<div dir="auto">Time for a left-field idea. This is PiOS right? Raspberry pi OS?</div><div dir="auto"><br></div><div dir="auto">When I log in with the default user (pi) using any method, and still have the default password set on that account, it triggers a message on the console telling me to change the password. </div><div dir="auto"><br></div><div dir="auto">Now, that surely should only come up in an interactive shell, it doesn't ask for any input either, but I think it is specific to PiOS, so ... maybe it's badly implemented somehow. </div><div dir="auto"><br></div><div dir="auto">Question: do you still have the default password set, and does this problem still happen if you've changed it?</div><div dir="auto"><br></div><div dir="auto">(Told you it was a bit off-the-wall!)</div><div dir="auto"><br></div><div dir="auto">AK </div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 30 Mar 2021 at 21:48, Gordon Gray <<a href="mailto:gordo.gray@gmail.com">gordo.gray@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)"><div dir="auto">Hi all. I’m enjoying this thread. My approach to problem solve would be the one Tai described: run the commands from the script manually. </div><div dir="auto"><br></div><div dir="auto">One thing I noticed though is this line in the debug output</div><div dir="auto"><br></div><div dir="auto"><span style="font-family:monospace;word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)">debug1: Sending env LANG = en_GB.UTF-8</span><br></div><div dir="auto"><span style="font-family:monospace;word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)"><br></span></div><div style="background-color:rgba(0,0,0,0);border-color:rgb(255,255,255);color:rgb(255,255,255)" dir="auto"><font style="color:rgb(0,0,0)">I suspect you might need to edit your locale as described here:</font></div><div style="background-color:rgba(0,0,0,0);border-color:rgb(255,255,255)" dir="auto"><font style="color:rgb(0,0,0)"><br></font></div><div style="background-color:rgba(0,0,0,0);border-color:rgb(255,255,255)" dir="auto"><font style="color:rgb(0,0,0)"><div><a href="https://unix.stackexchange.com/questions/347914/how-to-set-lc-all-en-gb-utf-8-in-raspbian" target="_blank">https://unix.stackexchange.com/questions/347914/how-to-set-lc-all-en-gb-utf-8-in-raspbian</a></div><div dir="auto"><br></div><div dir="auto">Cheers,</div><div dir="auto">Gordon</div><br></font></div><div><div class="gmail_quote"><div dir="ltr" class="gmail_attr"><br></div><div dir="ltr" class="gmail_attr">On Tue, 30 Mar 2021 at 21:39, <<a href="mailto:tengo@tutanota.de" target="_blank">tengo@tutanota.de</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)">
<div>
<div>Hi Nick,<br></div><div><br></div><div>Both are 1500.<br></div><div><br></div><div>Regards,<br></div><div><br></div><div>John<br></div><div><br></div><div>-----------<br></div><div><br></div><div><br></div><div><br></div><div>30 Mar 2021, 21:22 by <a href="mailto:nick@dischord.org" target="_blank">nick@dischord.org</a>:<br></div></div><div><blockquote style="border-left-width:1px;border-left-style:solid;padding-left:10px;margin-left:5px;border-left-color:rgb(147,163,184)"><div dir="ltr"><div dir="ltr"><div>Can you check network interface MTU settings? A simple 'ip li' should do the trick. Make sure they're all the same; 1500 being the default for Ethernet, or if you've enabled jumbo frames then perhaps 9000. The key thing is that they're all exactly the same.<br></div><div><div><br></div><div><div data-smartmail="gmail_signature" dir="ltr"><div dir="ltr"><div>-- <br></div><div><div><br></div><div>-Nick<br></div></div></div></div></div><div><br></div></div></div><div><br></div><div><div dir="ltr">On Tue, 30 Mar 2021 at 21:08, <<a href="mailto:tengo@tutanota.de" rel="noopener noreferrer" target="_blank">tengo@tutanota.de</a>> wrote:<br></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)"><div><div>Thanks for all the replies.