[Cerowrt-devel] dropbear stops working
Michael Richardson
mcr at sandelman.ca
Sun Jan 12 16:20:43 PST 2014
Hi, I was running 3.8 until two weeks ago. I had a problem that had
developed where by dropbear (ssh daemon) simply stopped being willing to
accept logins. I still had access through the web ui, but it's hard to
investigate problems that way...
I flashed a new 3800 with 3.10 back on Dec. 25th, and all was well.
I could ssh in, no problem. I went to ssh today, and I get the same
problem as before... My experience from before was that a reboot did *not*
solve the problem.
ssh -v gives me:
obiwan-[~/galaxy/orlando/r6743] mcr 10015 %ssh -v root at budmgmt
OpenSSH_6.0p1 Debian-4, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/mcr/.ssh/config
debug1: /home/mcr/.ssh/config line 170: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to budmgmt [172.30.42.1] port 22.
debug1: Connection established.
debug1: identity file /home/mcr/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/mcr/.ssh/id_rsa-cert type -1
debug1: identity file /home/mcr/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-2048
debug1: identity file /home/mcr/.ssh/id_dsa-cert type -1
debug1: identity file /home/mcr/.ssh/id_ecdsa type -1
debug1: identity file /home/mcr/.ssh/id_ecdsa-cert type -1
ssh_exchange_identification: Connection closed by remote host
[2] 17811 exit 255 ssh -v root at budmgmt
I typically operate with about 6 private keys loaded into ssh-agent on my
desktop. On a whim I tried unset SSH_AUTH_SOCK in a fresh shell, but
that didn't change things, nor did combinations after that of things like:
%ssh -i ~/.ssh/id_dsa -v root at budmgmt
on the "budmgmt" IP (the 172.30.42.1 untagged on 3800), I should even be able
to login with a password, but it never gets to that point. I'm thinking that
either something has filled up in a way that survives reboots.
When I had this problem before, I tried starting a new copy of dropbear
From the Network/Fireall/Custom Rules file, since that is a shell
script I can hack:
dropbear -p 2221 &
but that didn't work (nothing listening on port 2221).
I can see nothing in the logs (which also come via UDP/syslog to my desktop).
I'm looking for any advice on how to:
a) restore my ssh access.
b) get better diagnostics from dropbear.
Failing this, I'll upgrade the other unit, restore my settings, and test
things daily.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] mcr at sandelman.ca http://www.sandelman.ca/ | ruby on rails [
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: not available
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20140112/c0defe71/attachment.pgp>
More information about the Cerowrt-devel
mailing list