From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from tuna.sandelman.ca (unknown [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by huchra.bufferbloat.net (Postfix) with ESMTPS id 4F58C201B02 for ; Sun, 12 Jan 2014 16:20:45 -0800 (PST) Received: from sandelman.ca (desk.marajade.sandelman.ca [209.87.252.247]) by tuna.sandelman.ca (Postfix) with ESMTP id BBF1A20037 for ; Sun, 12 Jan 2014 20:36:19 -0500 (EST) Received: by sandelman.ca (Postfix, from userid 179) id 301B664647; Sun, 12 Jan 2014 19:20:43 -0500 (EST) Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 14A9863B88 for ; Sun, 12 Jan 2014 19:20:43 -0500 (EST) From: Michael Richardson To: cerowrt-devel X-Attribution: mcr X-Mailer: MH-E 8.2; nmh 1.3-dev; GNU Emacs 23.4.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Sender: mcr@sandelman.ca Subject: [Cerowrt-devel] dropbear stops working X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jan 2014 00:20:50 -0000 --=-=-= Content-Transfer-Encoding: quoted-printable Hi, I was running 3.8 until two weeks ago. I had a problem that had developed where by dropbear (ssh daemon) simply stopped being willing to accept logins. I still had access through the web ui, but it's hard to investigate problems that way... I flashed a new 3800 with 3.10 back on Dec. 25th, and all was well. I could ssh in, no problem. I went to ssh today, and I get the same problem as before... My experience from before was that a reboot did *not* solve the problem. ssh -v gives me: obiwan-[~/galaxy/orlando/r6743] mcr 10015 %ssh -v root@budmgmt OpenSSH_6.0p1 Debian-4, OpenSSL 1.0.1e 11 Feb 2013 debug1: Reading configuration data /home/mcr/.ssh/config debug1: /home/mcr/.ssh/config line 170: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to budmgmt [172.30.42.1] port 22. debug1: Connection established. debug1: identity file /home/mcr/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/mcr/.ssh/id_rsa-cert type -1 debug1: identity file /home/mcr/.ssh/id_dsa type 2 debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.DSA-2048 debug1: identity file /home/mcr/.ssh/id_dsa-cert type -1 debug1: identity file /home/mcr/.ssh/id_ecdsa type -1 debug1: identity file /home/mcr/.ssh/id_ecdsa-cert type -1 ssh_exchange_identification: Connection closed by remote host [2] 17811 exit 255 ssh -v root@budmgmt I typically operate with about 6 private keys loaded into ssh-agent on my desktop. On a whim I tried unset SSH_AUTH_SOCK in a fresh shell, but that didn't change things, nor did combinations after that of things like: %ssh -i ~/.ssh/id_dsa -v root@budmgmt on the "budmgmt" IP (the 172.30.42.1 untagged on 3800), I should even be ab= le to login with a password, but it never gets to that point. I'm thinking th= at either something has filled up in a way that survives reboots. When I had this problem before, I tried starting a new copy of dropbear From=20the Network/Fireall/Custom Rules file, since that is a shell script I can hack: dropbear -p 2221 & but that didn't work (nothing listening on port 2221). I can see nothing in the logs (which also come via UDP/syslog to my desktop= ). I'm looking for any advice on how to: a) restore my ssh access. b) get better diagnostics from dropbear. Failing this, I'll upgrade the other unit, restore my settings, and test things daily. =2D- ] Never tell me the odds! | ipv6 mesh network= s [ ] Michael Richardson, Sandelman Software Works | network architect= [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails = [ --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQCVAwUBUtMxWIqHRg3pndX9AQKcZwQAn/8waTsaHiaTEGSu3wQ6QAnN6rkcCkMQ Y72fZCQTSuCVHSsOX1eMrhQan8jH7huN9HdyQaUR7KYBykKY/HLxLYnq8amSjdsW yyvjIfoHwJsvDogXXhjMBBbtUAiPh1jQHRW7LFYyitAijm7cZ5qmfP3ObyJI6Cz3 sukIrrKKfl4= =ZJGW -----END PGP SIGNATURE----- --=-=-=--