libiconv-1.11_1

Lowell Gilbert freebsd-questions-local at be-well.ilk.org
Thu Apr 1 15:36:05 UTC 2010 

Jay Hall <jhall at socket.net> writes:

> On Mar 31, 2010, at 3:17 PM, Mikle wrote:
>
>> Hello,
>> In my ports tree there is only one version of libiconv, and
>> compiling samba doesn't ask about any other versions
>> (/usr/ports/converters/libiconv, version 1.13). Maybe you should
>> update your ports?
>> Also, i do not see why should libiconv affect ssh[d]. What does your
>> macos's ssh tell you when you're trying to connect to fbsd-machine?
>>
> Here is what is logged on the Mac when trying to connect.
>
> jhall at jefmhallja-~/.ssh$ ssh -vv hallja at 10.129.10.2
> OpenSSH_5.2p1, OpenSSL 0.9.7l 28 Sep 2006
> debug1: Reading configuration data /etc/ssh_config
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to 10.129.10.2 [10.129.10.2] port 22.
> debug1: Connection established.
> debug1: identity file /Users/jhall/.ssh/identity type -1
> debug1: identity file /Users/jhall/.ssh/id_rsa type -1
> debug1: identity file /Users/jhall/.ssh/id_dsa type -1
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_5.2p1 FreeBSD-20090522
> debug1: match: OpenSSH_5.2p1 FreeBSD-20090522 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.2
> debug2: fd 3 setting O_NONBLOCK
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-
> hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-
> group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-
> ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-
> cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-
> ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-
> cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-
> ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-
> ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-
> hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-
> group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-
> ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-
> cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-
> ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-
> cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-
> ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-
> ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib at openssh.com
> debug2: kex_parse_kexinit: none,zlib at openssh.com
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_setup: found hmac-md5
> debug1: kex: server->client aes128-ctr hmac-md5 none
> debug2: mac_setup: found hmac-md5
> debug1: kex: client->server aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug2: dh_gen_key: priv key bits set: 141/256
> debug2: bits set: 513/1024
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host '10.129.10.2' is known and matches the RSA host key.
> debug1: Found key in /Users/jhall/.ssh/known_hosts:1
> debug2: bits set: 514/1024
> debug1: ssh_rsa_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /Users/jhall/.ssh/identity (0x0)
> debug2: key: /Users/jhall/.ssh/id_rsa (0x0)
> debug2: key: /Users/jhall/.ssh/id_dsa (0x0)
> Connection closed by 10.129.10.2

Try kicking up the verbosity of your sshd and seeing what it tells you.
Looks like the server is where the connection gets closed.

As has already been suggested, you should update your ports to use the
libiconv that new ports are already trying to use on your system, and
get rid of the old one.  I find it really unlikely that iconv could
affect the system sshd, though (you are using sshd from the base,
right?), so there may be something else going on.

-- 
Lowell Gilbert, embedded/networking software engineer, Boston area
		http://be-well.ilk.org/~lowell/

More information about the freebsd-questions mailing list