How to talk to a Peppermint - or not. [SOLVED]

Keith · 1 August 2014 20:41

This topic is not about a serious problem - I am just playing for the sake of learning about networks.

I am running two computers:

Dell D505 laptop with Peppermint 3. Hostname D505 IP address: 192.168.1.49
Ancient mongrel desktop with Peppermint 5. Hostname dt0 IP address: 192.168.1.47

In the past I have found it very useful to use secure shell commands to copy files between PCs or just to interrogate them, but I have a minor problem: D505 cannot access dt0 using its host name.
Initially the PCs were set to DHCP and I’ve just tried static IP addresses with the same result. Here is some output that might shed some light:
[i]keith@D505 ~ $ ping -c 1 192.168.1.47
PING 192.168.1.47 (192.168.1.47) 56(84) bytes of data.
64 bytes from 192.168.1.47: icmp_req=1 ttl=64 time=1.34 ms

— 192.168.1.47 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.342/1.342/1.342/0.000 ms
…
keith@D505 ~ $ ping -c 1 dt0
PING dt0 (192.168.1.47) 56(84) bytes of data.
64 bytes from dt0.domain_not_set.invalid (192.168.1.47): icmp_req=1 ttl=64 time=1.52 ms

— dt0 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.529/1.529/1.529/0.000 ms
[/i]

So D505 is finding dt0 OK, but dt0 is not allowing access when its host name is used: “dt0.domain_not_set.invalid (192.168.1.47)”. Since I don’t have a domain name I tried entering dto’s loopback address 127.0.1.1 in P5’s network dialogue (for the same reason it appears in the /etc/hosts file) but to no avail.

I am finding the network tables in P5 a bit harder to navigate than in P3 and would be grateful for advice.

Mark_Greaves_PCNetSp · 1 August 2014 21:05

Have you actually set up any shares ?

install system-config-samba:

sudo apt-get install system-config-samba

then go to:

Menu > System Tools > Samba

Click the Add button, and set up a shared folder.

Basic tab:-

Directory: /home//Public
Share name: Public
Description:

and tick both
Writeable
and
Visible

Access tab:-

tick
Allow access to everyone.

Click “OK”

Now see if you can access that across the network by opening your File Manager, then going to

Go > Network > Windows network >>

Keith · 1 August 2014 21:13

Thanks Mark.
But the niggle is not about sharing files (I don’t need it often, if at all) but about understanding networks and using shell commands.
I shall try your Samba suggestion tomorrow, when I am awake, just out of interest.

Keith

Mark_Greaves_PCNetSp · 1 August 2014 22:22

So what exactly ARE you trying to do … ssh in ?

Have you got avahi-daemon installed

sudo apt-get install avahi-daemon

and what happens if you run:

ssh 192.168.1.47

or

ssh dt0

Keith · 2 August 2014 07:11

What I am trying to do is just learn a bit of Linux and ssh appealed to me. And it has been useful on occasions as a quick method of checking the presence of a file on another computer or transferring one. It really isn’t important - just fun - I’m not looking for efficiency here. So in the past (different computers) I have used both the plain ssh command to log on and do things on the other PC, and also have used one-off commands such “ssh keith@OtherPC ls”.

So to answer your queries:
I do have the latest avahi-daemon installed, and

keith@D505 ~ $ ssh dt0
ssh: connect to host dt0 port 22: Connection refused
keith@D505 ~ $ ssh 192.168.1.47
ssh: connect to host 192.168.1.47 port 22: Connection refused

[EDIT] Samba works fine, thank you.

SeZo · 2 August 2014 11:01

keith@D505 ~ $ ssh 192.168.1.47 ssh: connect to host 192.168.1.47 port 22: Connection refused

What happens if you use ssh like this (replace with a real user name on the target machine) :

ssh <valid-duser>@192.168.1.47

Keith · 2 August 2014 11:06

Sorry, I ought to have mentioned that that was my first method:

keith@D505 ~ $ ssh keith@192.168.1.47
ssh: connect to host 192.168.1.47 port 22: Connection refused
keith@D505 ~ $ ssh keith@dt0
ssh: connect to host dt0 port 22: Connection refused

so it appears that dt0 is hearing the request from D505 but is being somewhat recalcitrant. Just playing hard to get. Story of my life.

SeZo · 2 August 2014 11:29

The connection is made except it is rejected by the target ssh server:
Look in /etc/ssh/sshd_config (on target) and see if keith is an allowed user:
Look for a line with AllowUsers
Then change / add (assuming keith is a valid user on target machine)

AllowUsers keith

then restart ssh server

/etc/init.d/ssh restart

Then try to connect from remote machine.

