Jump to content
IGNORED

N: SSH demo


Recommended Posts

  • 2 weeks later...

@tschak909: is there a disk image available with the toolset you're using in the video?  The version of netcat at atari-apps.irata.online/Networking/netcat.xex isn't working for me (login fails), and FujiNet.online/networking/n-handler.atr doesn't include netcat but has (some of) the supporting tools.

 

It looks like you're using a different version of netcat to the one that I have, so would like to try it before tearing things further apart.

Edited by x=usr(1536)
Link to comment
Share on other sites

2 hours ago, x=usr(1536) said:

The version of netcat at atari-apps.irata.online/Networking/netcat.xex isn't working for me (login fails)

The login failure is probably due to the deprecated key exchange. I've added this to my sshd_config file on a raspberry pi to enable the deprecated key algos:

 

# For FujiNet
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1

This obviously isn't ideal, but it works for now. We are looking into another ssh lib and also the one we are using appears to be working on adding more algos.

  • Like 2
Link to comment
Share on other sites

13 hours ago, mozzwald said:

The login failure is probably due to the deprecated key exchange. I've added this to my sshd_config file on a raspberry pi to enable the deprecated key algos:

 


# For FujiNet
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1

This obviously isn't ideal, but it works for now. We are looking into another ssh lib and also the one we are using appears to be working on adding more algos.

Enabled the deprecated algos, but it looks as though the problem is that the version of netcat that I'm using (atari-apps.irata.online/Networking/netcat.xex) isn't resolving any hosts.  It's also not working by IP, so I'm not entirely sure what's going on.

 

With 'N1:SSH://tnfs/' as the devicespec (which has a valid A record, and the #FujiNet can access the server from a host slot using that name), I get the following along with OPEN ERROR 207.  Note that this also happens when using the FQDN as well as with various permutations of upper- and lower-case hostnames:

Spoiler

Using '/dev/cu.usbserial-14410' as serial port.
Showing logs:
[22:36:36]
[22:36:36]
[22:36:36]: 1f
[22:36:36]rf:x,
[22:36:36]rf:x,
[22:36:36]Csork:siopcex' 000qt1
[22:36:36]
[22:36:36] a5y
Serial port closed!
Serial port closed!
Serial port closed!
[22:36:36] a5y
Serial port closed!
[22:36:36] a5y
Serial port closed!
Serial port closed!
[22:36:36] a5y
[22:36:36]ACK!
[22:36:36]COMPLETE!
[22:36:36]
[22:36:36]CF: 71 fe 00 00 70
[22:36:36]sioNetwork::sio_process 0xfe '': 0x00, 0x00
[22:36:36]inq_dstats = 128
[22:36:36]ACK!
[22:36:36]<-SIO read 256 bytes
[22:36:36]ACK!
[22:36:36]COMPLETE!
[22:36:36]
[22:36:36]CF: 71 4f 0c 03 cf
[22:36:36]sioNetwork::sio_process 0x4f 'O': 0x0c, 0x03
[22:36:36]sioNetwork::sio_open()
[22:36:36]
[22:36:36]ACK!
[22:36:36]<-SIO read 256 bytes
[22:36:36]ACK!
[22:36:36]sioNetwork::parseURL(N1:SSH://TNFS/)
[22:36:36]sioNetwork::parseURL transformed to (N1:SSH://TNFS/, SSH://TNFS/)
[22:36:36]Parse and instantiate protocol: N1:SSH://TNFS/
[22:36:36]NetworkProtocol::ctor()
[22:36:36]NetworkProtocolSSH::NetworkProtocolSSH(0x3ffb09cc,0x3ffb09f4,0x3ffb0a1c)
[22:36:36]sioNetwork::open_protocol() - Protocol SSH opened.
[22:36:36]Resolving hostname "TNFS"
[22:36:36]Name failed to resolve
[22:36:46]socket error on fd 57, errno: 113, "Software caused connection abort"
[22:36:46]NetworkProtocolSSH::open() - Could not connect to host. Aborting.
[22:36:46]Protocol unable to make connection. Error: 207
[22:36:46]NetworkProtocolSSH::~NetworkProtocolSSH()
[22:36:46]NetworkProtocol::dtor()
[22:36:46]ERROR!
[22:36:46]
[22:36:46]CF: 71 4f 0c 03 cf
[22:36:46]sioNetwork::sio_process 0x4f 'O': 0x0c, 0x03
[22:36:46]sioNetwork::sio_open()
[22:36:46]
[22:36:46]ACK!
[22:36:46]<-SIO read 256 bytes
[22:36:46]ACK!
[22:36:46]sioNetwork::parseURL(N1:SSH://TNFS/)
[22:36:46]sioNetwork::parseURL transformed to (N1:SSH://TNFS/, SSH://TNFS/)
[22:36:46]Parse and instantiate protocol: N1:SSH://TNFS/
[22:36:46]NetworkProtocol::ctor()
[22:36:46]NetworkProtocolSSH::NetworkProtocolSSH(0x3ffb09cc,0x3ffb09f4,0x3ffb0a1c)
[22:36:46]sioNetwork::open_protocol() - Protocol SSH opened.
[22:36:46]Resolving hostname "TNFS"
[22:36:46]Name failed to resolve
[22:36:56]socket error on fd 57, errno: 113, "Software caused connection abort"
[22:36:56]NetworkProtocolSSH::open() - Could not connect to host. Aborting.
[22:36:56]Protocol unable to make connection. Error: 207
[22:36:56]NetworkProtocolSSH::~NetworkProtocolSSH()
[22:36:56]NetworkProtocol::dtor()
[22:36:56]ERROR!
[22:36:56]
[22:36:56]CF: 71 53 00 00 c4
[22:36:56]sioNetwork::sio_process 0x53 'S': 0x00, 0x00
[22:36:56]ACK!
[22:36:56]sioNetwork::sio_status_local(0)
[22:36:56]->SIO write 4 bytes
[22:36:56]COMPLETE!

