From: "Alexander Shendi (Web.DE)" <Alexander.Shendi@web.de>
To: 9front@9front.org
Subject: Re: [9front] Trying to run 9front as vmd/vmm guest on OpenBSD
Date: Fri, 06 Oct 2023 20:18:40 +0200 [thread overview]
Message-ID: <C50E193F-F61D-4208-8CD6-35BF297D3BAD@web.de> (raw)
In-Reply-To: <0DB67246-C759-4C8B-AEDD-0CBB65238655@web.de>
Hi,
after running "auth/changeuser glenda" and reentering the password and rebooting the VM everything works. I don't fully understand why :(
Sorry for the noise.
Have a nice day.
On October 6, 2023 7:52:39 PM GMT+02:00, "Alexander Shendi (Web.DE)" <Alexander.Shendi@web.de> wrote:
>Hi,
>
>I'm trying to setup a 9front cpu+auth server that I can access via drawterm on the OpenBSD side. However there seems to be a problem with the auth side of things (see auth/debug output).
>
>I am attaching the output of:
>* netaudit
>* auth/asaudit
>* auth/debug
>* the parts of /lib/ndb/local that I have modified.
>
>I am grateful for any help of comments.
>
>cirno# netaudit
> env var $sysname=cirno looks ok
>checking this host's tuple:
> sys=cirno looks ok
> ip=100.64.1.3 looks ok
> dom=cirno.9front looks ok
> ether=002091ffee04 looks ok
>checking the network tuple:
> we are in ipnet=9front
> ipgw=100.64.1.3 looks ok
> dns=100.64.1.3 looks ok
> auth=cirno looks ok
> no fs= entry (needed for tls boot)
>checking auth server configuration:
> we are the auth server cirno
> auth/keyfs is running
> someone is listening on port 567
> run auth/debug to test the auth server
> run auth/asaudit to verify auth server configuration
>checking basic security:
>
>cirno# auth/asaudit
>GOOD: found nvram key for user 'glenda@cirno.9front'
>ndb says authdom 'cirno.9front' corresponds to auth server 'cirno'
>no access to /adm/keys
>trying nvram key for cirno.9front@glenda with factotum
>GOOD: key in factotum matches nvram
>
>
># auth/debug
>key: proto=dp9ik user=glenda dom=cirno.9front !hex? !password?
> dialing auth server net!cirno!ticket
> successfully dialed auth server
> password for glenda@cirno.9front [hit enter to skip test]:
> dialing auth server net!cirno!ticket
> cannot decrypt ticket1 from auth server (bad t.num=0x00)
> auth server and you do not agree on key for glenda@cirno.9front
>cirno#
>
># relevant part of /lib/ndb/local
>auth=cirno authdom=cirno.9front
>ipnet=9front ip=100.64.1.0 ipmask=255.255.255.0
> ipgw=100.64.1.3
> dns=100.64.1.3
> auth=cirno
> dnsdom=9front
> cpu=cirno
> smtp=cirno
>#ip=192.168.0.99 sys=cirno dom=cirno.9front ether=112233445566
>
>
># sys=cirno ether=fee1bbd13d8c
>ip=100.64.1.3 sys=cirno dom=cirno.9front ether=002091ffee04
>
prev parent reply other threads:[~2023-10-06 18:20 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-06 17:52 Alexander Shendi (Web.DE)
2023-10-06 18:18 ` Alexander Shendi (Web.DE) [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=C50E193F-F61D-4208-8CD6-35BF297D3BAD@web.de \
--to=alexander.shendi@web.de \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).