Do you have a question? Post it now! No Registration Necessary
Threaded View
Subject
- Posted on
openssh integrated into ELDK?
- 08-04-2004
- Glen Call
August 4, 2004, 10:26 am
Reply
Save
Print
Anyone have experience integrating OpenSSH into ELDK? If so, have any
scripts or packages you'd be willing to share?
I know it's doable. I've considered both OpenSSH and "dropbear", but
prefer the former for compatiblity reasons.
Please advise.
Thanks in advance,
Glen
scripts or packages you'd be willing to share?
I know it's doable. I've considered both OpenSSH and "dropbear", but
prefer the former for compatiblity reasons.
Please advise.
Thanks in advance,
Glen
--
Glen Call
snipped-for-privacy@flash.net
Glen Call
snipped-for-privacy@flash.net
Re: openssh integrated into ELDK?
Both OpenSSH and "dropbear" are trivial to port.
What exactly is your problem?
Best regards,
Wolfgang Denk
--
Software Engineering: Embedded and Realtime Systems, Embedded Linux
Phone: (+49)-8142-4596-87 Fax: (+49)-8142-4596-88 Web: www.denx.de
Software Engineering: Embedded and Realtime Systems, Embedded Linux
Phone: (+49)-8142-4596-87 Fax: (+49)-8142-4596-88 Web: www.denx.de
We've slightly trimmed the long signature. Click to see the full one.
Re: openssh integrated into ELDK?
Wolfgang -
I've noticed that others have accomplished this integration (namely Arcom),
and was hoping to save myself the effort.
Since the last posting I have undertaken this myself, but ran into problems
when a non-ELDK client is attempting to gain access to sshd running on
ELDK. The error is "Corrupted MAC on input" that occurs after the client
sends SSH2_MSG_SERVICE_REQUEST. I see a similar error if I reverse things
and have a ELDK system client attempt to connect to a server on a YellowDog
system. I do not get the error if I have a client on ELDK attempt to
connect to a server on the same system.
Here's the output of the client (YDL 3.0):
# ssh -v 192.168.52.111
OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to 192.168.52.111 [192.168.52.111] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.8p1
debug1: match: OpenSSH_3.8p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host '192.168.52.111 (192.168.52.111)' can't be
established.
RSA key fingerprint is f3:ee:be:1d:5a:e5:5f:c2:91:55:46:87:89:00:df:42.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.52.111' (RSA) to the list of known
hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
Disconnecting: Corrupted MAC on input.
Here's the server output:
# /usr/sbin/sshd -d
debug1: sshd version OpenSSH_3.8p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.52.110 port 32769
debug1: Client protocol version 2.0; client software version
OpenSSH_3.8p1
debug1: match: OpenSSH_3.8p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.8p1
debug1: permanently_set_uid: 103/99
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
Disconnecting: Corrupted MAC on input.
debug1: do_cleanup
debug1: do_cleanup
Suggestions?
Thanks in advance,
Glen
Wolfgang Denk wrote:
I've noticed that others have accomplished this integration (namely Arcom),
and was hoping to save myself the effort.
Since the last posting I have undertaken this myself, but ran into problems
when a non-ELDK client is attempting to gain access to sshd running on
ELDK. The error is "Corrupted MAC on input" that occurs after the client
sends SSH2_MSG_SERVICE_REQUEST. I see a similar error if I reverse things
and have a ELDK system client attempt to connect to a server on a YellowDog
system. I do not get the error if I have a client on ELDK attempt to
connect to a server on the same system.
Here's the output of the client (YDL 3.0):
# ssh -v 192.168.52.111
OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to 192.168.52.111 [192.168.52.111] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.8p1
debug1: match: OpenSSH_3.8p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host '192.168.52.111 (192.168.52.111)' can't be
established.
RSA key fingerprint is f3:ee:be:1d:5a:e5:5f:c2:91:55:46:87:89:00:df:42.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.52.111' (RSA) to the list of known
hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
Disconnecting: Corrupted MAC on input.
Here's the server output:
# /usr/sbin/sshd -d
debug1: sshd version OpenSSH_3.8p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.52.110 port 32769
debug1: Client protocol version 2.0; client software version
OpenSSH_3.8p1
debug1: match: OpenSSH_3.8p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.8p1
debug1: permanently_set_uid: 103/99
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
Disconnecting: Corrupted MAC on input.
debug1: do_cleanup
debug1: do_cleanup
Suggestions?
Thanks in advance,
Glen
Wolfgang Denk wrote:
--
Glen Call
snipped-for-privacy@flash.net
Glen Call
snipped-for-privacy@flash.net
Re: openssh integrated into ELDK?
This seems to be something which happens even when ELDK is not
involved. Try googling for the phrase...
Sorry, I have no solution.
Best regards,
Wolfgang Denk
--
Software Engineering: Embedded and Realtime Systems, Embedded Linux
Phone: (+49)-8142-4596-87 Fax: (+49)-8142-4596-88 Web: www.denx.de
Software Engineering: Embedded and Realtime Systems, Embedded Linux
Phone: (+49)-8142-4596-87 Fax: (+49)-8142-4596-88 Web: www.denx.de
We've slightly trimmed the long signature. Click to see the full one.
Site Timeline
- » Re: Is Jaluna to good to be true?
- — Next thread in » Embedded Linux
-
- » libopenobex-1.0.so.1
- — Previous thread in » Embedded Linux
-
- » Crosscompiling for ARM: reloc type R_ARM_ABS32 is not supported for PIC - ...
- — Newest thread in » Embedded Linux
-
- » CR1616 en remplacement de CTL1616
- — The site's Newest Thread. Posted in » Electronics (French)
-
XML Sitemap