Re: [yocto] open ssh dunfell unable to login

[Michael Nazzareno Trimarchi]

Hi Federico

On Thu, Dec 8, 2022 at 5:18 PM Federico Pellegrin <f...@evolware.org> wrote:
>
>
> Hi Michael,
> Sorry for the maybe obvious remark (and cannot find the original post if 
> maybe you gave more details) but: did you enable in openssh daemon 
> configuration to allow for root login?
>
> By default that is not permitted, in /etc/ssh/sshd_config you have:
>
> #PermitRootLogin prohibit-password
>
> (it is usually commented, but shows the default)
> Which you should in case replace with:
>
> PermitRootLogin yes
>
> This can be also managed on yocto level with the feature "debug-tweaks" or 
> "allow-root-login".
>

I know, I poked around a bit but was not connected to that one. What I
can add that root was having a password set

Michael

> Cheers,
> Federico
>
>
> Il giorno gio 8 dic 2022 alle ore 15:21 Michael Nazzareno Trimarchi 
> <mich...@amarulasolutions.com> ha scritto:
>>
>> Hi
>>
>> On Mon, Nov 14, 2022 at 5:47 PM Michael Nazzareno Trimarchi
>> <mich...@amarulasolutions.com> wrote:
>> >
>> > Hi all
>> >
>> > testing the openssh-server and I set root password but I'm enable to login
>> >
>> > server side
>> > /usr/sbin/sshd -d -D
>> >
>>
>> I basically solve it with dropbear instead of openssh. Has anybody
>> found the same problem on dunfell?
>>
>> Michael
>>
>> > debug1: sshd version OpenSSH_8.2, OpenSSL 1.1.1q 5 Jul 2022
>> > debug1: private host key #0: ssh-rsa
>> > SHA256:1endrZLJnyyoE2x+MfLB3JIpEqgzCrORriOhvSSN2HM
>> > debug1: private host key #1: ecdsa-sha2-nistp256
>> > SHA256:1Ivo0c/GWF22iwwEAc0D+E79qSH/0eTxDH0pldsfuk4
>> > debug1: private host key #2: ssh-ed25519
>> > SHA256:CEHX4ATsgGL4De/rJlyNmwqqCk0Ewf1r4jU4spHTP88
>> > debug1: rexec_argv[0]='/usr/sbin/sshd'
>> > debug1: rexec_argv[1]='-d'
>> > debug1: rexec_argv[2]='-D'
>> > debug1: Set /proc/self/oom_score_adj from 0 to -1000
>> > debug1: Bind to port 22 on 0.0.0.0.
>> > Server listening on 0.0.0.0 port 22.
>> > debug1: Bind to port 22 on ::.
>> > Server listening on :: port 22.
>> > debug1: Server will not fork when running in debugging mode.
>> > debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
>> > debug1: sshd version OpenSSH_8.2, OpenSSL 1.1.1q 5 Jul 2022
>> > debug1: private host key #0: ssh-rsa
>> > SHA256:1endrZLJnyyoE2x+MfLB3JIpEqgzCrORriOhvSSN2HM
>> > debug1: private host key #1: ecdsa-sha2-nistp256
>> > SHA256:1Ivo0c/GWF22iwwEAc0D+E79qSH/0eTxDH0pldsfuk4
>> > debug1: private host key #2: ssh-ed25519
>> > SHA256:CEHX4ATsgGL4De/rJlyNmwqqCk0Ewf1r4jU4spHTP88
>> > debug1: inetd sockets after dupping: 3, 3
>> > Connection from 192.168.1.8 port 59662 on 192.168.1.3 port 22 rdomain ""
>> > debug1: Local version string SSH-2.0-OpenSSH_8.2
>> > debug1: Remote protocol version 2.0, remote software version
>> > OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
>> > debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 pat OpenSSH* compat 
>> > 0x04000000
>> > debug1: permanently_set_uid: 997/997 [preauth]
>> > debug1: list_hostkey_types:
>> > rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
>> > [preauth]
>> > debug1: SSH2_MSG_KEXINIT sent [preauth]
>> > debug1: SSH2_MSG_KEXINIT received [preauth]
>> > debug1: kex: algorithm: curve25519-sha256 [preauth]
>> > debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
>> > debug1: kex: client->server cipher: chacha20-poly1...@openssh.com MAC:
>> > <implicit> compression: none [preauth]
>> > debug1: kex: server->client cipher: chacha20-poly1...@openssh.com MAC:
>> > <implicit> compression: none [preauth]
>> > debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
>> > debug1: rekey out after 134217728 blocks [preauth]
>> > debug1: SSH2_MSG_NEWKEYS sent [preauth]
>> > debug1: Sending SSH2_MSG_EXT_INFO [preauth]
>> > debug1: expecting SSH2_MSG_NEWKEYS [preauth]
>> > debug1: SSH2_MSG_NEWKEYS received [preauth]
>> > debug1: rekey in after 134217728 blocks [preauth]
>> > debug1: KEX done [preauth]