<br></div><div><br></div><div>Quiet a lot of discussion and suggestions and things I don't quite understand. I'm willing to try more troubleshooting, but for now here's a copy of the output from ssh-copy-id with DEBUG3 - <a href="https://file.re/2021/03/30/ssh-copy-id-debug3/" rel="noopener noreferrer" target="_blank">https://file.re/2021/03/30/ssh-copy-id-debug3/</a> . It will be available for 24 hours. <br></div><div><br></div><div>@Tai - Thanks for your suggestion. I'm not looking for a work around as I think this issue is also stopping me from using Ansible to manage the Pi. <br></div><div><br></div><div>For example, if I manually copy the key to the Pi I can SSH without any issues. However, if I run a simple Ansible ad-hoc command using the "ping" module it hangs too. This module makes its connection with SSH and I'm using the same account (pi). I also encountered issues when I tried the ssh extension in VS code too. Not too bothered about VS code extension (in preview), but it's also using ssh and failing.<br></div><div><br></div><div>None of this is a problem from my other laptop.<br></div><div><br></div><div>-----------<br></div><div><br></div><div><br></div><div><br></div><div>30 Mar 2021, 16:48 by <a href="mailto:dch.tai@gmail.com" rel="noopener noreferrer" target="_blank">dch.tai@gmail.com</a>:<br></div><blockquote style="border-left-width:1px;border-left-style:solid;padding-left:10px;margin-left:5px;border-left-color:rgb(147,163,184)"><div dir="ltr"><div>Back on track :-)<br></div><div><br></div><div>You could try running as Geetam suggested <br></div><div><br></div><div> ssh-copy-id -o LogLevel=DEBUG3 pi@$IP<br></div><div><br></div><div>for even more verbose output (equivalent to running ssh -vvv ...)<br></div><div><br></div><div><br></div><div>If you "just want it to work", and regular SSH seems to work, you could instead run this:<br></div><div><br></div><div> akeysfile=".ssh/authorized_keys"<br></div><div> ssh pi@"$IP" "cd ; umask 077 ; mkdir -p .ssh && touch $akeysfile && cat >> $akeysfile" < "$HOME/.ssh/id_rsa.pub"<br></div><div><br></div><div>This is the simplified version of what ssh-copy-id tries to do, except the latter does extra checking of various things. This one just bluntly and forcibly append your existing public id content to the remote auth keys file. Manually adding a key is what I do to grant access to other people onto boxes, this technique is fine.<br></div><div><br></div><div><br></div><div>From reading the ssh-copy-id script, I can see it does some complex jiggery-pokery with trying to read the public key file and determine if it's the latest, if it's already over on the other side, etc. That it prompts means there's a connection. That it hangs on that command, makes it sound like the printf isn't doing what is expected and the `cat` being run on the remote side isn't receiving data, OR that the server is trying to prompt you somehow but you are not seeing that prompt, which is unlikely but I've seen weirder, I'm sure.<br></div><div><br></div><div>Which leads me to still suspect as Andrew Kember mentioned that X11 might be getting in the way, or some other SSH option causing the client to wait for the server to supply something and the two are in disagreement. Once sanitized, could you send the contents of ~/.ssh/config (or, look there to see if there is any mention of xauth or X11 ?) I most often don't have anything in that config, so if it's heavily populated, you might need to weed around it.... or, try renaming it temporarily so that it does not take effect.<br></div><div><div><div dir="ltr"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div><br></div><div><br></div><div>Note that if you are somehow trying to include ssh-copy-id inside as a recipient in a pipe, it will play silly diggers with you, so don't pipe anything into the script.<br></div><div><br></div><div><br></div><div>Good luck, cod speed.