From: Philip T. (List) <ph...@te...> - 2005-04-27 14:48:49
|
Hi, has anyone had any success getting dropbear to listen on ppp0? It listens on usb0 fine, but I can't connect to it on ppp0. (this is on GPRS. The stix responds to pings ok on the same address.) Phil |
From: Craig H. <cr...@hu...> - 2005-04-28 23:40:04
|
Phil, what does ssh -v root@gumstix print? If you log into the gumstix via usb0 or console while ppp0 is up, can you see using netstat -l if dropbear has bound to the ppp0 interface? It should be binding to 0.0.0.0 I think which would pick up any newly created interfaces, but it might be doing something screwy. Also, take a look at /var/log/messages and the output of "dmesg" and see if there's anything funky in there. There's also a possibility that the gumstix is trying to reverse-map the SSH client's IP address through DNS, and that's going slowly, so that the SSH connection being opened appears hung, even though it's just going slowly. Try leaving the connection attempt to try for a long period of time, and see if it gets through eventually. ssh -v should help identify if this is what's happening. C On Apr 27, 2005, at 7:48 AM, Philip Trickett (List) wrote: > has anyone had any success getting dropbear to listen on ppp0? > > It listens on usb0 fine, but I can't connect to it on ppp0. (this is on > GPRS. The stix responds to pings ok on the same address.) |
From: Philip T. (List) <ph...@te...> - 2005-04-29 08:00:55
|
Hi Craig, On Thu, 2005-04-28 at 16:39 -0700, Craig Hughes wrote: > Phil, > > what does > > ssh -v root@gumstix > Ok, for usb0: [phil@unagi ~]$ ssh -v root@10.0.0.10 OpenSSH_4.0p1, OpenSSL 0.9.7f 22 Mar 2005 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 10.0.0.10 [10.0.0.10] port 22. debug1: Connection established. debug1: identity file /home/phil/.ssh/identity type -1 debug1: identity file /home/phil/.ssh/id_rsa type -1 debug1: identity file /home/phil/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version dropbear_0.44 debug1: no match: dropbear_0.44 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.0 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-sha1 none debug1: kex: client->server aes128-cbc hmac-sha1 none debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY The authenticity of host '10.0.0.10 (10.0.0.10)' can't be established. RSA key fingerprint is d2:4a:ae:5e:8a:cf:ce:ab:c9:64:7e:ce:c0:c7:7b:1d. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.0.0.10' (RSA) to the list of known hosts. debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /home/phil/.ssh/identity debug1: Trying private key: /home/phil/.ssh/id_rsa debug1: Offering public key: /home/phil/.ssh/id_dsa debug1: Authentications that can continue: publickey,password debug1: Next authentication method: password root@10.0.0.10's password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. Welcome to Gumstix! By default, this gumstix is configured for MMC support. Unfortunately, this means Compact Flash support has to be disabled out of the box. To turn off MMC and turn on CF, edit the file /etc/modules and comment out or delete the MMC lines; then rename /etc/init.d/s30pcmcia to /etc/init.d/S30pcmcia and reboot. It looks OK to me. Output from netstat -l: # netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:www *:* LISTEN tcp 0 0 *:ssh *:* LISTEN udp 0 0 *:5353 *:* Now with pppd started: # netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:www *:* LISTEN tcp 0 0 *:ssh *:* LISTEN udp 0 0 *:5353 *:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path Looks like it is binding to all interfaces. Now, logged in on ttyS0: # netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:www *:* LISTEN tcp 0 0 *:ssh *:* LISTEN udp 0 0 *:5353 *:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path # netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 6 [ ] DGRAM 338 /tmp/log unix 2 [ ] DGRAM 442 unix 2 [ ] DGRAM 385 unix 2 [ ] DGRAM 342 unix 2 [ ] DGRAM 341 unix 3 [ ] STREAM CONNECTED 158 unix 3 [ ] STREAM CONNECTED 157 And nothing in /var/log/messages indicating any errors. So, I have a gprs modem attached, which will respond to pings fine: [phil@unagi ~]$ ping 213.233.149.100 PING 213.233.149.100 (213.233.149.100) 56(84) bytes of data. 64 bytes from 213.233.149.100: icmp_seq=0 ttl=41 time=3097 ms 64 bytes from 213.233.149.100: icmp_seq=1 ttl=41 time=2106 ms 64 bytes from 213.233.149.100: icmp_seq=2 ttl=41 time=1812 ms 64 bytes from 213.233.149.100: icmp_seq=3 ttl=41 time=1852 ms 64 bytes from 213.233.149.100: icmp_seq=4 ttl=41 time=1828 ms 64 bytes from 213.233.149.100: icmp_seq=5 ttl=41 time=1625 ms 64 bytes from 213.233.149.100: icmp_seq=6 ttl=41 time=1610 ms 64 bytes from 213.233.149.100: icmp_seq=7 ttl=41 time=1468 ms --- 213.233.149.100 ping statistics --- 10 packets transmitted, 8 received, 20% packet loss, time 9012ms rtt min/avg/max/mdev = 1468.632/1925.350/3097.113/478.371 ms, pipe 5 (Hmm 20% packet loss, didn't see that before.) and for completeness, here is how I am connecting: # cat /etc/ppp/peers/gprs /dev/ttyS2 57600 connect '/usr/sbin/chat -v -f /etc/ppp/chat-gprs' noauth defaultroute debug usepeerdns # cat /etc/ppp/chat-gprs TIMEOUT 5 ECHO ON ABORT '\nBUSY\r' ABORT '\nERROR\r' ABORT '\nNO ANSWER\r' ABORT '\nNO DIALTONE\r' ABORT '\nRINGING\r\n\r\nRINGING\r' '' \rAT TIMEOUT 30 OK ATE1 OK AT+cgdcont=1,IP,isp.vodafone.ie OK ATD*99***1# dump of /var/log/messages:# # tail -n 20 /var/log/messages Jan 1 00:00:21 gumstix kern.info kernel: Set (AF1,out,set) via /proc/gpio/GPIO47 Jan 1 00:00:21 gumstix kern.info kernel: Set (AF1,in,set) via /proc/gpio/GPIO49 Jan 1 00:00:21 gumstix kern.info kernel: Set (AF1,out,set) via /proc/gpio/GPIO48 Jan 1 00:00:22 gumstix kern.debug pppd[255]: sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <compress VJ 0f 01> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>] Jan 1 00:00:22 gumstix kern.debug pppd[255]: rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>] Jan 1 00:00:22 gumstix kern.debug pppd[255]: sent [IPCP ConfReq id=0x2 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>] Jan 1 00:00:22 gumstix kern.debug pppd[255]: rcvd [IPCP ConfNak id=0x2 <addr 213.233.149.100> <ms-dns1 213.233.128.1> <ms-dns3 213.233.128.19>] Jan 1 00:00:22 gumstix kern.debug pppd[255]: sent [IPCP ConfReq id=0x3 <addr 213.233.149.100> <ms-dns1 213.233.128.1> <ms-dns3 213.233.128.19>] Jan 1 00:00:22 gumstix kern.debug pppd[255]: rcvd [IPCP ConfAck id=0x3 <addr 213.233.149.100> <ms-dns1 213.233.128.1> <ms-dns3 213.233.128.19>] Jan 1 00:00:22 gumstix kern.notice pppd[255]: local IP address 213.233.149.100 Jan 1 00:00:22 gumstix kern.notice pppd[255]: remote IP address 213.233.149.254 Jan 1 00:00:22 gumstix kern.notice pppd[255]: primary DNS address 213.233.128.1 Jan 1 00:00:22 gumstix kern.notice pppd[255]: secondary DNS address 213.233.128.19 Jan 1 00:01:55 gumstix kern.info init: ^MProcess '/sbin/getty -L ttyS0 115200 vt100' (pid 290) exited. Scheduling it for restart. Jan 1 00:01:55 gumstix kern.info init: ^MStarting pid 337, console /dev/null: '/sbin/getty' Jan 1 00:02:01 gumstix kern.info login[337]: root login on `ttyS0' Apr 29 08:44:51 gumstix kern.info dropbear[221]: premature exit: Terminated by signal Apr 29 08:44:51 gumstix kern.info dropbear[430]: Running in background Apr 29 08:49:48 gumstix kern.info dropbear[430]: premature exit: Terminated by signal Apr 29 08:57:29 gumstix kern.info dropbear[842]: Running in background The last part is where I restarted dropbear to check whether that made a difference. Mind you, I just noticed on the Ping that the current limit light on my psu is lighting dimly when it is pinged. I will go and try it with another PSU now to see if that fixes it. Phil |
From: Philip T. (List) <ph...@te...> - 2005-04-29 09:22:13
|
In reply to my own message, boa does not listen on ppp0 either seemingly. The only thing that stix responds to is a ping on the ppp0 interface. Phil |
From: Craig H. <cr...@hu...> - 2005-04-29 11:15:08
|
Can you establish TCP/IP connections outbound from the 'stix to the outside world while it's connected via GPRS? Odds are high that your GPRS provider has you behind a NAT or some kind of firewall. C On Apr 29, 2005, at 2:22 AM, Philip Trickett (List) wrote: > In reply to my own message, boa does not listen on ppp0 either > seemingly. > > The only thing that stix responds to is a ping on the ppp0 interface. |
From: Philip T. (List) <ph...@te...> - 2005-04-29 11:46:58
|
On Fri, 2005-04-29 at 04:14 -0700, Craig Hughes wrote: > Can you establish TCP/IP connections outbound from the 'stix to the > outside world while it's connected via GPRS? Odds are high that your > GPRS provider has you behind a NAT or some kind of firewall. > > C Yeah I can. They swear that they don't have me behind a firewall. It would be alright if I could get dropbear to work with passwordless key based logins but I can't :( Currently on a hunt for a simple email sending MUA that will connect ot a mail server, login with the correct id etc and send a plain text email. Phil |
From: Dave H. <dhy...@gm...> - 2005-04-29 12:34:26
|
Hi Phil, > They swear that they don't have me behind a firewall. It's my experience that the people you normally talk to on a tech support line don't actually know. > It would be alright if I could get dropbear to work with passwordless > key based logins but I can't :( >=20 > Currently on a hunt for a simple email sending MUA that will connect ot > a mail server, login with the correct id etc and send a plain text > email. Something like this: http://www.muquit.com/muquit/software/mailsend/mailsend.html --=20 Dave Hylands Vancouver, BC, Canada http://www.DaveHylands.com/ |
From: Philip T. (List) <ph...@te...> - 2005-04-29 13:01:46
|
On Fri, 2005-04-29 at 05:34 -0700, Dave Hylands wrote: > Hi Phil, > > > They swear that they don't have me behind a firewall. > > It's my experience that the people you normally talk to on a tech > support line don't actually know. > Yeah, don't I know it ;) > Something like this: > http://www.muquit.com/muquit/software/mailsend/mailsend.html > Excellent, thanks! Works like a charm. I was trying to use nail http://nail.sourceforge.net/ but it was a bit much for what I was trying to do. Phil |
From: David I S M. <da...@th...> - 2005-04-29 14:01:30
|
Philip, If your gprs provider is tmobile you can't get inbound connections, no matter which gprs service you get. It took us a while to prove that. external address, nat address no matter. The external address might as well be a nat address as nothing is allowed to come into the external address. That said if you need to reach your systems for control and not general access you can raise an ssh reverse tunnel and then you can reach in to the unit. Cheers, David On Fri, 2005-04-29 at 14:01 +0100, Philip Trickett (List) wrote: > On Fri, 2005-04-29 at 05:34 -0700, Dave Hylands wrote: > > Hi Phil, > > > > > They swear that they don't have me behind a firewall. > > > > It's my experience that the people you normally talk to on a tech > > support line don't actually know. > > > > Yeah, don't I know it ;) > > > > Something like this: > > http://www.muquit.com/muquit/software/mailsend/mailsend.html > > > > Excellent, thanks! > > Works like a charm. I was trying to use nail > http://nail.sourceforge.net/ but it was a bit much for what I was trying > to do. > > Phil > > > > ------------------------------------------------------- > SF.Net email is sponsored by: Tell us your software development plans! > Take this survey and enter to win a one-year sub to SourceForge.net > Plus IDC's 2005 look-ahead and a copy of this survey > Click here to start! http://www.idcswdc.com/cgi-bin/survey?id=105hix > _______________________________________________ > gumstix-users mailing list > gum...@li... > https://lists.sourceforge.net/lists/listinfo/gumstix-users > -- David Mandala <davidm at them dot com> www.them.com/~davidm Public Key id: 45B2D952 Murphy TX, 75094 214.774.2569 HO 972.693.4007 C |