From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id MHpmHKC4S2OFvQAAbAwnHQ (envelope-from ) for ; Sun, 16 Oct 2022 09:54:08 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id OGJOHKC4S2NqPwEAauVa8A (envelope-from ) for ; Sun, 16 Oct 2022 09:54:08 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 3E15B371F for ; Sun, 16 Oct 2022 09:54:08 +0200 (CEST) Received: from localhost ([::1]:52714 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ojyTH-0000ve-6T for larch@yhetil.org; Sun, 16 Oct 2022 03:54:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43492) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ojySf-0000v1-E7 for help-guix@gnu.org; Sun, 16 Oct 2022 03:53:29 -0400 Received: from mail-ed1-x52f.google.com ([2a00:1450:4864:20::52f]:43675) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ojySd-0000sG-Mg for help-guix@gnu.org; Sun, 16 Oct 2022 03:53:29 -0400 Received: by mail-ed1-x52f.google.com with SMTP id q19so12099948edd.10 for ; Sun, 16 Oct 2022 00:53:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=z4Hv3jVPshZN56EZmnuDtz/S17PeSjQI6tH3uTMM2ZA=; b=CUw4pcD5M6DmcxcsDH+n8LYR1YRy1BNdRG5HZWG/EK9JX24kIb54TO0f+YY+KcgcRp RjvaPQxZ3I9CgXmjwvOOf0zUk3ZqzdseBiuR/Db8K4GaHz7rg0l4QBzaASLh9SYPYRui E+uAbrqsfk6DPc6tNOzqawFmB/I6nKpOu2rarWtOQcAuaKsayKSTzj7PdWHl9QkmXSlW LWvOu1ZkjTQyW2cRHKnw+yziuQfChv4xbsVuG4rO+Qazj3TmfxgFNbn21ObAeWxvsErU KxGUXzRlqaRt4GZiinQAtZD6Ud1uexHpIVZMS+Lb9E+Bv45yPyhlVQ7PGL1w+PNp8hoG APig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=z4Hv3jVPshZN56EZmnuDtz/S17PeSjQI6tH3uTMM2ZA=; b=fbrFYbNLCiOWzha2WOzw8X1pAqTBxX95cP1jnhUDz3pLMBiMOqzc8ys0Orl017Vvew SjohPOCurx4P/TA3y2234toTQozrVQOB92ZVDgOZDxHseUzNWOlO3qkXsdUuhfGh5WHo PlpK0yvnC49Bvjr7qjkcVeBhrr2KB8MkGh2Dxeev1tZ5Tc2ThbEIK2jVGpmEVHat1rW4 NeHTzPJ+hDmCkkC481Mb2MPFrPhvBwjQRSGRwUgeU4oKyNmCW1aDdN+3MrI3cqww5HTq qVqr9mP7B8bVV3BqjqI+XMGf32SGVe3ctYs6hPauag3GXm4NQQRRE0+UbloG2+MRNqbn 41Ow== X-Gm-Message-State: ACrzQf3H1QofkVUZh8+yNU5Buwl2QbhzXIP1vzlhug+3KqkRMhN/zt0g qtkrFrM2A+xu+fmrlEHXHFXcK1A0nfpvX0u78J8= X-Google-Smtp-Source: AMsMyM5+Mewvv/EdqBplJJONXJji0GGeskPG46cKfylUcqbu8DayaCwMg+4/mX+37YoOfib8rF5gm5JFiEWiqLKvOzo= X-Received: by 2002:a05:6402:3512:b0:45d:4f99:6151 with SMTP id b18-20020a056402351200b0045d4f996151mr5174225edd.74.1665906804763; Sun, 16 Oct 2022 00:53:24 -0700 (PDT) MIME-Version: 1.0 References: <87a65xbp6z.fsf@gmail.com> In-Reply-To: <87a65xbp6z.fsf@gmail.com> From: "dabbede@gmail.com" Date: Sun, 16 Oct 2022 09:53:15 +0200 Message-ID: Subject: Re: Connection refused to Guix-hosted SSH To: Oleg Pykhalov Cc: Felix Lechner , help-guix@gnu.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2a00:1450:4864:20::52f; envelope-from=dabbede@gmail.com; helo=mail-ed1-x52f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1665906848; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=z4Hv3jVPshZN56EZmnuDtz/S17PeSjQI6tH3uTMM2ZA=; b=cnaQLflX+QYdjVNMxCaIA/BJJLP3Sxc8dgp5fpisQJB4h2zesTycFMIGY9Av7KFMTtzJ93 LEHc52NcyPLBbHXwy5XccKYH4FfVMJVEZIS3zra8yQpkksoeR5R+3/dDaY2diqpeMdqOg1 qc305FOkNUGKy8KN3nST5U36stEB4YYVJO9NB+jJV5JJ8mH8+/8wZhxhwH6OLWX2WEkA3d xQ1dRnOkmz52ZAhYFKzxAD2W0sRG26FMdQKMKcfkXTocdyCxHEEjYe0jRl98BnjZfKUF5s SrWhgZHu2whDXWwsg9xw429lV1lMCKjampLqESMEWQP0LeoUfxjoPcU78gSJBQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1665906848; a=rsa-sha256; cv=none; b=FMXMoVSvWVJ6X0VLIXnX4DhCSTn/2Im9CB56rdJ2cDzGdJ9SR/HLcjaQ+BviLmFEAxgb1h qfP/so9XyaZKDNz7SJFQqKx0Nmz2IY0vC9LjgJu8xG18PEc7DOKo7zvHV3+8Lvf7eaH1SX mZtSTqFYIr6PLAfK2BgBTXIPVpitHCa5zS0Jpz2ZAh3zFXzTQ3M/5SwVJaiZ3ELuaxDZVk 