openssh integrated into ELDK?

Do you have a question? Post it now! No Registration Necessary

Translate This Thread From English to

Threaded View
Anyone have experience integrating OpenSSH into ELDK?  If so, have any
scripts or packages you'd be willing to share?

I know it's doable.  I've considered both OpenSSH and "dropbear", but
prefer the former for compatiblity reasons.

Please advise.

Thanks in advance,
Glen
--
Glen Call
snipped-for-privacy@flash.net



Re: openssh integrated into ELDK?

Quoted text here. Click to load it


Both OpenSSH and "dropbear" are trivial to port.

What exactly is your problem?

Best regards,

Wolfgang Denk

--
Software Engineering:  Embedded and Realtime Systems,  Embedded Linux
Phone: (+49)-8142-4596-87  Fax: (+49)-8142-4596-88   Web: www.denx.de
We've slightly trimmed the long signature. Click to see the full one.
Re: openssh integrated into ELDK?
Wolfgang -

I've noticed that others have accomplished this integration (namely Arcom),
and was hoping to save myself the effort.

Since the last posting I have undertaken this myself, but ran into problems
when a non-ELDK client is attempting to gain access to sshd running on
ELDK.  The error is "Corrupted MAC on input" that occurs after the client
sends SSH2_MSG_SERVICE_REQUEST.  I see a similar error if I reverse things
and have a ELDK system client attempt to connect to a server on a YellowDog
system.  I do not get the error if I have a client on ELDK attempt to
connect to a server on the same system.

Here's the output of the client (YDL 3.0):

# ssh -v 192.168.52.111
OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to 192.168.52.111 [192.168.52.111] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.8p1
debug1: match: OpenSSH_3.8p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host '192.168.52.111 (192.168.52.111)' can't be
established.
RSA key fingerprint is f3:ee:be:1d:5a:e5:5f:c2:91:55:46:87:89:00:df:42.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.52.111' (RSA) to the list of known
hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
Disconnecting: Corrupted MAC on input.

Here's the server output:

# /usr/sbin/sshd -d
debug1: sshd version OpenSSH_3.8p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.52.110 port 32769
debug1: Client protocol version 2.0; client software version
OpenSSH_3.8p1
debug1: match: OpenSSH_3.8p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.8p1
debug1: permanently_set_uid: 103/99
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
Disconnecting: Corrupted MAC on input.
debug1: do_cleanup
debug1: do_cleanup

Suggestions?

Thanks in advance,
Glen


Wolfgang Denk wrote:

Quoted text here. Click to load it

--
Glen Call
snipped-for-privacy@flash.net



Re: openssh integrated into ELDK?

Quoted text here. Click to load it

This seems to be something  which  happens  even  when  ELDK  is  not
involved. Try googling for the phrase...

Sorry, I have no solution.

Best regards,

Wolfgang Denk

--
Software Engineering:  Embedded and Realtime Systems,  Embedded Linux
Phone: (+49)-8142-4596-87  Fax: (+49)-8142-4596-88   Web: www.denx.de
We've slightly trimmed the long signature. Click to see the full one.

Site Timeline