Re: Login attempt for nonexistent user on Alpine Linux
* Hugo Genesse [2017-12-01 18:57:02 +]: > > -vvv on dropbear doesn't seem to be a valid option: > > 67b4c38f79c6:/usr/lib# /root/dropbear -R -E -vvv > Invalid option -v > > Is my command correct? > ah -v is only supported if dropbear is built with CFLAGS=-DDEBUG_TRACE
Re: Login attempt for nonexistent user on Alpine Linux
-vvv on dropbear doesn't seem to be a valid option: 67b4c38f79c6:/usr/lib# /root/dropbear -R -E -vvv Invalid option -v Is my command correct? Szabolcs Nagy a écrit : * Hugo Genesse [2017-12-01 17:07:25 +]: First, thanks for your replies. I created another account: admin:x:100:65533:Linux User,,,:/home/admin:/bin/ash Here is the output of with -vvv: you added -vvv on the client side instead of the server where the problem is... debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password admin@127.0.0.1's password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password Permission denied, please try again. admin@127.0.0.1's password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password Permission denied, please try again. admin@127.0.0.1's password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password debug2: we did not send a packet, disable method debug1: No more authentication methods to try. admin@127.0.0.1: Permission denied (publickey,password). and in the dropbear logs I still get: [67] Dec 01 17:03:47 Child connection from :40878 [67] Dec 01 17:03:47 Login attempt for nonexistent user from [...] make it more verbose, you will see what part of the user lookup fails. I saw that I could create a configuration file in /etc/dropbear to allow root logins by it seems to be enabled by default and I would prefer just drop a binary on the device to enable ssh without changes to the system. Here is the openwrt page I'm referring: https://wiki.openwrt.org/doc/uci/dropbear Thanks! "Daniel." a écrit : > Can you log in with another user? The root login may be disabled by > security reasons. > > 2017-12-01 13:01 GMT-02:00 Szabolcs Nagy : > > > * Hugo Genesse [2017-12-01 04:51:08 +]: > > > I've been trying to use dropbear (compiled myself statically with > > > ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux > > > 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not > > > mistaken). I run dropbear like this: "./dropbear -R" and can't login with > > > proper credentials. With the "-E" switch I get the following: > > > > > > /root/dropbear -R -E > > > [59] Dec 01 04:31:32 Running in background > > > [60] Dec 01 04:31:36 Child connection from > > > [60] Dec 01 04:31:36 Login attempt for nonexistent user from > > > > > > > i think you can use -vvv to see more detailed debug messages > > > > > > -- > “If you're going to try, go all the way. Otherwise, don't even start. ..." > Charles Bukowski
Re: Login attempt for nonexistent user on Alpine Linux
* Matt Johnston [2017-12-01 16:53:33 +]: > Statically linking glibc isn't sufficient to make it's not glibc if it's on alpine linux
Re: Login attempt for nonexistent user on Alpine Linux
* Hugo Genesse [2017-12-01 17:07:25 +]: > > First, thanks for your replies. I created another account: > > admin:x:100:65533:Linux User,,,:/home/admin:/bin/ash > > Here is the output of with -vvv: > you added -vvv on the client side instead of the server where the problem is... > debug3: authmethod_lookup password > debug3: remaining preferred: ,password > debug3: authmethod_is_enabled password > debug1: Next authentication method: password > admin@127.0.0.1's password: > debug3: send packet: type 50 > debug2: we sent a password packet, wait for reply > debug3: receive packet: type 51 > debug1: Authentications that can continue: publickey,password > Permission denied, please try again. > admin@127.0.0.1's password: > debug3: send packet: type 50 > debug2: we sent a password packet, wait for reply > debug3: receive packet: type 51 > debug1: Authentications that can continue: publickey,password > Permission denied, please try again. > admin@127.0.0.1's password: > debug3: send packet: type 50 > debug2: we sent a password packet, wait for reply > debug3: receive packet: type 51 > debug1: Authentications that can continue: publickey,password > debug2: we did not send a packet, disable method > debug1: No more authentication methods to try. > admin@127.0.0.1: Permission denied (publickey,password). > > and in the dropbear logs I still get: > > [67] Dec 01 17:03:47 Child connection from :40878 > [67] Dec 01 17:03:47 Login attempt for nonexistent user from > [...] > make it more verbose, you will see what part of the user lookup fails. > I saw that I could create a configuration file in /etc/dropbear to allow > root logins by it seems to be enabled by default and I would prefer just > drop a binary on the device to enable ssh without changes to the system. > Here is the openwrt page I'm referring: > https://wiki.openwrt.org/doc/uci/dropbear > > Thanks! > > "Daniel." a écrit : > > > Can you log in with another user? The root login may be disabled by > > security reasons. > > > > 2017-12-01 13:01 GMT-02:00 Szabolcs Nagy : > > > > > * Hugo Genesse [2017-12-01 04:51:08 +]: > > > > I've been trying to use dropbear (compiled myself statically with > > > > ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux > > > > 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not > > > > mistaken). I run dropbear like this: "./dropbear -R" and can't login > > > > with > > > > proper credentials. With the "-E" switch I get the following: > > > > > > > > /root/dropbear -R -E > > > > [59] Dec 01 04:31:32 Running in background > > > > [60] Dec 01 04:31:36 Child connection from > > > > [60] Dec 01 04:31:36 Login attempt for nonexistent user from > > > > > > > > > > i think you can use -vvv to see more detailed debug messages > > > > > > > > > > > -- > > “If you're going to try, go all the way. Otherwise, don't even start. ..." > > Charles Bukowski > >
