the host, port, and key.

Last edited by Mr-Biscuit; 1st June 2010 at 07:55 AM.
Reply With Quote
Old 1st June 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Quote:
No. They don't match.
Right, so for some reason something went wrong while copying the files.

I would take the easy way out: Copy the files to a USB drive, floppy disk, whatever, and copy them that way.
Make sure you copy right *right* private/public keys.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 2nd June 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I have the FreeBSD to FreeBSD ssh setup going good.
I still need to see what went wrong with the FreeBSD to OpenBSD login.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
New BSD magazine issue: "BSDs as Servers" wesley News 0 1st February 2010 12:31 PM
Putting Free/Net/Open - BSDs on one HDD alpopa NetBSD Installation and Upgrading 6 23rd December 2008 08:16 PM
Using multiple gateways ivanatora FreeBSD General 7 15th November 2008 06:57 PM
Multiple VPN rondynames OpenBSD General 5 24th July 2008 11:51 AM


All times are GMT. The time now is 09:02 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick