Re: Connection refused to Guix-hosted SSH

["dabbede@gmail.com" <dabbede@gmail.com>]

On Thu, Oct 13, 2022 at 7:30 AM Oleg Pykhalov <go.wigust@gmail.com> wrote:
>
> Hi,

Hi oleg

[...]
>
> > From another machine I can correctly ping this system at the static
> > address, but I can't login with private credentials. Actually, I can't
> > connect even with password, because every time my client ends with
> > "Network error: Software caused connection abort".
>
> Is another machine in the same network 10.168.214.102/24?

Yes, with IP 10.168.214.155

> A default gateway should be specified if not.
>
> (static-networking
>  (routes
>    (list (network-route
>           (destination "default")
>           (gateway "???"))))
>  ...)

I've tried now your suggestion, but even with that it doesn't work

> > Within guix, if I run "ssh pcp@localhost" I receive a "Connection
> > reset by 127.0.0.1 port 22" (I don't know if it is supposed to work on
> > localhost).
>
> It is supposed.

This is a bad sign... no matter my network (client-server)
configuration, localhost should always be reachable (from within the
server)

> What does ‘sudo herd status’ show?

Started:
 + console-font-tty1
 + console-font-tty2
 + console-font-tty3
 + console-font-tty4
 + console-font-tty5
 + console-font-tty6
 + file-system-/dev/pts
 + file-system-/dev/shm
 + file-system-/gnu/store
 + file-system-/sys/firmware/efi/efivars
 + file-system-/sys/kernel/debug
 + file-systems
 + guix-daemon
 + loopback
 + mcron
 + networking
 + nscd
 + root
 + root-file-system
 + ssh-daemon
 + swap-713766
 + syslogd
 + term-tty1
 + term-tty2
 + term-tty3
 + term-tty4
 + term-tty5
 + term-tty6
 + udev
 + urandom-seed
 + user-file-systems
 + user-processes
 + virtual-terminal
Stopped:
 - term-console
One-shot:
 * host-name
 * sysctl
 * user-homes

If I invoke "sudo herd status ssh" I obtain this output:

Status of ssh-daemon:
  It is started.
  Running value is ("#<input-output: socket 18>" "#<input-output: socket 19>").
  It is enabled.
  Provides (ssh-daemon ssh sshd).
  Requires (syslogd loopback).
  Conflicts with ().
  Will be respawned.

It seems to me that everything is correctly running...

> > I've also tried to manaully add the pub keys in ".ssh/authorized_keys"
> > for both users, with no luck. What am I missing?!
>
> By default on Guix system that should work as well as specifing keys in
> the system configuration file.
>
> Make sure that .ssh directory has 0700 permissions, which is required by
> SSH daemon.
>
>
> Oleg.

In principle I had no .ssh folder, I've only added it later in a
desperate attempt to solve the issue. Now I set the permissions as
your suggestion but it does not solve the issue.
What else can I check? Where can I find the sshd config file that Guix
built "under the hood" using my config.scm?! Just to double check that
the everything is properly set...

Thanks