Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 10 Feb 2021 12:38:52 +0300
From:      Yuri Pankov <yuripv@yuripv.dev>
To:        PstreeM China <pstreem@gmail.com>
Cc:        "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>
Subject:   Re: Permission denied via ssh over ipv6
Message-ID:  <0fc3cba3-f5f8-c610-0065-296c73227c1f@yuripv.dev>
In-Reply-To: <CAPDFJPj5Hfbnym0Ry5w-d2COw2RaUBift5nem0wkvdAC+4qXnQ@mail.gmail.com>
References:  <CAPDFJPjF19_9kRG0ff5r0cmD=-GpnYjdZNaCTyJEj-Bogw0qEw@mail.gmail.com> <YCNsdWk019SBpLdg@geeks.org> <CAPDFJPjL8EdVfeH43=35cLxRGyE388JYY9qD5JB=gsdwhTh6ag@mail.gmail.com> <65d54e7c-9d2c-ec74-1c1c-b0d87bfed6c1@yuripv.dev> <CAPDFJPj5Hfbnym0Ry5w-d2COw2RaUBift5nem0wkvdAC+4qXnQ@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
PstreeM China wrote:
> my fault.
> the system i mentioned in the original question "FreeBSD 12.2" is the ssh
> server.
> for this case, the system which i used as the client is also FreeBSD 12.2.
> 
> test from other host(from different network ) as the client to ssh to the "
> 2607:f130::6287", it's the same issue.
> test from the localhost (the host config the ipv6 address as 2607:f130::628
> ), use the command: %ssh  myuser@2607:f130::628,  it's work well.
> 
> I don't know what is the problem, how to fix.

That would mean, and the log you provided confirms, that you are
connecting to wrong system, "remote software version OpenSSH_7.4" is NOT
FreeBSD 12.2 sshd reply.  For further investigation, you could provide
network configuration, i.e. `ifconfig`, `netstat -rn` output and
relevant rc.conf entries from both client and server.

> On Wed, Feb 10, 2021 at 4:47 PM Yuri Pankov <yuripv@yuripv.dev> wrote:
> 
>> PstreeM China wrote:
>>> hi:
>>>
>>> thanks for your quickly reply.
>>> ssh -vvv log as below, we can see the connection has already established,
>>> but after input the password, it's not work..
>>> i'am sure the password is right, try modify the passwd has the same
>> issue.
>>>
>>> about the DNS PTRs, how should i do ? the source is my home pc, not have
>>> DNS domain.
>>>
>>> --------------------------------
>>> rpi% ssh myuser@2607:f130::6287 -vvv
>>> OpenSSH_7.9p1, OpenSSL 1.1.1h-freebsd  22 Sep 2020
>> [...]
>>> debug1: Local version string SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
>>> debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
>> [...]
>>> Permission denied, please try again.
>>> myuser@2607:f130::6287's password:
>>
>>  From your original question it's not clear whether FreeBSD 12.2 system
>> is the client or server, and given the above I'm guessing it's the
>> former as remote version doesn't say "FreeBSD" and is otherwise
>> outdated; correct?
>>
>> Also, are you able to connect to 2607:f130::6287 from any other host to
>> make sure it's correct address to use and is accepting v6 connections?
>>
>>> On Wed, Feb 10, 2021 at 1:18 PM Doug McIntyre <merlyn@geeks.org> wrote:
>>>
>>>> On Wed, Feb 10, 2021 at 11:47:08AM +0800, PstreeM China wrote:
>>>>> Very thanks, this problem has searched from google, but not find the
>>>>> solution to fix this issue.
>>>>>
>>>>> new install FreeBSD in virtual machine.
>>>>> Freebsd version is 12.2
>>>>> Duel stack support ipv4 and ipv6; enable sshd as default.
>>>>> I can ping the ipv4 and ipv6 address.
>>>>>
>>>>> The problem is:
>>>>> SSH over ipv4 is work well.
>>>>> But ssh over ipv6, Can be connected, but after input the password, it
>> is
>>>>> failed , give the notify : permission denied.
>>>>> can not log into the server.
>>>>> I am sure the password is right.
>>>>
>>>>
>>>> Have you run 'ssh -vvv' to see all the very verbose debug information?
>>>>
>>>> Do you have proper DNS PTRs setup for your IPv6 block? It could be
>>>> blocked by mismatch reverse DNS.




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?0fc3cba3-f5f8-c610-0065-296c73227c1f>