 

For comparison, here it is trying to connect via IP address and giving OPEN ERROR 207 even though the #FujiNet appears to contact the remote host:

Spoiler

Using '/dev/cu.usbserial-14410' as serial port.
Showing logs:
[22:40:37]
[22:40:37]
[22:40:37]C
[22:40:37]i x  x00
[22:40:37]0 0sook::sess': 0i_tt 28K
[22:40:37]i x  x00
[22:40:37]f'0nqs
[22:40:37]26y
[22:40:37]26y
Serial port closed!
Serial port closed!
Serial port closed!
[22:40:37]26y
Serial port closed!
[22:40:37]26y
Serial port closed!
Serial port closed!
[22:40:37]ACK!
[22:40:37]COMPLETE!
[22:40:38]
[22:40:38]CF: 71 fe 00 00 70
[22:40:38]sioNetwork::sio_process 0xfe '': 0x00, 0x00
[22:40:38]inq_dstats = 128
[22:40:38]ACK!
[22:40:38]<-SIO read 256 bytes
[22:40:38]ACK!
[22:40:38]COMPLETE!
[22:40:38]
[22:40:38]CF: 71 4f 0c 03 cf
[22:40:38]sioNetwork::sio_process 0x4f 'O': 0x0c, 0x03
[22:40:38]sioNetwork::sio_open()
[22:40:38]
[22:40:38]ACK!
[22:40:38]<-SIO read 256 bytes
[22:40:38]ACK!
[22:40:38]sioNetwork::parseURL(N1:SSH://192.168.1.100/)
[22:40:38]sioNetwork::parseURL transformed to (N1:SSH://192.168.1.100/, SSH://192.168.1.100/)
[22:40:38]Parse and instantiate protocol: N1:SSH://192.168.1.100/
[22:40:38]NetworkProtocol::ctor()
[22:40:38]NetworkProtocolSSH::NetworkProtocolSSH(0x3ffb09cc,0x3ffb09f4,0x3ffb0a1c)
[22:40:38]sioNetwork::open_protocol() - Protocol SSH opened.
[22:40:38]Resolving hostname "192.168.1.100"
[22:40:38]Resolved to address 192.168.1.100
[22:40:38]socket error on fd 57, errno: 104, "Connection reset by peer"
[22:40:38]NetworkProtocolSSH::open() - Could not connect to host. Aborting.
[22:40:38]Protocol unable to make connection. Error: 207
[22:40:38]NetworkProtocolSSH::~NetworkProtocolSSH()
[22:40:38]NetworkProtocol::dtor()
[22:40:38]ERROR!
[22:40:38]
[22:40:38]CF: 71 4f 0c 03 cf
[22:40:38]sioNetwork::sio_process 0x4f 'O': 0x0c, 0x03
[22:40:38]sioNetwork::sio_open()
[22:40:38]
[22:40:38]ACK!
[22:40:38]<-SIO read 256 bytes
[22:40:38]ACK!
[22:40:38]sioNetwork::parseURL(N1:SSH://192.168.1.100/)
[22:40:38]sioNetwork::parseURL transformed to (N1:SSH://192.168.1.100/, SSH://192.168.1.100/)
[22:40:38]Parse and instantiate protocol: N1:SSH://192.168.1.100/
[22:40:38]NetworkProtocol::ctor()
[22:40:38]NetworkProtocolSSH::NetworkProtocolSSH(0x3ffb09cc,0x3ffb09f4,0x3ffb0a1c)
[22:40:38]sioNetwork::open_protocol() - Protocol SSH opened.
[22:40:38]Resolving hostname "192.168.1.100"
[22:40:38]Resolved to address 192.168.1.100
[22:40:38]socket error on fd 57, errno: 104, "Connection reset by peer"
[22:40:38]NetworkProtocolSSH::open() - Could not connect to host. Aborting.
[22:40:38]Protocol unable to make connection. Error: 207
[22:40:38]NetworkProtocolSSH::~NetworkProtocolSSH()
[22:40:38]NetworkProtocol::dtor()
[22:40:38]ERROR!
[22:40:38]
[22:40:38]CF: 71 53 00 00 c4
[22:40:38]sioNetwork::sio_process 0x53 'S': 0x00, 0x00
[22:40:38]ACK!
[22:40:38]sioNetwork::sio_status_local(0)
[22:40:38]->SIO write 4 bytes
[22:40:38]COMPLETE!

