DaemonForums  

Go Back   DaemonForums > Miscellaneous > Off-Topic

Off-Topic Everything else.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 23rd May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default Using multiple BSDs: How have you implemented them?

Since it is still not completely finished- see the mailing lists for more information- I decided to use the FreeBSD G3 and an OpenBSD i386 install together. The G3 acts a s a viewer/thinclient and the P4/i386 acts as a server. I haven't quite gotten the ssh and X11 forwarding setup.
What ways did you setup different BSDs to work together?

Last edited by Mr-Biscuit; 23rd May 2010 at 06:30 PM. Reason: Spelling.
Reply With Quote
  #2   (View Single Post)  
Old 24th May 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

It should be no problem getting X11, OpenSSH, and most other programs working together with various operating systems (Including FreeBSD & OpenBSD).

Xorg is still Xorg no matter what OS it runs, the same applies to OpenSSH and most other applications. While details, versions, and default configurations may be different, it is conceptually the same.

If you want a more specific answer regarding your X11 forwarding: Ask a more specific question
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #3   (View Single Post)  
Old 25th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

Right now, I'm at the "I don't understand this quite enough" point.
OpenSSH is at the point of not exporting keys properly.
X11 forwarding is at the point- A strange way to be.- of which .Xauth and how?

I've kept the experimenting on the FreeBSD x86 install with the host and jail.
(The fear that a clusterf* will ensue- by reason of me- is enough for me not to want to mess up the G3 or the OpenBSD install.)

What I'd like is SSH with X11 forwarding- and maybe on another display; but, what I'd settle for- and am right now- is the VNC setup.

Last edited by Mr-Biscuit; 9th July 2010 at 01:13 PM.
Reply With Quote
  #4   (View Single Post)  
Old 26th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I have setup an rsa key on the openbsd machine and will setup another on the G3 later.
Here are the questions:
It's a LAN behind the router and the machines have an assigned IP address.

Do I need to use a command such as scp to the name of the machine or to the assigned IP?

Let me know what work I need to show.
Reply With Quote
  #5   (View Single Post)  
Old 26th May 2010
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by Mr-Biscuit View Post
Do I need to use a command such as scp to the name of the machine or to the assigned IP?
If you want to copy files between machines using hostnames, then you will need to set up DNS or set the appropriate entries in the hosts(5) file. And if you think about it, what DNS (or the hosts(5) file) is doing is figuring out what IP address matches the specified hostname.

Otherwise, you can specify each machine by IP address when copying files about.
Reply With Quote
  #6   (View Single Post)  
Old 28th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I get the following error:

Code:
debug1: Roaming not allowed by server
It then refuses to connect.

On both machines I have set: port to a higher number, user only has ssh access, X11 is forwarded.
Reply With Quote
  #7   (View Single Post)  
Old 28th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

Code:
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: CANT_MAKE_TOO_MANY_WAVES
debug1: Next authentication method: publickey
debug1: Trying private key: /home/moleque/.ssh/identity
debug1: Offering public key: /home/moleque/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/moleque/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:
debug1: Authentications that can continue: publickey,keyboard-interactive
Password:
debug1: Authentications that can continue: publickey,keyboard-interactive
Password:
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).
$
I'm using the same passphrase that I created.

Last edited by Mr-Biscuit; 9th July 2010 at 01:14 PM.
Reply With Quote
  #8   (View Single Post)  
Old 29th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

OK. I'm able to ssh from OpenBSD to FreeBSD but not the other way around.
Reply With Quote
  #9   (View Single Post)  
Old 29th May 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Did you set up both the ~/.ssh/authorized_hosts and ~/.ssh/id_rsa (Your public and private key) on both machines?
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 29th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

Yes.
Reply With Quote
Old 29th May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I've exported the key from Open to Free.

Code:
$ ssh -p 2442 -Y moleque@192.168.1.3
Permission denied (publickey,keyboard-interactive).
Reply With Quote
Old 31st May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I'm having a problem with host key importing/exporting.

Code:
$ uname -a
FreeBSD tima.tiza 9.0-20100418-SNAP FreeBSD 9.0-20100418-SNAP #0: Sun Apr 18 06:51:02 UTC 2010     root@dynode.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC  powerpc
$ ssh -Y -p 2442 moleque@192.168.1.3
The authenticity of host '[192.168.1.3]:2442 ([192.168.1.3]:2442)' can't be established.
DSA key fingerprint is bd:7c:29:4e:48:df:01:01:46:75:68:fb:fb:2a:90:07.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.1.3]:2442' (DSA) to the list of known hosts.
Permission denied (publickey,keyboard-interactive).
$ ssh -Y -p 2442 moleque@192.168.1.3
Permission denied (publickey,keyboard-interactive).
$

Code:
$ pwd
/home/moleque/.ssh
$ uname -a
OpenBSD moo.my.domain 4.6 GENERIC#58 i386
$ ls
authorized_keys     id_dsa.pub          id_rsa.pub          moleque@192.168.1.5
id_dsa              id_rsa              known_hosts
$


Code:
$ pwd
/home/moleque/.ssh
$ uname -a
FreeBSD tima.tiza 9.0-20100418-SNAP FreeBSD 9.0-20100418-SNAP #0: Sun Apr 18 06:51:02 UTC 2010     root@dynode.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC  powerpc
$ ls
known_hosts		moleque@192.168.1.3
$
I'm putting the information down because something is escaping me.

Last edited by Mr-Biscuit; 31st May 2010 at 03:21 AM.
Reply With Quote
Old 31st May 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Quote:
debug1: Offering public key: /home/moleque/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/moleque/.ssh/id_dsa
This would seem to indicate that your key is not being accepted for some reason.