>> > debug1: userauth-request for user root service ssh-connection method
>> > none [preauth]
>> > debug1: attempt 0 failures 0 [preauth]
>> > debug1: monitor_read_log: child log fd closed
>> > debug1: do_cleanup
>> > debug1: Killing privsep child 873
>> >
>> > Client side
>> > ssh -vvv -o PreferredAuthentications=password root@192.168.1.3
>> >
>> > OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
>> > debug1: Reading configuration data /home/suniel/.ssh/config
>> > debug1: Reading configuration data /etc/ssh/ssh_config
>> > debug1: /etc/ssh/ssh_config line 19: include
>> > /etc/ssh/ssh_config.d/*.conf matched no files
>> > debug1: /etc/ssh/ssh_config line 21: Applying options for *
>> > debug2: resolve_canonicalize: hostname 192.168.1.3 is address
>> > debug2: ssh_connect_direct
>> > debug1: Connecting to 192.168.1.3 [192.168.1.3] port 22.
>> > debug1: Connection established.
>> > debug1: identity file /home/suniel/.ssh/id_rsa type 0
>> > debug1: identity file /home/suniel/.ssh/id_rsa-cert type -1
>> > debug1: identity file /home/suniel/.ssh/id_dsa type -1
>> > debug1: identity file /home/suniel/.ssh/id_dsa-cert type -1
>> > debug1: identity file /home/suniel/.ssh/id_ecdsa type -1
>> > debug1: identity file /home/suniel/.ssh/id_ecdsa-cert type -1
>> > debug1: identity file /home/suniel/.ssh/id_ecdsa_sk type -1
>> > debug1: identity file /home/suniel/.ssh/id_ecdsa_sk-cert type -1
>> > debug1: identity file /home/suniel/.ssh/id_ed25519 type -1
>> > debug1: identity file /home/suniel/.ssh/id_ed25519-cert type -1
>> > debug1: identity file /home/suniel/.ssh/id_ed25519_sk type -1
>> > debug1: identity file /home/suniel/.ssh/id_ed25519_sk-cert type -1
>> > debug1: identity file /home/suniel/.ssh/id_xmss type -1
>> > debug1: identity file /home/suniel/.ssh/id_xmss-cert type -1
>> > debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
>> > debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2
>> > debug1: match: OpenSSH_8.2 pat OpenSSH* compat 0x04000000
>> > debug2: fd 3 setting O_NONBLOCK
>> > debug1: Authenticating to 192.168.1.3:22 as 'root'
>> > debug3: hostkeys_foreach: reading file "/home/suniel/.ssh/known_hosts"
>> > debug3: record_hostkey: found key type ECDSA in file
>> > /home/suniel/.ssh/known_hosts:23
>> > debug3: load_hostkeys: loaded 1 keys from 192.168.1.3
>> > debug3: order_hostkeyalgs: prefer hostkeyalgs:
>> > ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
>> > debug3: send packet: type 20
>> > debug1: SSH2_MSG_KEXINIT sent
>> > debug3: receive packet: type 20
>> > debug1: SSH2_MSG_KEXINIT received
>> > debug2: local client KEXINIT proposal
>> > debug2: KEX algorithms:
>> > curve25519-sha256,curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
>> > debug2: host key algorithms:
>> > ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256-cert-...@openssh.com,ssh-ed25519-cert-...@openssh.com,sk-ssh-ed25519-cert-...@openssh.com,rsa-sha2-512-cert-...@openssh.com,rsa-sha2-256-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,sk-ecdsa-sha2-nistp...@openssh.com,ssh-ed25519,sk-ssh-ed25...@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
>> > debug2: ciphers ctos:
>> > chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com
>> > debug2: ciphers stoc:
>> > chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com
>> > debug2: MACs ctos:
>> > umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> > debug2: MACs stoc:
>> > umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> > debug2: compression ctos: none,z...@openssh.com,zlib
>> > debug2: compression stoc: none,z...@openssh.com,zlib
>> > debug2: languages ctos:
>> > debug2: languages stoc:
>> > debug2: first_kex_follows 0
>> > debug2: reserved 0
>> > debug2: peer server KEXINIT proposal
>> > debug2: KEX algorithms:
>> > curve25519-sha256,curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
>> > debug2: host key algorithms:
>> > rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
>> > debug2: ciphers ctos:
>> > chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com
>> > debug2: ciphers stoc:
>> > chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com
>> > debug2: MACs ctos:
>> > umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> > debug2: MACs stoc:
>> > umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> > debug2: compression ctos: none
>> > debug2: compression stoc: none
>> > debug2: languages ctos:
>> > debug2: languages stoc:
>> > debug2: first_kex_follows 0
>> > debug2: reserved 0
>> > debug1: kex: algorithm: curve25519-sha256
>> > debug1: kex: host key algorithm: ecdsa-sha2-nistp256
>> > debug1: kex: server->client cipher: chacha20-poly1...@openssh.com MAC:
>> > <implicit> compression: none
>> > debug1: kex: client->server cipher: chacha20-poly1...@openssh.com MAC:
>> > <implicit> compression: none
>> > debug3: send packet: type 30
>> > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
>> > debug3: receive packet: type 31
>> > debug1: Server host key: ecdsa-sha2-nistp256
>> > SHA256:1Ivo0c/GWF22iwwEAc0D+E79qSH/0eTxDH0pldsfuk4
>> > debug3: hostkeys_foreach: reading file "/home/suniel/.ssh/known_hosts"
>> > debug3: record_hostkey: found key type ECDSA in file
>> > /home/suniel/.ssh/known_hosts:23
>> > debug3: load_hostkeys: loaded 1 keys from 192.168.1.3
>> > debug1: Host '192.168.1.3' is known and matches the ECDSA host key.
>> > debug1: Found key in /home/suniel/.ssh/known_hosts:23
>> > debug3: send packet: type 21
>> > debug2: set_newkeys: mode 1
>> > debug1: rekey out after 134217728 blocks
>> > debug1: SSH2_MSG_NEWKEYS sent
>> > debug1: expecting SSH2_MSG_NEWKEYS
>> > debug3: receive packet: type 21
>> > debug1: SSH2_MSG_NEWKEYS received
>> > debug2: set_newkeys: mode 0
>> > debug1: rekey in after 134217728 blocks
>> > debug1: Will attempt key: /home/suniel/.ssh/id_rsa RSA
>> > SHA256:p5HL5mkh62PMNf21jyap6L5b1Epud52b6EaNvAFOFlc agent
>> > debug1: Will attempt key: /home/suniel/.ssh/id_dsa
>> > debug1: Will attempt key: /home/suniel/.ssh/id_ecdsa
>> > debug1: Will attempt key: /home/suniel/.ssh/id_ecdsa_sk
>> > debug1: Will attempt key: /home/suniel/.ssh/id_ed25519
>> > debug1: Will attempt key: /home/suniel/.ssh/id_ed25519_sk
>> > debug1: Will attempt key: /home/suniel/.ssh/id_xmss
>> > debug2: pubkey_prepare: done
>> > debug3: send packet: type 5
>> > debug3: receive packet: type 7
>> > debug1: SSH2_MSG_EXT_INFO received
>> > debug1: kex_input_ext_info:
>> > server-sig-algs=<ssh-ed25519,sk-ssh-ed25...@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp...@openssh.com>
>> > debug3: receive packet: type 6
>> > debug2: service_accept: ssh-userauth
>> > debug1: SSH2_MSG_SERVICE_ACCEPT received
>> > debug3: send packet: type 50
>> > Connection closed by 192.168.1.3 port 22
>> >
>> > Michael
>>
>>
>>
>> --
>> Michael Nazzareno Trimarchi
>> Co-Founder & Chief Executive Officer
>> M. +39 347 913 2170
>> mich...@amarulasolutions.com
>> __________________________________
>>
>> Amarula Solutions BV
>> Joop Geesinkweg 125, 1114 AB, Amsterdam, NL
>> T. +31 (0)85 111 9172
>> i...@amarulasolutions.com
>> www.amarulasolutions.com
>>
>>
>> --
>> Michael Nazzareno Trimarchi
>> Co-Founder & Chief Executive Officer
>> M. +39 347 913 2170
>> mich...@amarulasolutions.com
>> __________________________________
>>
>> Amarula Solutions BV
>> Joop Geesinkweg 125, 1114 AB, Amsterdam, NL
>> T. +31 (0)85 111 9172
>> i...@amarulasolutions.com
>> www.amarulasolutions.com
>>
>> 
>>


-- 
Michael Nazzareno Trimarchi
Co-Founder & Chief Executive Officer
M. +39 347 913 2170
mich...@amarulasolutions.com
__________________________________

Amarula Solutions BV
Joop Geesinkweg 125, 1114 AB, Amsterdam, NL
T. +31 (0)85 111 9172
i...@amarulasolutions.com
www.amarulasolutions.com

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#58761): https://lists.yoctoproject.org/g/yocto/message/58761
Mute This Topic: https://lists.yoctoproject.org/mt/95538639/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-