 

Just for giggles, I re-disabled the deprecated algos.  Same thing, but now with OPEN ERROR 165 in all cases.

 

Not sure what's going on - name resolution is otherwise working fine, and everything checks out re: usernames, passwords, etc.

Link to comment
Share on other sites

8 hours ago, x=usr(1536) said:

With 'N1:SSH://tnfs/' as the devicespec (which has a valid A record, and the #FujiNet can access the server from a host slot using that name), I get the following along with OPEN ERROR 207.

Not sure about the dns.

 

8 hours ago, x=usr(1536) said:

For comparison, here it is trying to connect via IP address and giving OPEN ERROR 207 even though the #FujiNet appears to contact the remote host

Try adding the ssh port "N1:SSH://192.168.1.100:22"

  • Like 1
Link to comment
Share on other sites

21 minutes ago, mozzwald said:

Not sure about the dns.

 

Try adding the ssh port "N1:SSH://192.168.1.100:22"

Well, I feel dumb - adding the port in fixed it :D

 

The caveat to this is that you *must* use the FQDN.  For some reason, despite DHCP handing out the domain name to clients in my environment, the #FujiNet doesn't seem to be handling that option.  So while N1:SSH://tnfs.example.org:22 will work, N1:SSH://tnfs:22 will not.

 

From what I can tell, the other DHCP options are being picked up correctly - the #FujiNet routes correctly, and from checking the web UI the time is in sync with the local NTP server, including timezone.  I'm wondering if the domain-name option just isn't being processed.

 

In any event, I now have an excuse to add an 80-column upgrade to the list :D

  • Like 1
Link to comment
Share on other sites

Did a quick check of the FQDN / domain-name option theory by editing the hostname of the local server in one of the host slots from 'tnfs.example.org' to just 'tnfs'.  The #FujiNet didn't resolve it.  Changed it back and all was well again.

Link to comment
Share on other sites

On 5/3/2021 at 6:32 AM, x=usr(1536) said:

Did a quick check of the FQDN / domain-name option theory by editing the hostname of the local server in one of the host slots from 'tnfs.example.org' to just 'tnfs'.  The #FujiNet didn't resolve it.  Changed it back and all was well again.

This has been my experience too.  I always have to type full domain names.  My DNS server doesn't resolve machine names by themselves, and I set 'append these dns suffixes' in Windows.

