Regarding dbclient failure

Matt Johnston matt at ucc.asn.au
Fri Aug 8 08:34:11 WST 2014


Hi Pratik,

It looks like it is failing when it tries to read the 'y/n' response from /dev/tty.  Can you check that is set up correctly on the system? Running 'strace -o logfile dbclient...' might have some clues if you send me it.

You can skip the hostkey confirmation with '-y' but that means you lose security against the SSH session being altered or monitored. Useful for debugging though.

Cheers,
Matt

On 7 August 2014 10:47:37 pm AWST, pratik singh <pratiksingh86 at gmail.com> wrote:
>Hi,
>
>I am using Dropbear 0.48 with uClinux-dist. Currently server is working
>fine but while trying to run dbclient its throwing following error:
>
>--------------------------------------------------------------------------------------------------------------------------------------------
>#dbclient -i dss_key pratik at 10.10.10.1
>
>TRACE: enter session_init
>TRACE: kexinitialise()
>TRACE: leave session_init
>TRACE: enter ident_readln
>TRACE: leave ident_readln: return 20
>TRACE: remoteident: SSH-2.0-OpenSSH_4.3
>TRACE: enter encrypt_packet()
>TRACE: encrypt_packet type is 20
>TRACE: enter writemac
>TRACE: leave writemac
>TRACE: enter enqueue
>TRACE: leave enqueue
>TRACE: leave encrypt_packet()
>TRACE: DATAALLOWED=0
>TRACE: -> KEXINIT
>TRACE: enter write_packet
>TRACE: empty queue dequeing
>TRACE: leave write_packet
>TRACE: enter read_packet
>TRACE: enter decrypt_packet
>TRACE: leave decrypt_packet
>TRACE: leave read_packet
>TRACE: enter process_packet
>TRACE: process_packet: packet type = 20
>TRACE: <- KEXINIT
>TRACE: enter recv_msg_kexinit
>TRACE: cli_buf_match_algo:
>diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>TRACE: kex algo diffie-hellman-group1-sha1
>TRACE: cli_buf_match_algo: ssh-rsa,ssh-dss
>TRACE: hostkey algo ssh-dss
>TRACE: cli_buf_match_algo:
>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
>rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
>TRACE: enc c2s is  aes128-cbc
>TRACE: cli_buf_match_algo:
>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
>rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
>TRACE: enc s2c is  aes128-cbc
>TRACE: cli_buf_match_algo: hmac-md5,hmac-sha1,hmac-ripemd160,
>hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
>TRACE: hash c2s is  hmac-sha1-96
>TRACE: cli_buf_match_algo: hmac-md5,hmac-sha1,hmac-ripemd160,
>hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
>TRACE: hash s2c is  hmac-sha1-96
>TRACE: cli_buf_match_algo: none,zlib at openssh.com
>TRACE: hash c2s is  none
>TRACE: cli_buf_match_algo: none,zlib at openssh.com
>TRACE: hash s2c is  none
>TRACE: leave recv_msg_kexinit
>TRACE: leave process_packet
>TRACE: enter cli_sessionloop
>TRACE: enter send_msg_kexdh_reply
>
>
>TRACE: enter buf_putmpint
>TRACE: leave buf_putmpint
>TRACE: enter encrypt_packet()
>TRACE: encrypt_packet type is 30
>TRACE: enter writemac
>TRACE: leave writemac
>TRACE: enter enqueue
>TRACE: leave enqueue
>TRACE: leave encrypt_packet()
>TRACE: leave cli_sessionloop: done with KEXINIT_RCVD
>TRACE: enter write_packet
>TRACE: empty queue dequeing
>TRACE: leave write_packet
>TRACE: enter cli_sessionloop
>TRACE: leave cli_sessionloop: kex_state != KEX_NOTHING
>TRACE: enter read_packet
>TRACE: enter decrypt_packet
>TRACE: leave decrypt_packet
>TRACE: leave read_packet
>TRACE: enter process_packet
>TRACE: process_packet: packet type = 31
>TRACE: enter recv_msg_kexdh_reply
>TRACE: type is 2
>TRACE: enter buf_getline
>
>
>
>
>
>
>
>
>
>
>
>
>*TRACE: leave buf_getline: failureTRACE: failed reading line: prob EOF
>Host
>'10.10.10.1' is not in the trusted hosts file. (fingerprint md5
>aa:c4:3e:32:ac:42:5b:21:0e:86:7d:b2:21:db:fb:1c)Do you want to continue
>connecting? (y/n)TRACE: enter cli_tty_cleanupTRACE: leave
>cli_tty_cleanup:
>not in raw modeTRACE: enter session_cleanup TRACE: enter
>chancleanupTRACE:
>leave chancleanupTRACE: leave session_cleanupdbclient: connection to
>pratik at 10.10.10.1:22 <http://pratik@10.10.10.1:22> exited: Didn't
>validate
>host key*
>---------------------------------------------------------------------------------------------------------------------------------
>
>Any suggestions on this would be a great help.
>
>-- 
>Thanks & Regards
>Pratik Singh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20140808/44e8aca0/attachment-0001.htm 


More information about the Dropbear mailing list