<br></div><div><br></div><div><div><br></div><div><br></div><div>===<br></div><div>Tai Kedzierski<br></div></div><div><br></div><div>EdLUG Maintainer: <a rel="noopener noreferrer" href="https://edlug.gitlab.io/" target="_blank">https://edlug.gitlab.io/</a><br></div></div><div><br></div><div>Edinburgh Language Meetup Organiser<br></div><div><a rel="noopener noreferrer" href="https://www.meetup.com/Edinburgh-Language-Exchange-Meetup-Group/" target="_blank">https://www.meetup.com/Edinburgh-Language-Exchange-Meetup-Group/</a><br></div><div><div dir="ltr"><br></div><div dir="ltr"><span><span style="font-size:10px"><i>Open Source Free Software is a matter of liberty, not price.</i><br> <a rel="noopener noreferrer" href="https://www.fsf.org/about/what-is-free-software" target="_blank">https://www.fsf.org/about/what-is-free-software</a></span></span><span><span style="font-size:13px"></span></span></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><div><br></div></div></div><div><br></div><div><div dir="ltr">On Tue, 30 Mar 2021 at 16:05, Justin B Rye <<a rel="noopener noreferrer" href="mailto:justin.byam.rye@gmail.com" target="_blank">justin.byam.rye@gmail.com</a>> wrote:<br></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)"><div>Robert McWilliam wrote:<br></div><div>> On Tue, 30 Mar 2021, at 13:09, Justin B Rye wrote:<br></div><div>>>> pstree -sup $(ps aux | grep sshd | awk '{print $2}' | sort -n | head -n 1)<br></div><div>>>> <br></div><div>>> <br></div><div>>> As a general rule of thumb, any complicated pipeline like that is<br></div><div>>> really a job for pgrep (which you probably get in the same package as<br></div><div>>> ps). The above simplifies down to<br></div><div>>> <br></div><div>>> pstree -sup $(pgrep sshd)<br></div><div>> <br></div><div>> You've thrown away a bit too much of the pipeline there: pgrep will<br></div><div>> give multiple results if there are SSH sessions and only want one for<br></div><div>> pstree so need the head part (and possibly the sort - I think ps and<br></div><div>> pgrep will give processes in order of PID without having to sort but<br></div><div>> chucking sort in the pipeline was quicker than checking).<br></div><div><br></div><div>When you want the oldest, that's "pgrep -o sshd"; taking the lowest<br></div><div>number will mess up if the PIDs wrap around. Mind you, I was<br></div><div>surprised by how hard it has become to do this - I hadn't previously<br></div><div>noticed that /proc/sys/kernel/pid_max has gone up from 32,768 on my<br></div><div>old stable desktop to 4,194,304 on my testbed machine!<br></div><div><br></div><div>[...]<br></div><div>> Yes, just explaining where to manually copy the PID from is probably<br></div><div>> easier, but where's the fun in that :) <br></div><div><br></div><div>I hope you'll forgive me my addiction to shell golf then!<br></div><div>-- <br></div><div>Justin B Rye<br></div><div><a href="http://jbr.me.uk/" rel="noopener noreferrer" target="_blank">http://jbr.me.uk/</a><br></div><div><br></div><div>-- <br></div><div>EdLUG mailing list<br></div><div><a rel="noopener noreferrer" href="mailto:EdLUG@mailman.lug.org.uk" target="_blank">EdLUG@mailman.lug.org.uk</a><br></div><div><a href="https://lists.edlug.org.uk/mailman/listinfo/edlug" rel="noopener noreferrer" target="_blank">https://lists.edlug.org.uk/mailman/listinfo/edlug</a><br></div></blockquote></div></blockquote><div><br></div></div><div>--<br></div><div> EdLUG mailing list<br></div><div> <a href="mailto:EdLUG@mailman.lug.org.uk" rel="noopener noreferrer" target="_blank">EdLUG@mailman.lug.org.uk</a><br></div><div> <a rel="noopener noreferrer" href="https://lists.edlug.org.uk/mailman/listinfo/edlug" target="_blank">https://lists.edlug.org.uk/mailman/listinfo/edlug</a><br></div></blockquote></div></div></blockquote><div><br></div> </div>
-- <br>
EdLUG mailing list<br>
<a href="mailto:EdLUG@mailman.lug.org.uk" target="_blank">EdLUG@mailman.lug.org.uk</a><br>
<a href="https://lists.edlug.org.uk/mailman/listinfo/edlug" rel="noreferrer" target="_blank">https://lists.edlug.org.uk/mailman/listinfo/edlug</a></blockquote></div></div>
-- <br>
EdLUG mailing list<br>
<a href="mailto:EdLUG@mailman.lug.org.uk" target="_blank">EdLUG@mailman.lug.org.uk</a><br>
<a href="https://lists.edlug.org.uk/mailman/listinfo/edlug" rel="noreferrer" target="_blank">https://lists.edlug.org.uk/mailman/listinfo/edlug</a></blockquote></div></div>