|
Off-Topic Everything else. |
|
Thread Tools | Display Modes |
|
|||
Using multiple BSDs: How have you implemented them?
Since it is still not completely finished- see the mailing lists for more information- I decided to use the FreeBSD G3 and an OpenBSD i386 install together. The G3 acts a s a viewer/thinclient and the P4/i386 acts as a server. I haven't quite gotten the ssh and X11 forwarding setup.
What ways did you setup different BSDs to work together? Last edited by Mr-Biscuit; 23rd May 2010 at 06:30 PM. Reason: Spelling. |
|
|||
Right now, I'm at the "I don't understand this quite enough" point.
OpenSSH is at the point of not exporting keys properly. X11 forwarding is at the point- A strange way to be.- of which .Xauth and how? I've kept the experimenting on the FreeBSD x86 install with the host and jail. (The fear that a clusterf* will ensue- by reason of me- is enough for me not to want to mess up the G3 or the OpenBSD install.) What I'd like is SSH with X11 forwarding- and maybe on another display; but, what I'd settle for- and am right now- is the VNC setup. Last edited by Mr-Biscuit; 9th July 2010 at 01:13 PM. |
|
|||
I have setup an rsa key on the openbsd machine and will setup another on the G3 later.
Here are the questions: It's a LAN behind the router and the machines have an assigned IP address. Do I need to use a command such as scp to the name of the machine or to the assigned IP? Let me know what work I need to show. |
|
|||
Quote:
Otherwise, you can specify each machine by IP address when copying files about. |
|
|||
I get the following error:
Code:
debug1: Roaming not allowed by server On both machines I have set: port to a higher number, user only has ssh access, X11 is forwarded. |
|
|||
Code:
debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: CANT_MAKE_TOO_MANY_WAVES debug1: Next authentication method: publickey debug1: Trying private key: /home/moleque/.ssh/identity debug1: Offering public key: /home/moleque/.ssh/id_rsa debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /home/moleque/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive Password: debug1: Authentications that can continue: publickey,keyboard-interactive Password: debug1: Authentications that can continue: publickey,keyboard-interactive Password: debug1: Authentications that can continue: publickey,keyboard-interactive debug1: No more authentication methods to try. Permission denied (publickey,keyboard-interactive). $ Last edited by Mr-Biscuit; 9th July 2010 at 01:14 PM. |
|
|||
OK. I'm able to ssh from OpenBSD to FreeBSD but not the other way around.
|
|
||||
Did you set up both the ~/.ssh/authorized_hosts and ~/.ssh/id_rsa (Your public and private key) on both machines?
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
Yes.
|
|
|||
I've exported the key from Open to Free.
Code:
$ ssh -p 2442 -Y moleque@192.168.1.3 Permission denied (publickey,keyboard-interactive). |
|
|||
I'm having a problem with host key importing/exporting.
Code:
$ uname -a FreeBSD tima.tiza 9.0-20100418-SNAP FreeBSD 9.0-20100418-SNAP #0: Sun Apr 18 06:51:02 UTC 2010 root@dynode.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC powerpc $ ssh -Y -p 2442 moleque@192.168.1.3 The authenticity of host '[192.168.1.3]:2442 ([192.168.1.3]:2442)' can't be established. DSA key fingerprint is bd:7c:29:4e:48:df:01:01:46:75:68:fb:fb:2a:90:07. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.1.3]:2442' (DSA) to the list of known hosts. Permission denied (publickey,keyboard-interactive). $ ssh -Y -p 2442 moleque@192.168.1.3 Permission denied (publickey,keyboard-interactive). $ Code:
$ pwd /home/moleque/.ssh $ uname -a OpenBSD moo.my.domain 4.6 GENERIC#58 i386 $ ls authorized_keys id_dsa.pub id_rsa.pub moleque@192.168.1.5 id_dsa id_rsa known_hosts $ Code:
$ pwd /home/moleque/.ssh $ uname -a FreeBSD tima.tiza 9.0-20100418-SNAP FreeBSD 9.0-20100418-SNAP #0: Sun Apr 18 06:51:02 UTC 2010 root@dynode.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC powerpc $ ls known_hosts moleque@192.168.1.3 $ Last edited by Mr-Biscuit; 31st May 2010 at 03:21 AM. |
|
||||
Quote:
Do you want to use a RSA or DSA key? You have both, choose one and remove the other, it will serve no puropse other then make things more complicated. Are your authorized_hosts and id_rsa/id_dsa (As mentioned above, choose one) *exactly* the same? Check with md5 to be sure.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
Code:
# /usr/sbin/sshd -d -d -d debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 295 debug2: parse_server_config: config /etc/ssh/sshd_config len 295 debug3: /etc/ssh/sshd_config:11 setting Port 2442 debug3: /etc/ssh/sshd_config:19 setting Protocol 2 debug3: /etc/ssh/sshd_config:39 setting PermitRootLogin no debug3: /etc/ssh/sshd_config:59 setting PasswordAuthentication no debug3: /etc/ssh/sshd_config:78 setting X11Forwarding yes debug3: /etc/ssh/sshd_config:79 setting X11DisplayOffset 100 debug3: /etc/ssh/sshd_config:80 setting X11UseLocalhost yes debug3: /etc/ssh/sshd_config:90 setting UseDNS no debug3: /etc/ssh/sshd_config:100 setting Subsystem sftp /usr/libexec/sftp-server debug3: /etc/ssh/sshd_config:107 setting AllowUsers moleque debug1: sshd version OpenSSH_5.3 Could not load host key: /etc/ssh/ssh_host_rsa_key debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key. debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> Could not load host key: /etc/ssh/ssh_host_dsa_key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. I'm wondering, what is it that I am skipping over? |
|
|||
Quote:
Code:
$ scp id_dsa.pub moleque@192.168.1.3 In http://www.daemonforums.org/showthread.php?t=1758 I give a correct way to append a public key file to the .authorized_keys file.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Ok
For some reason, I'm getting the Code:
Permission denied (publickey,keyboard-interactive) Code:
$ ssh -vvv moleque@192.168.1.3 OpenSSH_5.4p1 FreeBSD-20100308, OpenSSL 0.9.8n 24 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.1.3 [192.168.1.3] port 2442. debug1: Connection established. debug3: Not a RSA1 key file /home/moleque/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /home/moleque/.ssh/id_rsa type 1 debug1: identity file /home/moleque/.ssh/id_rsa-cert type -1 debug1: identity file /home/moleque/.ssh/id_dsa type -1 debug1: identity file /home/moleque/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.4p1 FreeBSD-20100308 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 136/256 debug2: bits set: 494/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: put_host_port: [192.168.1.3]:2442 debug3: put_host_port: [192.168.1.3]:2442 debug3: check_host_in_hostfile: host [192.168.1.3]:2442 filename /home/moleque/.ssh/known_hosts debug3: check_host_in_hostfile: host [192.168.1.3]:2442 filename /home/moleque/.ssh/known_hosts debug3: key_read: type mismatch debug3: check_host_in_hostfile: match line 2 debug1: Host '[192.168.1.3]:2442' is known and matches the RSA host key. debug1: Found key in /home/moleque/.ssh/known_hosts:2 debug2: bits set: 513/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/moleque/.ssh/id_rsa (0x4202d180) debug2: key: /home/moleque/.ssh/id_dsa (0x0) debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/moleque/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /home/moleque/.ssh/id_dsa debug3: no such identity: /home/moleque/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug1: Authentications that can continue: publickey,keyboard-interactive debug3: userauth_kbdint: disable: no info_req_seen debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey,keyboard-interactive). $ |
|
||||
Did you verify that both keys are the same as I mentioned before? I know you *think* they are the same, but that is not the same as *knowing*.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
No. They don't match.
|
|
|||
I'm getting the same result after following J65nko's howto.
The power here has gone out twice; so, I have no idea what the set of commands were to setup login from X.5 to X.3. Edit: the problem is in the OpenBSD conf files. Now, how do I disable the keyboard and publickey checking? The /etc/ssh/Known_hosts file on the OpenBSD is empty while the G3 has the host, port, and key. Last edited by Mr-Biscuit; 1st June 2010 at 07:55 AM. |
|
||||
Quote:
I would take the easy way out: Copy the files to a USB drive, floppy disk, whatever, and copy them that way. Make sure you copy right *right* private/public keys.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
New BSD magazine issue: "BSDs as Servers" | wesley | News | 0 | 1st February 2010 12:31 PM |
Putting Free/Net/Open - BSDs on one HDD | alpopa | NetBSD Installation and Upgrading | 6 | 23rd December 2008 08:16 PM |
Using multiple gateways | ivanatora | FreeBSD General | 7 | 15th November 2008 06:57 PM |
Multiple VPN | rondynames | OpenBSD General | 5 | 24th July 2008 11:51 AM |