From owner-freebsd-questions@freebsd.org Wed Feb 10 09:38:57 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F034E540CF7 for ; Wed, 10 Feb 2021 09:38:57 +0000 (UTC) (envelope-from yuripv@yuripv.dev) Received: from wnew1-smtp.messagingengine.com (wnew1-smtp.messagingengine.com [64.147.123.26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4DbF806x9Vz3hwW for ; Wed, 10 Feb 2021 09:38:56 +0000 (UTC) (envelope-from yuripv@yuripv.dev) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailnew.west.internal (Postfix) with ESMTP id 818EBC89; Wed, 10 Feb 2021 04:38:55 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Wed, 10 Feb 2021 04:38:55 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yuripv.dev; h= subject:to:cc:references:from:message-id:date:mime-version :in-reply-to:content-type:content-transfer-encoding; s=fm1; bh=c /t5lUHE63IfCxfw7ywyHb33r39f4pDFOpkoNflDho0=; b=UUHM3Beo9tb+OYqGH KHVo/6pJNLZazOQLQ8wG+kU8zlj5M1ftQA+DMVql3HuLjL2ATErBAYRQ1oBE0Z14 GxqY5V5fXXqoG7eVRYbcydBnGltaVdk9uemj/jkyJQtnUyNS9b6UkkDWPQ9eMOP0 qJHZ0uyICPpYEElHnwU4NPwxYX48wwKmQsXD5bW2yuJh83EmW6RZlJtp+aB2kClc jc+RbwpQtBI8KTXSudgmkm0VFfkIfJzQS2/8thI5P/9xE0BWaMFDHiHxJq90wIif 3upvpT1mmKJaNk5ak6viFoeVZm+mz1TIUYV2pt5KRpj10gt6yIvhqSDO67biXAYz o2/vw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=c/t5lUHE63IfCxfw7ywyHb33r39f4pDFOpkoNflDh o0=; b=CYf1jGvfoUTQA1aKZlAGcLnI0YidOz75k3UbzQifr6R78MEazB6fyEm3U LJFhc+hPjrAjwGgLvNUv/DxDdRXgTnCIowt5PgUn0E9gSxY4RA3K+cXN3ehovE5Q eosJ7JicRasbUDZglsMxaImVNwgp/wSsgIqfBEpYYApuStTdJrJvUzlYh/Hl03gy L+Q+j0T5BX4XUerYc0JDq52OasMO5OmTUE9kbaSVym30RlZXbLp/mx3rXAf/sMNf cH1+R8l95Lt3lshNIy6atUzjEUysxP78hVctFftRBkr4y3S/IrFeGxFyVppg9RlD NDNwL9Trsa4T3KdhQR5gU2pzsTQvg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrheejgddthecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefuvfhfhffkffgfgggjtgfgsehtjeertddtfeejnecuhfhrohhmpegjuhhrihcu rfgrnhhkohhvuceohihurhhiphhvseihuhhrihhpvhdruggvvheqnecuggftrfgrthhtvg hrnhepffehvdekgeeijeevledvfffgveeuvefggfejhfelueeuveetvddvvdfgieetffet necukfhppeeluddrvdegtddruddvgedrudefjeenucevlhhushhtvghrufhiiigvpedtne curfgrrhgrmhepmhgrihhlfhhrohhmpeihuhhrihhpvheshihurhhiphhvrdguvghv X-ME-Proxy: Received: from [192.168.1.6] (unknown [91.240.124.137]) by mail.messagingengine.com (Postfix) with ESMTPA id E154824005D; Wed, 10 Feb 2021 04:38:53 -0500 (EST) Subject: Re: Permission denied via ssh over ipv6 To: PstreeM China Cc: "freebsd-questions@freebsd.org" References: <65d54e7c-9d2c-ec74-1c1c-b0d87bfed6c1@yuripv.dev> From: Yuri Pankov Message-ID: <0fc3cba3-f5f8-c610-0065-296c73227c1f@yuripv.dev> Date: Wed, 10 Feb 2021 12:38:52 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4DbF806x9Vz3hwW X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yuripv.dev header.s=fm1 header.b=UUHM3Beo; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=CYf1jGvf; dmarc=none; spf=pass (mx1.freebsd.org: domain of yuripv@yuripv.dev designates 64.147.123.26 as permitted sender) smtp.mailfrom=yuripv@yuripv.dev X-Spamd-Result: default: False [-3.60 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:64.147.123.26:c]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[yuripv.dev:+,messagingengine.