Re: Login attempt for nonexistent user on Alpine Linux
Hi! First, thanks for your replies. I created another account: admin:x:100:65533:Linux User,,,:/home/admin:/bin/ash Here is the output of with -vvv: debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password admin@127.0.0.1's password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password Permission denied, please try again. admin@127.0.0.1's password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password Permission denied, please try again. admin@127.0.0.1's password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password debug2: we did not send a packet, disable method debug1: No more authentication methods to try. admin@127.0.0.1: Permission denied (publickey,password). and in the dropbear logs I still get: [67] Dec 01 17:03:47 Child connection from :40878 [67] Dec 01 17:03:47 Login attempt for nonexistent user from [...] I saw that I could create a configuration file in /etc/dropbear to allow root logins by it seems to be enabled by default and I would prefer just drop a binary on the device to enable ssh without changes to the system. Here is the openwrt page I'm referring: https://wiki.openwrt.org/doc/uci/dropbear Thanks! "Daniel." a écrit : Can you log in with another user? The root login may be disabled by security reasons. 2017-12-01 13:01 GMT-02:00 Szabolcs Nagy : * Hugo Genesse [2017-12-01 04:51:08 +]: > I've been trying to use dropbear (compiled myself statically with > ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux > 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not > mistaken). I run dropbear like this: "./dropbear -R" and can't login with > proper credentials. With the "-E" switch I get the following: > > /root/dropbear -R -E > [59] Dec 01 04:31:32 Running in background > [60] Dec 01 04:31:36 Child connection from > [60] Dec 01 04:31:36 Login attempt for nonexistent user from > i think you can use -vvv to see more detailed debug messages -- “If you're going to try, go all the way. Otherwise, don't even start. ..." Charles Bukowski
Re: Login attempt for nonexistent user on Alpine Linux
Hi Hugo, Statically linking glibc isn't sufficient to make it standalone, you need to copy the libnss libraries - glibc looks for those at runtime. Another option is to build against musl libc instead. Cheers, Matt On 1 December 2017 12:51:08 pm AWST, Hugo Genesse wrote: > >Hi! > >I've been trying to use dropbear (compiled myself statically with >./configure; make STATIC=1) on a Alpine Linux Docker container (Linux >4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not >mistaken). I run dropbear like this: "./dropbear -R" and can't login >with proper credentials. With the "-E" switch I get the following: > > /root/dropbear -R -E >[59] Dec 01 04:31:32 Running in background >[60] Dec 01 04:31:36 Child connection from >[60] Dec 01 04:31:36 Login attempt for nonexistent user from > >My credentials are right and the command to connect is: "ssh >root@127.0.0.1" (the port is properly forwarded to the container). >With the ssh client verbose option I get: > >debug1: Next authentication method: password >root@127.0.0.1's password: >debug1: Authentications that can continue: publickey,password >Permission denied, please try again. >root@127.0.0.1's password: >debug1: Authentications that can continue: publickey,password >Permission denied, please try again. >root@127.0.0.1's password: >debug1: Authentications that can continue: publickey,password >debug1: No more authentication methods to try. >root@127.0.0.1: Permission denied (publickey,password). > >and the root account exists as you can see here: > >cat /etc/passwd >root:x:0:0:root:/root:/bin/ash >[...] > >I've seen issues that seem similar on the web: >https://lists.debian.org/debian-arm/2012/06/msg00056.html >The ones I found were fixed by copying libnss to another location but >shouldn't a statically dropbear already solve this problem? > >I also have telnet activated and I can login with root (don't worry >this won't be put into production, it is for demonstration purposes >only). > >Is there any other things I should check or modify to be able to login > >with dropbear? > >Thanks!
Re: Login attempt for nonexistent user on Alpine Linux
Can you log in with another user? The root login may be disabled by security reasons. 2017-12-01 13:01 GMT-02:00 Szabolcs Nagy : > * Hugo Genesse [2017-12-01 04:51:08 +]: > > I've been trying to use dropbear (compiled myself statically with > > ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux > > 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not > > mistaken). I run dropbear like this: "./dropbear -R" and can't login with > > proper credentials. With the "-E" switch I get the following: > > > > /root/dropbear -R -E > > [59] Dec 01 04:31:32 Running in background > > [60] Dec 01 04:31:36 Child connection from > > [60] Dec 01 04:31:36 Login attempt for nonexistent user from > > > > i think you can use -vvv to see more detailed debug messages > -- “If you're going to try, go all the way. Otherwise, don't even start. ..." Charles Bukowski
Re: Login attempt for nonexistent user on Alpine Linux
* Hugo Genesse [2017-12-01 04:51:08 +]: > I've been trying to use dropbear (compiled myself statically with > ./configure; make STATIC=1) on a Alpine Linux Docker container (Linux > 4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not > mistaken). I run dropbear like this: "./dropbear -R" and can't login with > proper credentials. With the "-E" switch I get the following: > > /root/dropbear -R -E > [59] Dec 01 04:31:32 Running in background > [60] Dec 01 04:31:36 Child connection from > [60] Dec 01 04:31:36 Login attempt for nonexistent user from > i think you can use -vvv to see more detailed debug messages