  • Like 1
Link to comment
Share on other sites

6 minutes ago, cathrynm said:

This has been my experience too.  I always have to type full domain names.  My DNS server doesn't resolve machine names by themselves, and I set 'append these dns suffixes' in Windows.

Yep, I've run across that in Windows before as well.  Thing is, the #FujiNet is the only device on the network that displays this behaviour, at least as far as I can tell.  Registration of hostnames in DNS for DHCP clients is working via dnsmasq, and everything else - including Windows clients - seem to pick up the domain-name option without issue.

 

Not gonna lose sleep over it since the workaround is no biggie, but I am curious as to what's happening.

Link to comment
Share on other sites

  • 1 month later...

A very loaded question... any thoughts on hosting SSHd *server* or simple listener on the FN that can then send events and data into the Atari?

 

 

On the Raspberry Pi I'm playing with "Remote GPIO".   I'd frame my question in that context... I'd like to run the A8 in my lab, then "push" some cod/data/events to the A8 from a Linux box. For example, load an AMS file, I/O over the joystick ports, etc. (These are just use cases... I know there's no shell and nothing to "expose" the OS over serial)

 

Alternatively maybe it's more straightforward for me achieve something similar to "remote control" the A8 by running code on it that polls my Linux box for updated code/data.

 

 

 

 

Edited by scottinNH
Link to comment
Share on other sites

23 minutes ago, scottinNH said:

A very loaded question... any thoughts on hosting SSHd *server* or simple listener on the FN that can then send events and data into the Atari?

 

 

On the Raspberry Pi I'm playing with "Remote GPIO".   I'd frame my question in that context... I'd like to run the A8 in my lab, then "push" some cod/data/events to the A8 from a Linux box. For example, load an AMS file, I/O over the joystick ports, etc. (These are just use cases... I know there's no shell and nothing to "expose" the OS over serial)

 

Alternatively maybe it's more straightforward for me achieve something similar to "remote control" the A8 by running code on it that polls my Linux box for updated code/data.

 

 

 

 

Go for it, the firmware's open, see if you can add an ssh server. :)

 

-Thom

Link to comment
Share on other sites

2 hours ago, tschak909 said:

Go for it, the firmware's open, see if you can add an ssh server. :)

 

-Thom

Does the FN support creating listening sockets from BASIC?
And is there support for BASIC to respond to SIO interrupt pin? Or an example in any language?

(I'm not hellbent on BASIC, I kinda hate it, but I don't want to bloat scope by learning C)

All I want to do is and bytes from a TCP client on Linux, and have the A8 display it. Or failing that I kludge something with FTP and make the FN poll a data file I update at intervals.

 

Link to comment
Share on other sites

3 minutes ago, scottinNH said:

Does the FN support creating listening sockets from BASIC?
And is there support for BASIC to respond to SIO interrupt pin? Or an example in any language?

(I'm not hellbent on BASIC, I kinda hate it, but I don't want to bloat scope by learning C)

All I want to do is and bytes from a TCP client on Linux, and have the A8 display it. Or failing that I kludge something with FTP and make the FN poll a data file I update at intervals.

 

Yes. The disks in the DOS directory on atari-apps.irata.online contain a N: handler.

 

OPEN #1,12,3,"N:TCP://:6502/":REM CREATE LISTENING SOCKET ON PORT 6502

STATUS #1,A:IF PEEK(747) THEN GOTO ACCEPT

XIO 65,#1,12,3,"N:":REM ACCEPT LISTENING SOCKET
PRINT #1;"HELLO"
CLOSE #1

 

  • Like 2
Link to comment
Share on other sites

12 minutes ago, tschak909 said:

Yes. The disks in the DOS directory on atari-apps.irata.online contain a N: handler.