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[64.147.123.26:from]; ASN(0.00)[asn:11403, ipnet:64.147.123.0/24, country:US]; MIME_TRACE(0.00)[0:+]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[64.147.123.26:from]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[yuripv.dev:s=fm1,messagingengine.com:s=fm2]; FREEFALL_USER(0.00)[yuripv]; FROM_HAS_DN(0.00)[]; SH_EMAIL_DBL_DONT_QUERY_IPS(0.00)[0.0.10.47:email]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[yuripv.dev]; SPAMHAUS_ZRD(0.00)[64.147.123.26:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DBL_PROHIBIT(0.00)[0.0.10.47:email]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Feb 2021 09:38:58 -0000 PstreeM China wrote: > my fault. > the system i mentioned in the original question "FreeBSD 12.2" is the ssh > server. > for this case, the system which i used as the client is also FreeBSD 12.2. > > test from other host(from different network ) as the client to ssh to the " > 2607:f130::6287", it's the same issue. > test from the localhost (the host config the ipv6 address as 2607:f130::628 > ), use the command: %ssh myuser@2607:f130::628, it's work well. > > I don't know what is the problem, how to fix. That would mean, and the log you provided confirms, that you are connecting to wrong system, "remote software version OpenSSH_7.4" is NOT FreeBSD 12.2 sshd reply. For further investigation, you could provide network configuration, i.e. `ifconfig`, `netstat -rn` output and relevant rc.conf entries from both client and server. > On Wed, Feb 10, 2021 at 4:47 PM Yuri Pankov wrote: > >> PstreeM China wrote: >>> hi: >>> >>> thanks for your quickly reply. >>> ssh -vvv log as below, we can see the connection has already established, >>> but after input the password, it's not work.. >>> i'am sure the password is right, try modify the passwd has the same >> issue. >>> >>> about the DNS PTRs, how should i do ? the source is my home pc, not have >>> DNS domain. >>> >>> -------------------------------- >>> rpi% ssh myuser@2607:f130::6287 -vvv >>> OpenSSH_7.9p1, OpenSSL 1.1.1h-freebsd 22 Sep 2020 >> [...] >>> debug1: Local version string SSH-2.0-OpenSSH_7.9 FreeBSD-20200214 >>> debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4 >> [...] >>> Permission denied, please try again. >>> myuser@2607:f130::6287's password: >> >> From your original question it's not clear whether FreeBSD 12.2 system >> is the client or server, and given the above I'm guessing it's the >> former as remote version doesn't say "FreeBSD" and is otherwise >> outdated; correct? >> >> Also, are you able to connect to 2607:f130::6287 from any other host to >> make sure it's correct address to use and is accepting v6 connections? >> >>> On Wed, Feb 10, 2021 at 1:18 PM Doug McIntyre wrote: >>> >>>> On Wed, Feb 10, 2021 at 11:47:08AM +0800, PstreeM China wrote: >>>>> Very thanks, this problem has searched from google, but not find the >>>>> solution to fix this issue. >>>>> >>>>> new install FreeBSD in virtual machine. >>>>> Freebsd version is 12.2 >>>>> Duel stack support ipv4 and ipv6; enable sshd as default. >>>>> I can ping the ipv4 and ipv6 address. >>>>> >>>>> The problem is: >>>>> SSH over ipv4 is work well. >>>>> But ssh over ipv6, Can be connected, but after input the password, it >> is >>>>> failed , give the notify : permission denied. >>>>> can not log into the server. >>>>> I am sure the password is right. >>>> >>>> >>>> Have you run 'ssh -vvv' to see all the very verbose debug information? >>>> >>>> Do you have proper DNS PTRs setup for your IPv6 block? It could be >>>> blocked by mismatch reverse DNS.