OpenSSH port: Authentication fails

Rommel_Dongre · May 23, 2002, 11:34pm

Hi:
I am trying to port the OpenSSH suite (ver 3.1) on QnX 6.1
I’ve got to a point where I can get it to compile properly.
I can start up sshd with all the host keys.

However, when a client ssh’s to me, authentication always fails. I’m
guessing that it’s due to improperly set up auth options, but I dont
know which.

Chris (at QnX, who’s done a OpenSSH 2.9 port onto QnX 6.1) had suggested

undefining the SHADOW_PASSWORD_EXPIRES option in the config file, but
that didnt do it.

Help would be greatly appreciated.

Thanks,
Rommel

system · May 27, 2002, 3:04am

openssh 3.2.3p1 binary for qnx6.1 can be found at openqnx site.
http://www.sourceforge.net/projects/openqnx

btw, Armin posted the openssh ported source at openqnx site
back in January, if you are interested in source. In which case,
you probably want to join the openqnx developers mailing list:

http://lists.sourceforge.net/lists/listinfo/openqnx-developer

frank

Rommel Dongre <rdongre@pillardata.com> wrote:

Hi:
I am trying to port the OpenSSH suite (ver 3.1) on QnX 6.1
I’ve got to a point where I can get it to compile properly.
I can start up sshd with all the host keys.

However, when a client ssh’s to me, authentication always fails. I’m
guessing that it’s due to improperly set up auth options, but I dont
know which.

Chris (at QnX, who’s done a OpenSSH 2.9 port onto QnX 6.1) had suggested

undefining the SHADOW_PASSWORD_EXPIRES option in the config file, but
that didnt do it.

Help would be greatly appreciated.

Thanks,
Rommel

Jerry_s_Home_Linux_A · October 4, 2002, 2:34am

fliu@bb.vipstage.com wrote:

openssh 3.2.3p1 binary for qnx6.1 can be found at openqnx site.
http://www.sourceforge.net/projects/openqnx

btw, Armin posted the openssh ported source at openqnx site
back in January, if you are interested in source. In which case,
you probably want to join the openqnx developers mailing list:

http://lists.sourceforge.net/lists/listinfo/openqnx-developer

Okay, I’ve just signed up for the list. I’ve gotten openssh 3.4p1
compiled on QNX RtP 6.2, but I’m failing during installation -
the ssh-keygen fails. Running ‘make install’, I get:

…/ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N “”
PRNG initialisation failed – exiting.
ssh-rand-helper child produced insufficient data

Trying to track it down, seems to show a failure trying to
open /usr/local/etc/ssh_prng_cmds…

Yes, I’m aware of the 3.2.3 port that is available, but I’d
really like an sshd also (or did I miss that in the 3.2.3 install?)

jerry

frank

Rommel Dongre <> rdongre@pillardata.com> > wrote:

Hi:
I am trying to port the OpenSSH suite (ver 3.1) on QnX 6.1
I’ve got to a point where I can get it to compile properly.
I can start up sshd with all the host keys.

However, when a client ssh’s to me, authentication always fails. I’m
guessing that it’s due to improperly set up auth options, but I dont
know which.

Chris (at QnX, who’s done a OpenSSH 2.9 port onto QnX 6.1) had suggested

undefining the SHADOW_PASSWORD_EXPIRES option in the config file, but
that didnt do it.

Help would be greatly appreciated.

Thanks,
Rommel

–
Jerry Heyman | “Software is the difference between hardware
Amiga forever | and reality”
heymanj@acm.org | http://vcard.acm.org/~heymanj

Frank_Liu1 · October 4, 2002, 2:39am

Jerry’s Home Linux Acct <heymanj@acm.org> wrote:

Yes, I’m aware of the 3.2.3 port that is available, but I’d
really like an sshd also (or did I miss that in the 3.2.3 install?)

yes, you did.
as far as I know, all the openssh out there include sshd.

Chris_McKillop1 · October 4, 2002, 4:48am

Frank Liu <liug@mama.indstate.edu> wrote:

Jerry’s Home Linux Acct <> heymanj@acm.org> > wrote:
Yes, I’m aware of the 3.2.3 port that is available, but I’d
really like an sshd also (or did I miss that in the 3.2.3 install?)

yes, you did.
as far as I know, all the openssh out there include sshd.

Yep, including the package on the 3rd party disc. We even provide a nice
little script for setting up the host keys. Go into /opt/etc and run
ssh-genkeys.sh.

The error with the rand-helper means that the openssl you have does not include
support for the OS’s built in RNG (/dev/random). The one on the 3rd party
disc does, and I am pretty sure that openqnx’s tarball does as well. If you
built openssl yourself you need to enable the use of the RNG.

chris

–
Chris McKillop <cdm@qnx.com> “The faster I go, the behinder I get.”
Software Engineer, QSSL – Lewis Carroll –
http://qnx.wox.org/

Frank_Liu1 · October 4, 2002, 6:03am

Chris McKillop <cdm@qnx.com> wrote:

Yep, including the package on the 3rd party disc. We even provide a nice

in the first post of this thread, it is mentioned about qnx 6.1, I am
not sure it is still the case for the followup post. if so, since 3rd
party disc was created for qnx 6.2, it may or may not work for qnx 6.1.

frank

Chris_McKillop1 · October 4, 2002, 6:58pm

Frank Liu <liug@mama.indstate.edu> wrote:

Chris McKillop <> cdm@qnx.com> > wrote:
Yep, including the package on the 3rd party disc. We even provide a nice

in the first post of this thread, it is mentioned about qnx 6.1, I am
not sure it is still the case for the followup post. if so, since 3rd
party disc was created for qnx 6.2, it may or may not work for qnx 6.1.

My bad then.

chris

–
Chris McKillop <cdm@qnx.com> “The faster I go, the behinder I get.”
Software Engineer, QSSL – Lewis Carroll –
http://qnx.wox.org/

Jerry_s_Home_Linux_A · October 7, 2002, 12:49am

Chris McKillop wrote:

Frank Liu <> liug@mama.indstate.edu> > wrote:
Chris McKillop <> cdm@qnx.com> > wrote:
Yep, including the package on the 3rd party disc. We even provide a nice

in the first post of this thread, it is mentioned about qnx 6.1, I am
not sure it is still the case for the followup post. if so, since 3rd
party disc was created for qnx 6.2, it may or may not work for qnx 6.1.

My bad then.

Okay - got zlib 1.1.4
openssl 0.9.6g (using qnx6)
openssh 3.4p1 (no optimization)

ssh works just great, but when I try to log into the running sshd,
it fails. Doesn’t matter if its from the same system - or from another.

With my linux system, I use --with-pam option for password
authentication,
did I miss sonmething specific for QNX? I’m using the password I set
via
the passwd command.

jerry

chris

–
Chris McKillop <> cdm@qnx.com> > “The faster I go, the behinder I get.”
Software Engineer, QSSL – Lewis Carroll –
http://qnx.wox.org/

–
Jerry Heyman | “Software is the difference between hardware
Amiga forever | and reality”
heymanj@acm.org | http://vcard.acm.org/~heymanj