From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,URIBL_SBL_A autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 2693 invoked from network); 26 Jan 2021 01:37:59 -0000 Received: from tb-ob21.topicbox.com (173.228.157.67) by inbox.vuxu.org with ESMTPUTF8; 26 Jan 2021 01:37:59 -0000 Received: from tb-mx0.topicbox.com (tb-mx0.nyi.icgroup.com [10.90.30.73]) by tb-ob21.topicbox.com (Postfix) with ESMTP id E3FA019B0C for ; Mon, 25 Jan 2021 20:37:55 -0500 (EST) (envelope-from bounce.mM967fce2ff51931fcd1718dca.r522be890-2105-11eb-b15e-8d699134e1fa@9fans.bounce.topicbox.com) Received: by tb-mx0.topicbox.com (Postfix, from userid 1132) id C8875140C2FE; Mon, 25 Jan 2021 20:37:55 -0500 (EST) ARC-Authentication-Results: i=2; topicbox.com; arc=pass; dkim=none (no signatures found); dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=weaselfish.com; spf=pass smtp.mailfrom=dlm-9fans@weaselfish.com smtp.helo=mail.weaselfish.com; x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message has been altered)) (Message modified while forwarding at Topicbox) ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=date:message-id:to:subject:from:in-reply-to :references:mime-version:content-type:content-transfer-encoding :list-help:list-id:list-post:list-subscribe:reply-to :list-unsubscribe; s=sysmsg-1; t=1611625075; bh=GW/I/yi9MhOoT/tk ZMm/bdX4BkIcIEa5dWN/r6hdCbs=; b=Z+8mKr6+1rWHo/wtIcVkz7s/fj16as8f H01S84yFdbsgdhonO+E9nxsLT99nq4kcpiJDRIaasKmf/4Y+WbhnToz8Xrdb2LHy ZRRMlGVCigibdFNnjjJc/paK/azMJ+oC8BPDU4L6OgxubEdU8H6lDJMm73HHfrOa fGx7+DvTz6g= ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t= 1611625075; b=MuXMTxUs+zIqqWV/QWzQsMMfafASl+Rp9t+lkTiCB5JzEG6uJB WCzPPN0+EDD/bckUQl2V+PZynD3TlM2NcY+nfu0W3MoJt0GG68+Yi6WkSqokq9fc YXdKVZmaq4Ir1SCctjCVQuh/3fq3QmKhAhA4x0xfHY8EjkkKf2eF+0lZI= Authentication-Results: topicbox.com; arc=pass; dkim=none (no signatures found); dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=weaselfish.com; spf=pass smtp.mailfrom=dlm-9fans@weaselfish.com smtp.helo=mail.weaselfish.com; x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message has been altered)) (Message modified while forwarding at Topicbox) X-Received-Authentication-Results: tb-mx0.topicbox.com; arc=none (no signatures found); bimi=skipped (DMARC did not pass); dkim=none (no signatures found); dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=weaselfish.com; iprev=pass smtp.remote-ip=71.216.54.171 (mail.weaselfish.com); spf=pass smtp.mailfrom=dlm-9fans@weaselfish.com smtp.helo=mail.weaselfish.com; x-aligned-from=pass (Address match); x-ptr=pass smtp.helo=mail.weaselfish.com policy.ptr=mail.weaselfish.com; x-return-mx=pass header.domain=weaselfish.com policy.is_org=yes (MX Records found: mail.weaselfish.com); x-return-mx=pass smtp.domain=weaselfish.com policy.is_org=yes (MX Records found: mail.weaselfish.com); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=9fans.net; h=date :message-id:to:subject:from:in-reply-to:references:mime-version :content-type:content-transfer-encoding:list-help:list-id :list-post:list-subscribe:reply-to:list-unsubscribe; s=dkim-1; bh=7Fse+dmeHFGVtkd7rFq0YG99JztuONj5bOX/qYeqWCU=; b=VSuNE1fOiWKA nbAe3x1HyDbIl76NQaTUJb5bZ1tB1Loj4BmfK4hLJX7XARinTzynetHzlR5NlWdl DCMDSid1SNxZQZcu/5AZK8XxlwgJKpOfYv9XEty6JXo9sZG8CRaBmZram95k46ge ARJCUohqO7vzHga6OfHcdefHh4Oiu5k= Received: from tb-mx0.topicbox.com (localhost.local [127.0.0.1]) by tb-mx0.topicbox.com (Postfix) with ESMTP id 1F70A140BEDC for <9fans@9fans.net>; Mon, 25 Jan 2021 20:37:47 -0500 (EST) (envelope-from dlm-9fans@weaselfish.com) Received: from tb-mx0.topicbox.com (localhost [127.0.0.1]) by