* [9fans] Ssh configuration from within drawterm
@ 2018-11-12 19:15 Alexander Kapshuk
2018-11-12 22:32 ` hiro
0 siblings, 1 reply; 4+ messages in thread
From: Alexander Kapshuk @ 2018-11-12 19:15 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
I would like to set up ssh on plan9 so I can dial out to the Linux
systems on my LAN.
What I've done so far is:
(1). I've generated rsa and dsa keys and put them in my secstore.
auth/rsagen
auth/dsagen
(2). I've converted both rsa and dsa keys to ssh format and put those in my
$HOME/.ssh/authorized_keys file on Linux.
grep rsa /mnt/factotum/ctl | rsa2ssh2
auth/dsagen -t 'service=ssh' >key
auth/dsa2ssh key
(3). I've put a key for proto=pass in my sectore as well:
Ssh connection fails with these records found in /sys/log/ssh:
plan9 Nov 12 21:05:46 netssh: server id 9 new connection on fd 3
plan9 Nov 12 21:05:46 netssh: client id 9 connect handshake failed: tcp conn 26
plan9 Nov 12 21:06:41 netssh: no proto=dsa key in factotum
The line about netssh not finding proto=dsa key in factotum is printed
even though I did put it in factotum as it was output by auth/dsagen
verbatum.
Any tips on how to proceed with this would be much appreciated.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] Ssh configuration from within drawterm
2018-11-12 19:15 [9fans] Ssh configuration from within drawterm Alexander Kapshuk
@ 2018-11-12 22:32 ` hiro
2018-11-14 19:11 ` Alexander Kapshuk
0 siblings, 1 reply; 4+ messages in thread
From: hiro @ 2018-11-12 22:32 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
did you try with proto=rsa instead of proto=pass ?!
you don't need both rsa and dsa. why not use just rsa?
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] Ssh configuration from within drawterm
2018-11-12 22:32 ` hiro
@ 2018-11-14 19:11 ` Alexander Kapshuk
2018-11-14 20:22 ` hiro
0 siblings, 1 reply; 4+ messages in thread
From: Alexander Kapshuk @ 2018-11-14 19:11 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On Tue, Nov 13, 2018 at 1:20 AM hiro <23hiro@gmail.com> wrote:
>
> did you try with proto=rsa instead of proto=pass ?!
> you don't need both rsa and dsa. why not use just rsa?
>
Thanks for your prompt response.
I got rid of the dsa key in my factotum.
Here's my current rsa key record in factotum
cpu% grep ssh /mnt/factotum/ctl
key proto=rsa service=ssh role=client role=sign
comment=sasha@plan9.domain size=1024 ek=23
n=F69A9E3314E579E9C6A18D9804029849B5CF441E41E2D1CC3A41EE39D296C692B39291128CA86DD714BE78BDDBFC54766D34712A77E04EFC7869055217E2DCC3684E0612AB7E9EA350778BBEA87348BB43A8BDC37A86B0433EBB8ADDC0EB5A314DC35AE10721C9E33BB760ED7DAB70C8D65801EAE7DC7021222E42976C133E47
!dk? !p? !q? !kp? !kq? !c2?
key proto=pass service=ssh server=pc-sasha user=sasha !password?
Ssh debugging output:
cpu% ssh -d pc-sasha
/386/bin/ssh2: mounting /srv/netssh on /net
/386/bin/ssh2: can't open /srv/netssh: '/srv/netssh' file does not exist
/386/bin/ssh2: mounting /srv/ssh on /net
/386/bin/ssh2: can't open /srv/ssh: '/srv/ssh' file does not exist
/386/bin/ssh2: mounting /srv/ssh.sasha on /net
/386/bin/ssh2: dial conn /net/ssh!pc-sasha!22: connect handshake failed
Here are the contents of my /net/ssh:
cpu% ls -l /net/ssh
d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/0
d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/1
d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:48 /net/ssh/2
d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:48 /net/ssh/3
d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:55 /net/ssh/4
d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:57 /net/ssh/5
d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:58 /net/ssh/6
d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:58 /net/ssh/7
--rw-rw-rw- M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/clone
--rw-rw-rw- M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/ctl
--rw------- M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/keys
The Keys and Management section of SSH(4), refers to various keys
required for the operation of ssh.
(1). The first key needed is the host key for server operation.
In the case of the keys being stored in factotum(4), these
keys will be the first ones listed with proto=rsa and
proto=dss.
That's what I already have in my factotum shown above.
(2). The next set of keys are the public host keys used by
clients to verify the identities of servers. As with the
original Plan 9 SSH implementation, there is a system-wide
list of these in /sys/lib/ssh/keyring and each user may have
a list in $home/lib/keyring.
If a public key for a remote server is listed and matches the one
offered by the server,
the connection proceeds. If a public key for a remote server is
listed but does not match
the one offered by the server, or if no public key is listed for a
remote server,
ssh (see ssh2(1)) presents the key to the user and asks whether to
reject the key,
accept the key only for that session, or accept the key permanently.
The last option causes the key to be written to the user's keyring.
In the case of
a mismatching key, the accept option can either be to add to or
replace the old key.
I have neither of the keyring files, nor do I get prompted to accept any keys.
What am I missing?
Thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] Ssh configuration from within drawterm
2018-11-14 19:11 ` Alexander Kapshuk
@ 2018-11-14 20:22 ` hiro
0 siblings, 0 replies; 4+ messages in thread
From: hiro @ 2018-11-14 20:22 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
sorry, i thought this was 9front mailing list. nobody is supporting
the mainline ssh.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-11-14 20:22 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-12 19:15 [9fans] Ssh configuration from within drawterm Alexander Kapshuk
2018-11-12 22:32 ` hiro
2018-11-14 19:11 ` Alexander Kapshuk
2018-11-14 20:22 ` hiro
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).