• Re: SSH vs. Telnet

    From Avon@21:1/101 to nathanael on Thu Dec 27 22:14:28 2018
    On 12/26/18, nathanael pondered and said...

    I'm running on telnet which, of course, has a poor security reputation.
    I see many are using SSH. Are there any security issues with running Mystic on telnet? I'm having SSH connection issues, and wondering if there's any point to putting time into troubleshooting.

    --- Mystic BBS v1.12 A39 2018/04/21 (Raspberry Pi/32)
    * Origin: *HUMONGOUS* BBS (21:4/123)

    Just replying in fsx_mys

    Well SSH is the better way to go but I have used Telnet for years and am only just pondering seriously a move to SSH. That said it looks like my SSH is not working having moved to 1.12 A40 .. attempts to connect to the server running on port 2024 at agency.bbs.nz are being rejected.

    I'm seeing

    + 2018.12.27 17:01:50 SSH > Connect on slot 1/8 (2001:0470:000D:0123:1DCD:89D1:2451:1648)
    + 2018.12.27 17:01:50 SSH 1-HostName PH2018
    + 2018.12.27 17:01:50 SSH 1-Country United States of America (US)
    + 2018.12.27 17:01:50 SSH 1-Creating terminal process
    + 2018.12.27 17:01:50 SSH 1-Closing terminal process
    + 2018.12.27 17:02:03 SSH > Connect on slot 1/8 (2001:0470:000D:0123:1DCD:89D1:2451:1648)
    + 2018.12.27 17:02:03 SSH 1-HostName PH2018
    + 2018.12.27 17:02:03 SSH 1-Country United States of America (US)
    + 2018.12.27 17:02:03 SSH 1-Creating terminal process
    + 2018.12.27 17:02:03 SSH 1-Closing terminal process
    + 2018.12.27 17:02:33 SSH > Connect on slot 1/8 (2001:0470:000D:0123:1DCD:89D1:2451:1648)
    + 2018.12.27 17:02:33 SSH 1-HostName PH2018
    + 2018.12.27 17:02:34 SSH 1-Country United States of America (US)
    + 2018.12.27 17:02:34 SSH 1-Creating terminal process
    + 2018.12.27 17:02:34 SSH 1-Closing terminal process

    when I test via IPv6 tunnel :(

    Tested with MagiTerm and Nodespy

    Others may care to test their SSH also.

    --- Mystic BBS v1.12 A40 2018/12/25 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Vk3jed@21:1/109 to Avon on Thu Dec 27 20:54:00 2018
    On 12-27-18 17:14, Avon wrote to nathanael <=-

    Well SSH is the better way to go but I have used Telnet for years and
    am only just pondering seriously a move to SSH. That said it looks like
    my SSH is not working having moved to 1.12 A40 .. attempts to connect
    to the server running on port 2024 at agency.bbs.nz are being rejected.

    While I've still got telnet enabled, I've pretty much moved to SSH, except for some links that are totally contained with my LAN and on IPv6 as well. Whenever I'm BBSing from outside, I always use SSH. :)

    One thing that would be nice would to be able to turn on SSH keepalives, so NAT timeouts from the random network you're using don't nuke the SSH connection prematurely. I know in my case, the NAT issue is always at the client end, because my BBSs are all on public IPs. :)


    ... What sushi bar!? That was my aquarium!
    === MultiMail/Win v0.51
    --- SBBSecho 3.03-Linux
    * Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (21:1/109)
  • From nathanael@21:4/123 to Avon on Fri Dec 28 13:13:06 2018
    When I fire up the Mystic servers I see "Cryptlib not detected" and so SSH doesn't work for me.

    --- Mystic BBS v1.12 A41 2018/12/27 (Raspberry Pi/32)
    * Origin: *HUMONGOUS* BBS (21:4/123)
  • From Avon@21:1/101 to nathanael on Sat Dec 29 21:40:06 2018
    On 28 Dec 2018, nathanael pondered and said...

    When I fire up the Mystic servers I see "Cryptlib not detected" and so
    SSH doesn't work for me.

    So for starters you're going to need to get your hands on CryptLib and follow the install info on the Mystic Wiki :)


    ──────────────────────────────────────── ──── E∙avon@bbs.nz ────── W∙bbs.nz ─── ──── K∙keybase.io/avon ──────────────

    --- Mystic BBS v1.12 A42 2018/12/28 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Al@21:5/102 to nathanael on Sat Dec 29 05:21:31 2018
    On 28 Dec 2018, nathanael said the following...

    When I fire up the Mystic servers I see "Cryptlib not detected" and so
    SSH doesn't work for me.

    Where is your libcl.so.*?

    I built libcl.so by unpacking the cl344.zip (or cl3441.zip), running "make shared" and putting the resulting libcl.so.3.4.4 in /usr/lib64 (/usr/lib for 32-bit) and creating a symlink called libcl.so pointing to libcl.so.3.4.4.

    I probably should have renamed libcl.so.3.4.4 to libcl.so but either way will work.

    Ttyl :-),
    Al


    --- Mystic BBS v1.12 A42 2018/12/28 (Linux/64)
    * Origin: Nemesis BBS - Penticton, BC Canada (21:5/102)
  • From Al@21:5/102 to nathanael on Sat Dec 29 06:55:56 2018
    On 29 Dec 2018, Al said the following...

    I built libcl.so by unpacking the cl344.zip (or cl3441.zip)

    It's important to remember (on linux) to use the -a parameter to unzip those files. unzip -a cl344.zip or the make command will fail.

    Ttyl :-),
    Al


    --- Mystic BBS v1.12 A42 2018/12/29 (Linux/64)
    * Origin: Nemesis BBS - Penticton, BC Canada (21:5/102)
  • From nathanael@21:4/123 to Avon on Mon Dec 31 02:34:01 2018
    to need to get your hands on CryptLib and
    follow the install info on the Mystic Wiki :)

    Done and in progress, though I note the wiki's list of requirements says nothing about a cuppa. My Pi2 is no speed demon.

    --- Mystic BBS v1.12 A41 2018/12/27 (Raspberry Pi/32)
    * Origin: *HUMONGOUS* BBS (21:4/123)
  • From nathanael@21:4/123 to nathanael on Mon Dec 31 02:59:03 2018
    Done and in progress

    Success.

    21:37:55 MANAGER Starting event system 21:37:55 MANAGER Starting 3 server(s)
    21:37:55 TELNET Listening on IPV4 port 2323 using interface "0.0.0.0" 21:37:55 TELNET Listening on IPV6 port 2323 using interface "::"
    21:37:55 BINKP Listening on IPV4 port 24555 using interface "0.0.0.0" 21:37:55 SSH Listening on IPV4 port 2222 using interface "0.0.0.0" 21:37:55 SSH Listening on IPV6 port 2222 using interface "::"
    21:37:55 BINKP Listening on IPV6 port 24555 using interface "::"
    21:37:55 EVENT Starting 4 event(s)
    21:38:50 SSH > Connect on slot 1/5 (10.10.10.131)
    21:38:50 SSH 1-HostName Unknown
    21:38:50 SSH 1-Negotiating SSH session
    21:39:10 SSH 1-Creating terminal process

    Then less success.

    21:48:50 SSH > Connect on slot 1/5 (107.181.77.54) 21:48:50 SSH 1-HostName 107-181-77-54.contina.com
    21:48:50 SSH 1-Negotiating SSH session
    21:49:22 SSH 1-Session failed

    And Netrunner says:

    SSH-2.0-cryptlib
    Handshake failed

    Dunno if it means anything, but I can connect and log in when I ssh from the
    Pi to the Pi, but not from another machine in the network or from outside.

    --- Mystic BBS v1.12 A41 2018/12/27 (Raspberry Pi/32)
    * Origin: *HUMONGOUS* BBS (21:4/123)
  • From nathanael@21:4/123 to nathanael on Mon Dec 31 03:44:46 2018
    And Netrunner says:
    SSH-2.0-cryptlib

    Well, doh! Of course Netrunner doesn't support ssh. qodem and syncterm both connected.

    nathanael

    --- Mystic BBS v1.12 A41 2018/12/27 (Raspberry Pi/32)
    * Origin: *HUMONGOUS* BBS (21:4/123)
  • From Pequito@21:1/126 to nathanael on Sun Dec 30 17:10:01 2018
    On 30 Dec 2018, nathanael said the following...

    And Netrunner says:
    SSH-2.0-cryptlib

    Well, doh! Of course Netrunner doesn't support ssh. qodem and syncterm both connected.

    Get the latest version and it supports SSH. http://mysticbbs.com/downloads/prealpha/

    Cheers!
    Pequito

    --- Mystic BBS v1.12 A42 2018/12/29 (Linux/64)
    * Origin: Twinkle BBS # (21:1/126)