• The forum software that supports hummy.tv has been upgraded to XenForo 2.3!

    Please bear with us as we continue to tweak things, and feel free to post any questions, issues or suggestions in the upgrade thread.

WebIF - can it be accessed from the WAN?

Session: 192.168.x.x port 22
SSH selected
SSH Auth: private key
Tunnels: LXXXX 127.0.0.1:XXXX
Local
Auto

Is using SSH (selected under connection type)
 
The only port that your router is going to let through is a high numbered random one (the diagram shows 2222 but anything that isn't a standard service port is good*. All other ports will be blocked on your router. If your router can support it, it will forward the request to the high numbered port on to the standard port 22 on the Humax. If not, the Humax can be made to present the SSH server on the same high numbered port you're using on the router.
Just a thought. Would it be easier to set the tunnel up to forward say port 2222 to port 22 on the Humax box. It may be easier than changing the dropbear settings.

e.g local port 2222 forwarded to localhost:22

Edit: Forget it, you're too quick for me :)
 
: ) - dropbear port settings are now in the webif. It seems that not all routers support changing the port during forwarding..
 
Set up a new session - just configure a connection to your Humax, using SSH on port 22 and then, under connection>ssh>auth set the path to the private key file, then go abck to the top, give the session a name and save it. Don't worry about the tunnel details, that can be added in later.

Now, with that session loaded, click on the open button.
If you get the login prompt, then that's good, if not, let us know what happens.

After the login prompt, if you enter 'root', what do you see next?
If it prompts for the password, you have misconfigured PuTTY because you aren't presenting the key. If you have 'Server refused our key' then your configuration on the Humax is wrong or you have presented the wrong key in the config.

For the moment, just test on your local network and forget testing from outside the router.

If you see the message "SSH-2.0-dropbear_o.53.1", it's because you are using telnet to talk to the ssh service, and not using ssh.
 
Set up a new session - just configure a connection to your Humax, using SSH on port 22 and then, under connection>ssh>auth set the path to the private key file, then go abck to the top, give the session a name and save it. Don't worry about the tunnel details, that can be added in later.

Now, with that session loaded, click on the open button.
If you get the login prompt, then that's good, if not, let us know what happens.

After the login prompt, if you enter 'root', what do you see next?
If it prompts for the password, you have misconfigured PuTTY because you aren't presenting the key. If you have 'Server refused our key' then your configuration on the Humax is wrong or you have presented the wrong key in the config.

For the moment, just test on your local network and forget testing from outside the router.

If you see the message "SSH-2.0-dropbear_o.53.1", it's because you are using telnet to talk to the ssh service, and not using ssh.

After login I get the prompt. If I enter 'root' I get root@192.168.x.x.' password.
 

Attachments

  • capture1.JPG
    capture1.JPG
    49.9 KB · Views: 4
  • Capture2.JPG
    Capture2.JPG
    43.8 KB · Views: 4
  • Capture3.JPG
    Capture3.JPG
    24.5 KB · Views: 4
OK - we need to focus on your PuTTY configuration.

What are the names of your public and private keys?
What are the sizes of the 2 files?
Load up the PuTTY session that you are using for testing and check under Connection>SSH>auth and check what the key file is - it needs to be the private key, not the public key.
 
OK - we need to focus on your PuTTY configuration.

What are the names of your public and private keys?
What are the sizes of the 2 files?
Load up the PuTTY session that you are using for testing and check under Connection>SSH>auth and check what the key file is - it needs to be the private key, not the public key.

Private key name is private key.ppk size = 859 bytes
Public key is public key (no filetype) size = 284 bytes

The Connection>SSH>auth contains a link (path) to the private key
 
Have you upgraded your dropbear package recently? If not, try that as it fixes an authentication issue.
 
Have you upgraded your dropbear package recently? If not, try that as it fixes an authentication issue.

I installed dropbear yesterday - have not manually updated it but I have autoupdate set.

I will update it now
 
I installed dropbear yesterday - have not manually updated it but I have autoupdate set.

I will update it now

Having said that the update is hanging processing :(

Maybe we should call it a night? I don't like keeping you 'on the job' !

I can go on all night :)
 

Attachments

  • Capture4.JPG
    Capture4.JPG
    26.8 KB · Views: 6
I'll be around for a while yet.

Hanging updates happens occasionally. Ignore the webif for the moment and telnet/ssh into the box then 'opkg update' followed by 'opkg upgrade' should sort you out.

There is another tool from the PuTTY suite that you might want to try, called Pageant. When you run it, you get a little computer icon with a black hat on it in the task bar. Right click on that and select "Add Key", then select your private key and enter the passphrase. You shouldn't need to do anything else, but in your PuTTY settings, under connection>SSH.Auth, make sure the "Attempt authentication using Pageant" is selected. If Pageant won't load the private key, that will give us a better idea of where the problem may be.

By the way, your file sizes look right.

Please don't lose faith - once you've done this a few times it really is straightforward.
 
I'll be around for a while yet.

Hanging updates happens occasionally. Ignore the webif for the moment and telnet/ssh into the box then 'opkg update' followed by 'opkg upgrade' should sort you out.

There is another tool from the PuTTY suite that you might want to try, called Pageant. When you run it, you get a little computer icon with a black hat on it in the task bar. Right click on that and select "Add Key", then select your private key and enter the passphrase. You shouldn't need to do anything else, but in your PuTTY settings, under connection>SSH.Auth, make sure the "Attempt authentication using Pageant" is selected. If Pageant won't load the private key, that will give us a better idea of where the problem may be.

By the way, your file sizes look right.

Please don't lose faith - once you've done this a few times it really is straightforward.

I investigated pageant, used it and it does have my key
The Attempt authentication using Pageant is selected

I never give up!
 
I'll be around for a while yet.

Hanging updates happens occasionally. Ignore the webif for the moment and telnet/ssh into the box then 'opkg update' followed by 'opkg upgrade' should sort you out.

The 'opkg update' just hangs also.
 
I investigated pageant, used it and it does have my key
The Attempt authentication using Pageant is selected

I never give up!

I'll be giving up in about a glass and a half of red's time ;)

Could you please run the following commands for me on the box and let me know the output. I don't think that this is where the problem lies, but you never know.
Code:
ls -al /mod/.ssh
ls -al /mod/.ssh/authorized_keys
cat /mod/.ssh/authorized_keys

Then, telnet into the box (use PuTTY, just tick the telnet option) and run the following commands
Code:
/mod/etc/init.d/S88dropbear stop
/mod/sbin/dropbear -E -F

These commands will stop dropbear running in the background and will log debug information to the console window.

Try to log in using your key and then copy what's in the console window and post it here (after sanitising IP addresses of course). Once you've done that, you can CTRL-C in the window and run
Code:
/mod/etc/init.d/S88dropbear start

which will restart the service.
 
The 'opkg update' just hangs also.

A reboot of the box might fix that, but you're already on dropbear 0.53.1 which I think doesn't have the authentication problem, but can't be tweaked by webif. That's not critical to this step of the process, so don't worry.
 
Back
Top