tb-mx0.topicbox.com (Authentication Milter) with ESMTP id 4818AC902C7; Mon, 25 Jan 2021 20:37:47 -0500 ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t= 1611625067; b=m4IkwO/Tm1SWlCEswH+xyYWn5p4bsWtht9UvNIGFF/oEdaBVbS 77X3SxuPbHtgFZAhJABRTdqvpdHl14yDya+mFMLghTDIxC3ePjTIk5vTSbngME8d n/akClR7TduEko4jF16KRg46bsVAbD3UcbYiJSliBgan+w7m4l0sxsRq+n744Y2S UMIllZiFkpennioexO7s9QTb3rk2Bc9ucu+Dt9stpiWn++RkWJdOz9CO6XQPrE2Q vpk62huPdyHKMJfP3lHINvDT6j95H1dsuiS3nTXujyOKN/LFSLISTFu9L3vu4d7k +/MX7t99zSJst/yYW6oHtd1+H2FcwiahcJ1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=date:message-id:to:subject:from:in-reply-to :references:mime-version:content-type:content-transfer-encoding; s=arcseal; t=1611625067; bh=YIzKXt/E1k2AN01UqVoFpH7BUSXVA3uEmZ+ OFW1TAtU=; b=got6yctqK1YOJqLqA9jOS2YMvis5FfQEIxFtyh+rJp4AGimWw+2 1UIpa4DskOmQLILC0+USWb3mX0L3ePy2S9BI/01OjVoO79tlHWtASkq/3irDrafd j8R09mtTK+zHIgg0Glk8s5EZYPihin9Gm0Qm2Cm5AIka19LMiNdhJutzKZ1p5lIt wAaqso0vs/r+p28c92GdfeyDZ0s4PpZWKHk5LR/gikXQjDxgr0CPXxYXipJNA921 rCPFCdb/MmbNBxXwNEgk0qIYKl5JxhagqObvAW33YH2FP7Y7SWdr000gHnpFhqRj SSg8DqchuNSGkIStmgADfKqpnqVwGF7NBVg== ARC-Authentication-Results: i=1; tb-mx0.topicbox.com; arc=none (no signatures found); bimi=skipped (DMARC did not pass); dkim=none (no signatures found); dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=weaselfish.com; iprev=pass smtp.remote-ip=71.216.54.171 (mail.weaselfish.com); spf=pass smtp.mailfrom=dlm-9fans@weaselfish.com smtp.helo=mail.weaselfish.com; x-aligned-from=pass (Address match); x-ptr=pass smtp.helo=mail.weaselfish.com policy.ptr=mail.weaselfish.com; x-return-mx=pass header.domain=weaselfish.com policy.is_org=yes (MX Records found: mail.weaselfish.com); x-return-mx=pass smtp.domain=weaselfish.com policy.is_org=yes (MX Records found: mail.weaselfish.com); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgeduledrvdeggdefgecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdpuffr tefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecunecujfgurhepfffkvffuhf gjfhhoofggtgfgsehtjeertdertdfgnecuhfhrohhmpefffihorhhkihhnucfouhhllhgv rhcuoegulhhmqdelfhgrnhhsseifvggrshgvlhhfihhshhdrtghomheqnecuggftrfgrth htvghrnhepleegvdefveekleehteevheetgfelteefuddvleeifeejvdetfffgueffieel vdeinecukfhppeejuddrvdduiedrheegrddujedunecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehinhgvthepjedurddvudeirdehgedrudejuddphhgvlhhopehmrghi lhdrfigvrghsvghlfhhishhhrdgtohhmpdhmrghilhhfrhhomhepoegulhhmqdelfhgrnh hsseifvggrshgvlhhfihhshhdrtghomheq X-ME-VSScore: 0 X-ME-VSCategory: clean Received-SPF: pass (weaselfish.com: 71.216.54.171 is authorized to use 'dlm-9fans@weaselfish.com' in 'mfrom' identity (mechanism 'a:mail.weaselfish.com' matched)) receiver=tb-mx0.topicbox.com; identity=mailfrom; envelope-from="dlm-9fans@weaselfish.com"; helo=mail.weaselfish.com; client-ip=71.216.54.171 Received: from mail.weaselfish.com (mail.weaselfish.com [71.216.54.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by tb-mx0.topicbox.com (Postfix) with ESMTPS for <9fans@9fans.net>; Mon, 25 Jan 2021 20:37:46 -0500 (EST) (envelope-from dlm-9fans@weaselfish.com) Received: from localhost (goblin.dworkin.village.org [::ffff:10.1.1.31]) (AUTH: LOGIN dworkin, SSL: TLSv1/SSLv3,256bits,AES256-GCM-SHA384) by menolly-mail.weaselfish.com with ESMTPSA; Tue, 26 Jan 2021 01:37:44 +0000 id 00017262.00000000600F7268.00000E87 Date: Mon, 25 Jan 2021 18:37:43 -0700 (MST) Message-Id: <20210125.183743.419956603653135590.dworkin@weaselfish.com> To: 9fans@9fans.net Subject: Re: [9fans] getting 9front ssh to use RSA key? From: Dworkin Muller In-Reply-To: <31A2AD03A3AF323CCFA1FA3FA0616133@eigenstate.org> References: <20210125.005645.575575916048045945.dworkin@weaselfish.com> <31A2AD03A3AF323CCFA1FA3FA0616133@eigenstate.org> Organization: Weaselfish Consulting X-Mailer: Mew version 6.7 on Emacs 23.2 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Topicbox-Policy-Reasoning: allow: sender is a member Topicbox-Message-UUID: 1aa337e2-5f77-11eb-a8f6-f75d3a4d148c Archived-At: =?UTF-8?B?PGh0dHBzOi8vOWZhbnMudG9waWNib3guY29tL2dyb3Vwcy85?= =?UTF-8?B?ZmFucy9UZDA3Mjg2M2E5N2M5ZDNlOS1NOTY3ZmNlMmZmNTE5MzFmY2QxNzE4?= =?UTF-8?B?ZGNhPg==?= List-Help: List-Id: "9fans" <9fans.9fans.net> List-Post: List-Software: Topicbox v0 List-Subscribe: Precedence: list Reply-To: 9fans <9fans@9fans.net> List-Unsubscribe: , Topicbox-Delivery-ID: 2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:M967fce2ff51931fcd1718dca:1:SsxvF7IeM7LCFv-9LowhQAq66tsebzKZhIboAZD2iAQ On Mon, 25 Jan 2021 07:52:42 -0800, ori@eigenstate.org wrote: ori> First off, sanity check: are you running ssh in the same ori> namespace as the factotum? ori>=20 ori> Are you using a drawterm factotum, or are you using one ori> started from within your session? ori>=20 ori> you redacted a lot of the factotum value -- does the value in factotum ori> have all of these fields? ori>=20 ori> key proto=3Drsa service=3Dssh size=3D2048 ek=3D10001 n=3D... != dk? !p? !q? !kp? !kq? !c2? ori>=20 ori> finally, can you paste the output of 'ssh -d yoursystem'? Apologies for the lack of detail in previous messages. It's kind of awkward to get transcripts when the machine doesn't want to talk to anything else. I've managed to get password-based ssh to work, so now I dump to a file and transfer it over via "cat ... | ssh sh -c 'cat > output'". The need at this point is to get it working without requiring password authentication enabled on the remote systems. Taking these in order, my interpretation of what I'm doing/seeing is (raw data is included afterwards): - Booting as a terminal. /env/service says ``terminal'', and I've not knowingly set up anything other than a terminal. - Using the factotum started at boot. - The terminal's running as a VM under VMware Fusion, and I'm using the console window provided by Fusion. As an aside, I noticed that the original Plan 9 distribution knew how to play with Fusion to allow cut/paste, etc, but 9front doesn't; not sure how to get that to work - that's a problem for another time, though. - What's in factotum appears to have all the fields you mention. - The ssh transcript is attached. I can do an "ssh -d -d" if you prefer, as well provide the public host keys and my public key if that would help. I'd rather not give the private key, but generating a new one's not that hard and the machines involved aren't externally accessible, so I can do that too if it would help. I used pstree(1) just to cover all the bases regarding inheritance. help. The middle of "n" from /mnt/factotum/ctl was elided simply for readability. Thanks much for looking at this stupid newby problem. Dworkin term% pstree > foo 1 =E2=94=9Cbootrc /bin/bootrc 3 =E2=94=82=E2=94=9Cpager 4 =E2=94=82=E2=94=9Cmouse 6 =E2=94=82=E2=94=9Calarm 96 =E2=94=82=E2=94=94/amd64/init -t 295 =E2=94=82 =E2=94=94rc -c '. /rc/bin/termrc; home=3D/usr/$user; = cd && . ./lib/profile' 455 =E2=94=82 =E2=94=94rio -i riostart 458 =E2=94=82 =E2=94=9Crio [mouseproc] 459 =E2=94=82 =E2=94=9Crio [kbdproc] 460 =E2=94=82 =E2=94=9Crio [TIMERPROC] 461 =E2=94=82 =E2=94=9Crio [WCTLPROC] 462 =E2=94=82 =E2=94=94rio [FILSYSPROC] 8 =E2=94=9Cpaqfs 10 =E2=94=9Cmntgen 14 =E2=94=9Cmntgen 17 =E2=94=9Cmntgen 28 =E2=94=9Caoesweep 33 =E2=94=9Crxmitproc 35 =E2=94=9C#l0lproc 36 =E2=94=9C#l0rproc 