Do you want to use a RSA or DSA key? You have both, choose one and remove the other, it will serve no puropse other then make things more complicated.

Are your authorized_hosts and id_rsa/id_dsa (As mentioned above, choose one) *exactly* the same? Check with md5 to be sure.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 31st May 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

Code:
# /usr/sbin/sshd -d -d -d
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 295
debug2: parse_server_config: config /etc/ssh/sshd_config len 295
debug3: /etc/ssh/sshd_config:11 setting Port 2442
debug3: /etc/ssh/sshd_config:19 setting Protocol 2
debug3: /etc/ssh/sshd_config:39 setting PermitRootLogin no
debug3: /etc/ssh/sshd_config:59 setting PasswordAuthentication no 
debug3: /etc/ssh/sshd_config:78 setting X11Forwarding yes 
debug3: /etc/ssh/sshd_config:79 setting X11DisplayOffset 100
debug3: /etc/ssh/sshd_config:80 setting X11UseLocalhost yes
debug3: /etc/ssh/sshd_config:90 setting UseDNS no 
debug3: /etc/ssh/sshd_config:100 setting Subsystem sftp	/usr/libexec/sftp-server
debug3: /etc/ssh/sshd_config:107 setting AllowUsers moleque
debug1: sshd version OpenSSH_5.3
Could not load host key: /etc/ssh/ssh_host_rsa_key
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Could not load host key: /etc/ssh/ssh_host_dsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
I've recreated the keys a few times.
I'm wondering, what is it that I am skipping over?
Reply With Quote
Old 31st May 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

Quote:
Originally Posted by Mr-Biscuit View Post
Code:
$ pwd
/home/moleque/.ssh
$ uname -a
OpenBSD moo.my.domain 4.6 GENERIC#58 i386
$ ls
authorized_keys     id_dsa.pub          id_rsa.pub          moleque@192.168.1.5
id_dsa              id_rsa              known_hosts
$
Code:
$ pwd
/home/moleque/.ssh
$ uname -a
FreeBSD tima.tiza 9.0-20100418-SNAP FreeBSD 9.0-20100418-SNAP #0: Sun Apr 18 06:51:02 UTC 2010     root@dynode.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC  powerpc
$ ls
known_hosts		moleque@192.168.1.3
$
I'm putting the information down because something is escaping me.
I could be wrong but IMHO you probably have copied the keys with
Code:
$ scp id_dsa.pub moleque@192.168.1.3
That creates a local copy of the id_dsa.pub file with the name of moleque@192.168.1.3

In http://www.daemonforums.org/showthread.php?t=1758 I give a correct way to append a public key file to the .authorized_keys file.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 1st June 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

Ok
For some reason, I'm getting the
Code:
Permission denied (publickey,keyboard-interactive)

Code:
$ ssh -vvv moleque@192.168.1.3
OpenSSH_5.4p1 FreeBSD-20100308, OpenSSL 0.9.8n 24 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.3 [192.168.1.3] port 2442.
debug1: Connection established.
debug3: Not a RSA1 key file /home/moleque/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/moleque/.ssh/id_rsa type 1
debug1: identity file /home/moleque/.ssh/id_rsa-cert type -1
debug1: identity file /home/moleque/.ssh/id_dsa type -1
debug1: identity file /home/moleque/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.4p1 FreeBSD-20100308
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 136/256
debug2: bits set: 494/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: put_host_port: [192.168.1.3]:2442
debug3: put_host_port: [192.168.1.3]:2442
debug3: check_host_in_hostfile: host [192.168.1.3]:2442 filename /home/moleque/.ssh/known_hosts
debug3: check_host_in_hostfile: host [192.168.1.3]:2442 filename /home/moleque/.ssh/known_hosts
debug3: key_read: type mismatch
debug3: check_host_in_hostfile: match line 2
debug1: Host '[192.168.1.3]:2442' is known and matches the RSA host key.
debug1: Found key in /home/moleque/.ssh/known_hosts:2
debug2: bits set: 513/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/moleque/.ssh/id_rsa (0x4202d180)
debug2: key: /home/moleque/.ssh/id_dsa (0x0)
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/moleque/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/moleque/.ssh/id_dsa
debug3: no such identity: /home/moleque/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).
$
Reply With Quote
Old 1st June 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Did you verify that both keys are the same as I mentioned before? I know you *think* they are the same, but that is not the same as *knowing*.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 1st June 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

No. They don't match.
Reply With Quote
Old 1st June 2010
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Default

I'm getting the same result after following J65nko's howto.

The power here has gone out twice; so, I have no idea what the set of commands were to setup login from X.5 to X.3.

Edit: the problem is in the OpenBSD conf files.



Now, how do I disable the keyboard and publickey checking?

The /etc/ssh/Known_hosts file on the OpenBSD is empty while the G3 has the host, port, and key.

Last edited by Mr-Biscuit; 1st June 2010 at 07:55 AM.
Reply With Quote
Old 1st June 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Quote:
No. They don't match.
Right, so for some reason something went wrong while copying the files.

I would take the easy way out: Copy the files to a USB drive, floppy disk, whatever, and copy them that way.
Make sure you copy right *right* private/public keys.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
New BSD magazine issue: "BSDs as Servers" wesley News 0 1st February 2010 12:31 PM
Putting Free/Net/Open - BSDs on one HDD alpopa NetBSD Installation and Upgrading 6 23rd December 2008 08:16 PM
Using multiple gateways ivanatora FreeBSD General 7 15th November 2008 06:57 PM
Multiple VPN rondynames OpenBSD General 5 24th July 2008 11:51 AM


All times are GMT. The time now is 10:50 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick