Re: Login attempt for nonexistent user on Alpine Linux

2017-12-01 Thread Szabolcs Nagy 
* Hugo Genesse  [2017-12-01 18:57:02 +]:
> 
> -vvv on dropbear doesn't seem to be a valid option:
> 
> 67b4c38f79c6:/usr/lib# /root/dropbear -R -E -vvv
> Invalid option -v
> 
> Is my command correct?
> 

ah -v is only supported if dropbear is built with CFLAGS=-DDEBUG_TRACE

Re: Login attempt for nonexistent user on Alpine Linux

2017-12-01 Thread Hugo Genesse 


-vvv on dropbear doesn't seem to be a valid option:

67b4c38f79c6:/usr/lib# /root/dropbear -R -E -vvv
Invalid option -v

Is my command correct?

Szabolcs Nagy  a écrit :


* Hugo Genesse  [2017-12-01 17:07:25 +]:


First, thanks for your replies. I created another account:

admin:x:100:65533:Linux User,,,:/home/admin:/bin/ash

Here is the output of with -vvv:



you added -vvv on the client side instead of the server where the  
problem is...



debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
admin@127.0.0.1's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
admin@127.0.0.1's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
admin@127.0.0.1's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
admin@127.0.0.1: Permission denied (publickey,password).

and in the dropbear logs I still get:

[67] Dec 01 17:03:47 Child connection from :40878
[67] Dec 01 17:03:47 Login attempt for nonexistent user from
[...]



make it more verbose, you will see what part of the user
lookup fails.


I saw that I could create a configuration file in /etc/dropbear to allow
root logins by it seems to be enabled by default and I would prefer just
drop a binary on the device to enable ssh without changes to the system.
Here is the openwrt page I'm referring:
https://wiki.openwrt.org/doc/uci/dropbear

Thanks!

"Daniel."  a écrit :

> Can you log in with another user? The root login may be disabled by
> security reasons.
>
> 2017-12-01 13:01 GMT-02:00 Szabolcs Nagy :
>
> > * Hugo Genesse  [2017-12-01 04:51:08 +]:
> > > I've been trying to use dropbear (compiled myself statically with
> > > ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux
> > > 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not
> > > mistaken). I run dropbear like this: "./dropbear -R" and  
can't login with

> > > proper credentials. With the "-E" switch I get the following:
> > >
> > >  /root/dropbear -R -E
> > > [59] Dec 01 04:31:32 Running in background
> > > [60] Dec 01 04:31:36 Child connection from 
> > > [60] Dec 01 04:31:36 Login attempt for nonexistent user from 
> > >
> >
> > i think you can use -vvv to see more detailed debug messages
> >
>
>
>
> --
> “If you're going to try, go all the way. Otherwise, don't even start. ..."
>   Charles Bukowski

Re: Login attempt for nonexistent user on Alpine Linux

2017-12-01 Thread Szabolcs Nagy 
* Matt Johnston  [2017-12-01 16:53:33 +]:
> Statically linking glibc isn't sufficient to make

it's not glibc if it's on alpine linux

Re: Login attempt for nonexistent user on Alpine Linux

2017-12-01 Thread Szabolcs Nagy 
* Hugo Genesse  [2017-12-01 17:07:25 +]:
> 
> First, thanks for your replies. I created another account:
> 
> admin:x:100:65533:Linux User,,,:/home/admin:/bin/ash
> 
> Here is the output of with -vvv:
> 

you added -vvv on the client side instead of the server where the problem is...

> debug3: authmethod_lookup password
> debug3: remaining preferred: ,password
> debug3: authmethod_is_enabled password
> debug1: Next authentication method: password
> admin@127.0.0.1's password:
> debug3: send packet: type 50
> debug2: we sent a password packet, wait for reply
> debug3: receive packet: type 51
> debug1: Authentications that can continue: publickey,password
> Permission denied, please try again.
> admin@127.0.0.1's password:
> debug3: send packet: type 50
> debug2: we sent a password packet, wait for reply
> debug3: receive packet: type 51
> debug1: Authentications that can continue: publickey,password
> Permission denied, please try again.
> admin@127.0.0.1's password:
> debug3: send packet: type 50
> debug2: we sent a password packet, wait for reply
> debug3: receive packet: type 51
> debug1: Authentications that can continue: publickey,password
> debug2: we did not send a packet, disable method
> debug1: No more authentication methods to try.
> admin@127.0.0.1: Permission denied (publickey,password).
> 
> and in the dropbear logs I still get:
> 
> [67] Dec 01 17:03:47 Child connection from :40878
> [67] Dec 01 17:03:47 Login attempt for nonexistent user from
> [...]
> 

make it more verbose, you will see what part of the user
lookup fails.

> I saw that I could create a configuration file in /etc/dropbear to allow
> root logins by it seems to be enabled by default and I would prefer just
> drop a binary on the device to enable ssh without changes to the system.
> Here is the openwrt page I'm referring:
> https://wiki.openwrt.org/doc/uci/dropbear
> 
> Thanks!
> 
> "Daniel."  a écrit :
> 
> > Can you log in with another user? The root login may be disabled by
> > security reasons.
> > 
> > 2017-12-01 13:01 GMT-02:00 Szabolcs Nagy :
> > 
> > > * Hugo Genesse  [2017-12-01 04:51:08 +]:
> > > > I've been trying to use dropbear (compiled myself statically with
> > > > ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux
> > > > 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not
> > > > mistaken). I run dropbear like this: "./dropbear -R" and can't login 
> > > > with
> > > > proper credentials. With the "-E" switch I get the following:
> > > >
> > > >  /root/dropbear -R -E
> > > > [59] Dec 01 04:31:32 Running in background
> > > > [60] Dec 01 04:31:36 Child connection from 
> > > > [60] Dec 01 04:31:36 Login attempt for nonexistent user from 
> > > >
> > > 
> > > i think you can use -vvv to see more detailed debug messages
> > > 
> > 
> > 
> > 
> > --
> > “If you're going to try, go all the way. Otherwise, don't even start. ..."
> >   Charles Bukowski
> 
>

Re: Login attempt for nonexistent user on Alpine Linux

2017-12-01 Thread Hugo Genesse 


Hi!

First, thanks for your replies. I created another account:

admin:x:100:65533:Linux User,,,:/home/admin:/bin/ash

Here is the output of with -vvv:

debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
admin@127.0.0.1's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
admin@127.0.0.1's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
admin@127.0.0.1's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
admin@127.0.0.1: Permission denied (publickey,password).

and in the dropbear logs I still get:

[67] Dec 01 17:03:47 Child connection from :40878
[67] Dec 01 17:03:47 Login attempt for nonexistent user from
[...]

I saw that I could create a configuration file in /etc/dropbear to  
allow root logins by it seems to be enabled by default and I would  
prefer just drop a binary on the device to enable ssh without changes  
to the system. Here is the openwrt page I'm referring:  
https://wiki.openwrt.org/doc/uci/dropbear


Thanks!

"Daniel."  a écrit :


Can you log in with another user? The root login may be disabled by
security reasons.

2017-12-01 13:01 GMT-02:00 Szabolcs Nagy :


* Hugo Genesse  [2017-12-01 04:51:08 +]:
> I've been trying to use dropbear (compiled myself statically with
> ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux
> 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not
> mistaken). I run dropbear like this: "./dropbear -R" and can't login with
> proper credentials. With the "-E" switch I get the following:
>
>  /root/dropbear -R -E
> [59] Dec 01 04:31:32 Running in background
> [60] Dec 01 04:31:36 Child connection from 
> [60] Dec 01 04:31:36 Login attempt for nonexistent user from 
>

i think you can use -vvv to see more detailed debug messages





--
“If you're going to try, go all the way. Otherwise, don't even start. ..."
  Charles Bukowski

Re: Login attempt for nonexistent user on Alpine Linux

2017-12-01 Thread Daniel. 
Can you log in with another user? The root login may be disabled by
security reasons.

2017-12-01 13:01 GMT-02:00 Szabolcs Nagy :

> * Hugo Genesse  [2017-12-01 04:51:08 +]:
> > I've been trying to use dropbear (compiled myself statically with
> > ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux
> > 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not
> > mistaken). I run dropbear like this: "./dropbear -R" and can't login with
> > proper credentials. With the "-E" switch I get the following:
> >
> >  /root/dropbear -R -E
> > [59] Dec 01 04:31:32 Running in background
> > [60] Dec 01 04:31:36 Child connection from 
> > [60] Dec 01 04:31:36 Login attempt for nonexistent user from 
> >
>
> i think you can use -vvv to see more detailed debug messages
>



-- 
“If you're going to try, go all the way. Otherwise, don't even start. ..."
  Charles Bukowski

Re: Login attempt for nonexistent user on Alpine Linux

2017-12-01 Thread Szabolcs Nagy 
* Hugo Genesse  [2017-12-01 04:51:08 +]:
> I've been trying to use dropbear (compiled myself statically with
> ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux
> 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not
> mistaken). I run dropbear like this: "./dropbear -R" and can't login with
> proper credentials. With the "-E" switch I get the following:
> 
>  /root/dropbear -R -E
> [59] Dec 01 04:31:32 Running in background
> [60] Dec 01 04:31:36 Child connection from 
> [60] Dec 01 04:31:36 Login attempt for nonexistent user from 
> 

i think you can use -vvv to see more detailed debug messages