Root Password and SSH access

[grantc]

Since the upgrade I have been unable to make a SSH connection - "packet _write_wait:Broken Pipe" is the error. Password is correct as I can connect via SMB as root.
Also trying to change the root password via the gui in the Settings/Network does not appear to work - using the random password change option works fine, but entering a password is not saved.

Thanks for your help

[MrQuade]

Since the upgrade I have been unable to make a SSH connection - "packet _write_wait:Broken Pipe" is the error. Password is correct as I can connect via SMB as root.

The password for Samba and SSH are not the same.

The root password (used by SSH) is blank/null with default settings. You should be able to log in as root and just press ENTER when asked for a password.

The Samba username/password of beyonwiz/beyonwiz is only required for accessing the root file share.

[prl]

SSH works just fine for me in the new firmware (tested on T2, T3 & T4). if root doesn't have a password. It fails with the error you posted if I set a root password and correctly authenticate with it. If I enable debugging in the SSH client, I can see that authentication succeeded, and if I give an incorrect password, it just asks for the password again.

SMB authentication is separate from SMB and Telnet authentication.

To enter a password manually in MENU>Setup>Network>Password, press BLUE Keyboard, enter the password there, GREEN to accept the password in the text entry panel, then GREEN Set Password in the main Password setup screen.

[prl]

...
The root password (used by SSH) is blank/null with default settings. You should be able to log in as root and just press ENTER when asked for a password.
...

Yes, but if you set a password for root, connecting using ssh fails with "packet _write_wait:Broken Pipe" as grantc describes (though a bit more detail might have made the condition for the error more obvious).

Telnet authentication works just fine if there's a root password.

This looks like a server side ssh bug (or something weird in /etc/ssh/ssh_config, though I can't see anything untoward there).

[MrQuade]

It fails with the error you posted if I set a root password and correctly authenticate with it. If I enable debugging in the SSH client, I can see that authentication succeeded, and if I give an incorrect password, it just asks for the password again.

Erk! That's not good!

[prl]

New topic in Bugs & Enhancements: ssh connection to Beyonwiz fails if a root password is set

[grantc]

Just an observation - with a root password set. Try to connect, press enter/blank password three times when prompted, should then prompt with "root@ip_address's password:" line, enter password and it authenticates fine.

[greenvomit8]

Just an observation - with a root password set. Try to connect, press enter/blank password three times when prompted, should then prompt with "root@ip_address's password:" line, enter password and it authenticates fine.

Wow grantc. I had exactly the same problem as you with the latest firmware on my T2 and your workaround works a treat.
Prior to this I even tried resetting my T2 back to factory settings but no success.
Strange thing I noticed was even after a factory reset the root password that I saved via MENU>Setup>Network>Password prior to the factory reset would work when connecting via SMB share.
Hopefully the SSH root access will be fixed with a later firmware update.
Thanks again grantc.

[MrQuade]

Strange thing I noticed was even after a factory reset the root password that I saved via MENU>Setup>Network>Password prior to the factory reset would work when connecting via SMB share.
Hopefully the SSH root access will be fixed with a later firmware update.
Thanks again grantc.

Yep that's right, a factory reset only really resets stuff to do with the PVR portions of the Wiz, but not stuff to do with the underlying operating system like the root password.

It's the same reason why the root password is not saved in your settings backup.

If you want to clear settings completely, then a USB firmware update is the way to go.

[prl]

Just an observation - with a root password set. Try to connect, press enter/blank password three times when prompted, should then prompt with "root@ip_address's password:" line, enter password and it authenticates fine.

OK, there's a way around this: change the order of the authentication methods that the SSH client tries.

I'm not sure how to do this in GUI clients like PuTTY, but here's how it's done in the Unix command-line ssh (and scp).

In ~/.ssh/config, set up an entry to specify the authentication order. I also use this to automatically connect to the Beyonwizes as root.

A device-specific entry that does both looks like:

Code: Select all

Host beyonwizt4
        User                            root
        PreferredAuthentications        gssapi-with-mic,hostbased,publickey,password,keyboard-interactive

To do a global setting that just sets the authentication order looks like:

Code: Select all

Host *
        PreferredAuthentications        gssapi-with-mic,hostbased,publickey,password,keyboard-interactive

The ssh command's default authentication order is "gssapi-with-mic,hostbased,publickey,keyboard-interactive,password", so the change simply moved "password" before "keyboard-interactive". It leaves the public key methods first so that if you're set up to use them, they will be tried before asking for a password (and if you use a mechanism like ssh-agent you can have single-authentication using the public key).

If you don't want to use the public key methods, you can just set PreferredAuthentications to "password" (without the quotes).