You could also try (from remote machine):

nmap 192.168.1.47 -sT

to see if port 22 is open

Keith · 2 August 2014 11:31

Ah! Perhaps this is the problem. “keith” is the user on both machines. I’ll try it now…

Mark_Greaves_PCNetSp · 2 August 2014 11:34

you will get this message:

ssh: connect to host 192.168.1.47 port 22: Connection refused

if the openssh-server either isn’t installed or isn’t running

Make sure it’s installed:

sudo apt-get install ssh

(“ssh” is a metapackage that will pull in both the client and server)

SeZo · 2 August 2014 11:35

Good point Mark, i thought that was estabilished earlier on :-[

Keith · 2 August 2014 12:01

I could have sworn that ssh was installed on D505 but did so anyway. But the result is the same: “Connection refused”.

@Sezo: “AllowedUsers” does not appear in the config file. Although I have write permission the file is obstinately read-only and won’t let me edit it.

Mark_Greaves_PCNetSp · 2 August 2014 12:36

On the dt0 run:

sudo service ssh stop

then post the output from:

sudo /usr/sbin/sshd -D -d

Also, what happens if you run:

ssh keith@127.0.0.1

Keith · 2 August 2014 12:55

keith@dt0 /etc/ssh $ sudo service ssh stop
[sudo] password for keith:
ssh: unrecognized service
keith@dt0 /etc/ssh $ sudo /usr/sbin/sshd -D -d
sudo: /usr/sbin/sshd: command not found
keith@dt0 /etc/ssh $ ssh keith@127.0.0.1
ssh: connect to host 127.0.0.1 port 22: Connection refused

However - I have a confession to make. Thinking that I had misunderstood which machine to install ssh on, I did it just now on dt0 even though I can ssh from it OK. Now when I try to ssh from D505 I get a serious warning that someone has hacked dt0. I shall save the text and print it in the next post (because it’s on the other PC). Sorry to make your life difficult.

Keith · 2 August 2014 13:02

…and here it is:

keith@D505 ~ $ ssh dt0
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The ECDSA host key for dt0 has changed,
and the key for the corresponding IP address 192.168.1.47
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
f0:52:40:10:75:c2:39:59:8d:16:44:dd:6a:a2:50:e3.
Please contact your system administrator.
Add correct host key in /home/keith/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/keith/.ssh/known_hosts:4
remove with: ssh-keygen -f “/home/keith/.ssh/known_hosts” -R dt0
ECDSA host key for dt0 has changed and you have requested strict checking.
Host key verification failed.

Keith · 2 August 2014 13:14

Problem fixed!!

From D505 I entered:
keith@D505 ~/.ssh $ ssh-keygen -f “/home/keith/.ssh/known_hosts” -R dt0
/home/keith/.ssh/known_hosts updated.

then ssh dt0 and it logged on to dt0 succesfully. I am not entirely sure what I’ve done (reset the key list?) but everything is working fine in both directions.

Samba has its uses ( a friend is already interested, and I am an expert, aren’t I?) and will extend the range of facilities available to me.
My thanks for everyone’s help.

Mark_Greaves_PCNetSp · 3 August 2014 00:07

you removed (-R) all keys belonging to hostname “dt0” from key file (-f) “/home/keith/.ssh/known_hosts”

See:

man ssh-keygen

(then read what the -f and -R options do for that command … BTW, you can exit a manpage with the “Q” key)

It’s really handy to check a commands “man” page and try to work out what a command is doing … I found that an invaluable learning method, it also teaches you how manpages are formatted … you’ll soon find yourself using them extensively

Anyway happy to hear you solved it

Keith · 3 August 2014 07:14

Hi Mark. Thank you for the explanation of the command.

As for the man pages: I use them a lot but have to say that, generally, I find them of little use to me as they seem written more as an aide memoire for people who already know what they are doing (although to be fair the page on this command is unusually helpful!). The very few man pages that carry examples of use are like hens teeth. I found somewhere a reference to a book on terminal commands which I think would be a better bet for me, if I can find it again.

“Examples of use” reminds me that I taught myself Fortran 4 (yes, 4) from the IBM manual which explained every command with four examples of good use and four examples of common errors of use. The best computing manual I have ever read.

Anyway, I am enjoying my foray into Linux principally due to the help and advice I receive from you and others like Graeme - for which I am most grateful, as usual.
'Bye for now.
Keith