0EXXPwBpNJ1uSOV1FJwMGZZg0UvujQzU19sZIpVFSflWJzQkJ3ckkPk6TPjISmNnYMA+C+ 9rWscYLZZpYvIu06/gV2DGwmDitwd73wg38p31qcLtddAgGDa0OklbH8TL9mmA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=CUw4pcD5; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -1.40 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=CUw4pcD5; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 3E15B371F X-Spam-Score: -1.40 X-Migadu-Scanner: scn1.migadu.com X-TUID: VBx3eHyB/lYJ Hi all, in the end I gave up... since my guix was not pulling anymore, I suspected something more "serious" was happening than just a broken ssh. Then I've re-installed the whole system (it was a test system anyway, not a big deal) and this time ssh works out of the box. During installation, I've spotted one possible cause that could have broken sshd in my first sistem: I did not select "Mozilla NSS certificates" (which translates to package (specification->package "nss-certs")) ). I don't know if it is related, but the description says "To connect through https"... probably not... The other difference is that my first system was based on i686 (32bit), while the latter is x86_64 (64bit). Whatever the reason, thank you all for the help. I hope one day I'll be skilled enough to help others as well. Regards On Sat, Oct 15, 2022 at 8:01 AM Oleg Pykhalov wrote: > > "dabbede@gmail.com" writes: > > [=E2=80=A6] > > > Sure. I receive a bunch of messages of this form: > > > > Oct 14 10:04:23 localhost vmunix: [ 5869.880044] audit: type=3D1326 > > audit(1665734663.369:6): auid=3D4294967295 uid=3D989 gid=3D983 > > ses=3D4294967295 subj=3Dunconfined pid=3D599 comm=3D"sshd" > > exe=3D"/gnu/store/jgw64z5w2q6b4nph7a74jc97ihfxkfsf-openssh-8.9p1/sbin/s= shd" > > sig=3D31 arch=3D40000003 syscall=3D414 compat=3D0 ip=3D0xb7f94549 code= =3D0x0 > > Oct 14 10:04:23 localhost shepherd[1]: 0 connections still in use > > after sshd-5 termination. > > Oct 14 10:04:23 localhost shepherd[1]: Service sshd-5 (PID 598) exited = with 255. > > Oct 14 10:04:23 localhost shepherd[1]: Service sshd-5 has been disabled= . > > Oct 14 10:04:23 localhost shepherd[1]: Transient service sshd-5 > > terminated, now unregistered. > > Oct 14 10:05:43 localhost shepherd[1]: Service sshd-6 has been started. > > Oct 14 10:05:43 localhost vmunix: [ 5950.061859] audit: type=3D1326 > > audit(1665734743.553:7): auid=3D4294967295 uid=3D989 gid=3D983 > > ses=3D4294967295 subj=3Dunconfined pid=3D601 comm=3D"sshd" > > exe=3D"/gnu/store/jgw64z5w2q6b4nph7a74jc97ihfxkfsf-openssh-8.9p1/sbin/s= shd" > > sig=3D31 arch=3D40000003 syscall=3D414 compat=3D0 ip=3D0xb7fba549 code= =3D0x0 > > Oct 14 10:05:43 localhost shepherd[1]: 0 connections still in use > > after sshd-6 termination. > > Oct 14 10:05:43 localhost shepherd[1]: Service sshd-6 (PID 600) exited = with 255. > > Oct 14 10:05:43 localhost shepherd[1]: Service sshd-6 has been disabled= . > > Oct 14 10:05:43 localhost shepherd[1]: Transient service sshd-6 > > terminated, now unregistered. > > > > I see "Service sshd-6 (PID 600) exited with 255." but I don't know > > what it means nor why. > > In order to gain more insight I've tried to connect with verbose > > output "ssh -v test@localhost" and this is the output > > 255 usually means something wrong with a program execution (e.g. missing > binary). In the current case it should a Shell program by SSH default. > > Could you try to specify a non-interactive program manually? E.g.: > > ssh -vvv 127.0.0.1 -- /run/current-system/profile/bin/id > > It should output SSH client log and =E2=80=98id=E2=80=99 program output. > > > Oleg. >