62 =E2=94=9Ckbdfs 63 =E2=94=82=E2=94=94kbdfs [ctlproc] 64 =E2=94=82 =E2=94=9Ckbdfs [mctlproc] 65 =E2=94=82 =E2=94=9Ckbdfs [scanproc] 66 =E2=94=82 =E2=94=94kbdfs [intrproc] 216 =E2=94=9Cfactotum 725 =E2=94=82=E2=94=94factotum 264 =E2=94=9Ccwfs64x [srvo] 265 =E2=94=9Ccwfs64x [srvi stdio] 266 =E2=94=9Ccwfs64x [srvo] 267 =E2=94=9Ccwfs64x [srvi #s/cwfs] 268 =E2=94=9Ccwfs64x [con] 269 =E2=94=9Ccwfs64x [rah] 270 =E2=94=9Ccwfs64x [srv] 271 =E2=94=9Ccwfs64x [srv] 272 =E2=94=9Ccwfs64x [srv] 273 =E2=94=9Ccwfs64x [srv] 274 =E2=94=9Ccwfs64x [srv] 275 =E2=94=9Ccwfs64x [srv] 276 =E2=94=9Ccwfs64x [srv] 277 =E2=94=9Ccwfs64x [srv] 278 =E2=94=9Ccwfs64x [srv] 279 =E2=94=9Ccwfs64x [srv] 280 =E2=94=9Ccwfs64x [srv] 281 =E2=94=9Ccwfs64x [srv] 282 =E2=94=9Ccwfs64x [srv] 283 =E2=94=9Ccwfs64x [srv] 284 =E2=94=9Ccwfs64x [srv] 286 =E2=94=9Ccwfs64x [wcp] 287 =E2=94=9Ccwfs64x [scp] 325 =E2=94=9Ccs [/net] 359 =E2=94=9Cetherread4 360 =E2=94=9Cetherread6 361 =E2=94=9Crecvarpproc 370 =E2=94=9Cipconfig [dhcpwatch on /net/ether0] 376 =E2=94=9Cdns [/net] 380 =E2=94=9Ctimesync 385 =E2=94=9Crealemu 386 =E2=94=82=E2=94=94realemu [cpuproc] 445 =E2=94=9Cwebcookies 448 =E2=94=9Cwebfs 451 =E2=94=9Cplumber 452 =E2=94=82=E2=94=94plumber 471 =E2=94=9Cstats -lmisce 501 =E2=94=82=E2=94=9Cstats 502 =E2=94=82=E2=94=9Cstats 503 =E2=94=82=E2=94=94stats 483 =E2=94=9Crc -c '/bin/window -x cat /dev/kprint ' 485 =E2=94=82=E2=94=94cat /dev/kprint 486 =E2=94=9Crc -c '/bin/window -x acme ' 488 =E2=94=82=E2=94=94acme 497 =E2=94=82 =E2=94=9Cacme [timerproc] 498 =E2=94=82 =E2=94=9Cacme [mouseproc] 499 =E2=94=82 =E2=94=9Cacme [kbdproc] 500 =E2=94=82 =E2=94=9Cacme [plumbproc] 504 =E2=94=82 =E2=94=9Cacme 505 =E2=94=82 =E2=94=94acme [acmeerrorproc] 508 =E2=94=9Crc -i 1418 =E2=94=82=E2=94=94pstree 514 =E2=94=9C#I0ilack 516 =E2=94=9C#I0tcpack 1417 =E2=94=94closeproc 1419 =E2=94=94closeproc term% cat /mnt/factotum/ctl >> foo key proto=3Drsa service=3Dssh size=3D2048 ek=3D10001 n=3D8DA505[...]46A9D02= F !dk? !p? !q? !kp? !kq? !c2? term% ssh -d lethe >> foo server verison: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214 kexalgs: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,= ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,= diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-= group14-sha256,diffie-hellman-group14-sha1 hostalgs: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 cipher1: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes= 128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc cipher2: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes= 128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc mac1: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@op= enssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@o= penssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 mac2: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@op= enssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@o= penssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 zip1: none,zlib@openssh.com zip2: none,zlib@openssh.com lang1:=20 lang2: host fingerprint: GaqQLmeZje1D03tR8B78KvJOtoUJiL5Anhi3BXWXWwQ userauth none ok userauth none failed: partial=3D0, next=3Dpublickey userauth none skipped userauth publickey ok userauth publickey failed: partial=3D0, next=3Dpublickey userauth publickey ok userauth password skipped userauth keyboard-interactive skipped ssh: auth: no key matches proto=3Drsa service=3Dssh role=3Dclient ------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/Td072863a97c9d3e9-M967fc= e2ff51931fcd1718dca Delivery options: https://9fans.topicbox.com/groups/9fans/subscription