 

OPEN #1,12,3,"N:TCP://:6502/":REM CREATE LISTENING SOCKET ON PORT 6502

STATUS #1,A:IF PEEK(747) THEN GOTO ACCEPT

XIO 65,#1,12,3,"N:":REM ACCEPT LISTENING SOCKET
PRINT #1;"HELLO"
CLOSE #1

 

PERFECT, TY! :-D 

Link to comment
Share on other sites

Unfortunately, for me ssh connection doesn't work :(

I deployed basic ubuntu linux server on my virtual box and run test:

 

16:03:05.951 > sioNetwork::parseURL(N1:SSH://192.168.1.212:22/)
16:03:05.951 > sioNetwork::parseURL transformed to (N1:SSH://192.168.1.212:22/, SSH://192.168.1.212:22/)
16:03:05.966 > Parse and instantiate protocol: N1:SSH://192.168.1.212:22/
16:03:05.966 > NetworkProtocol::ctor()
16:03:05.966 > NetworkProtocolSSH::NetworkProtocolSSH(0x3ffb0e28,0x3ffb0e50,0x3ffb0e78)
16:03:05.966 > sioNetwork::open_protocol() - Protocol SSH opened.
16:03:05.966 > Resolving hostname "192.168.1.212"
16:03:05.967 > Resolved to address 192.168.1.212
16:03:05.968 > NetworkProtocolSSH::open() - Opening session.
16:03:05.969 > NetworkProtocolSSH::open() - Attempting session handshake with fd 57
16:03:06.344 > SSH Host Key Fingerprint is: 7E:35:6C:F6:DB:68:72:C7:1A:FA:8B:12:1B:32:21:C6:DB:54:75:A7
16:03:06.358 > Authentication methods: publickey,password
16:03:09.497 > Could not perform userauth.
16:03:09.497 > Protocol unable to make connection. Error: 144
16:03:09.507 > NetworkProtocolSSH::~NetworkProtocolSSH()
16:03:09.507 > NetworkProtocol::dtor()
16:03:09.508 > ERROR


 

Link to comment
Share on other sites

Yes

 

$ sudo grep "^KexAlgorithms" /etc/ssh/sshd_config
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1

I use firmware build using PlatformIO

Edited by monsoft
Link to comment
Share on other sites

This is pretty damned awesome. I’ve been out of the loop with work and COVID, and I *finally* have a Fujinet setup inbound (NUC+) so I’ve been catching up on what it can do. Last time I looked, it connected to Plato…. Now it’s a full on tcp/ip interface, does printing and PDF conversion, adds freaking command line BBS access from Sparta, also acts like an SIO2SD or SDRIVE except that you can mount disks from online servers as well, copy network files and … yeah. You folks have been BUSY. 

Super impressed. This has turned into the coolest 8-bit gadget I’ve seen in years. Can’t wait to dive in and do my bit. 

  • Like 2
Link to comment
Share on other sites

On 7/2/2021 at 10:05 AM, monsoft said:

Unfortunately, for me ssh connection doesn't work :(

I deployed basic ubuntu linux server on my virtual box and run test:

 


16:03:05.951 > sioNetwork::parseURL(N1:SSH://192.168.1.212:22/)
16:03:05.951 > sioNetwork::parseURL transformed to (N1:SSH://192.168.1.212:22/, SSH://192.168.1.212:22/)
16:03:05.966 > Parse and instantiate protocol: N1:SSH://192.168.1.212:22/
16:03:05.966 > NetworkProtocol::ctor()
16:03:05.966 > NetworkProtocolSSH::NetworkProtocolSSH(0x3ffb0e28,0x3ffb0e50,0x3ffb0e78)
16:03:05.966 > sioNetwork::open_protocol() - Protocol SSH opened.
16:03:05.966 > Resolving hostname "192.168.1.212"
16:03:05.967 > Resolved to address 192.168.1.212
16:03:05.968 > NetworkProtocolSSH::open() - Opening session.
16:03:05.969 > NetworkProtocolSSH::open() - Attempting session handshake with fd 57
16:03:06.344 > SSH Host Key Fingerprint is: 7E:35:6C:F6:DB:68:72:C7:1A:FA:8B:12:1B:32:21:C6:DB:54:75:A7
16:03:06.358 > Authentication methods: publickey,password
16:03:09.497 > Could not perform userauth.
16:03:09.497 > Protocol unable to make connection. Error: 144
16:03:09.507 > NetworkProtocolSSH::~NetworkProtocolSSH()
16:03:09.507 > NetworkProtocol::dtor()
16:03:09.508 > ERROR


 

Did you set the username and password using nlogin? (netcat also asks for this)

 

-Thom

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...