I've been thinking about this problem some more, and I am wondering if
the reason sshd is breaking could also be because of IPv6. So far, most
of the problems I have had seem to have IPv6 at their root. (Guessing
here...) Once again, I beg you all... Is there ANY WAY to disable IPv6
without a kernel recompile? When I google it, all I get are a bunch of
people asking the same question and then receiving responses like "I
can't conceive why anyone would want to disable IPv6, so I'm not even
going to tell you if it is possible! Nyah!"

[Listening to: Let Me Out - Future Leaders of the World - Let Me Out -
Single (04:03)]
=20

> -----Original Message-----
> From: Gary Thorpe [mailto:gathorpe79@yahoo.com]=20
> Sent: Wednesday, February 09, 2005 10:52
> To: Erik Nielsen; netbsd-help@netbsd.org
> Subject: Re: IPV6 and sshd problems
>=20
> I don't have any solutions, but I have notied similar and/or related
> problems.
>=20
>  --- Erik Nielsen <Erik@kythra.net> wrote:=20
> > Hi all,
> >=20
> > I'm having some problems with ipv6 and with sshd and hope=20
> someone can
> > give me some help.
> >=20
> > A bit of background:
> > Computer: SparcIPC w/48MB RAM
> > OS: NetBSD 2.0 (Not even going to go into the absolute hell I had to
> > go
> > through to install 2.0.)
> > Distributions Sets: All except for the X sets, games and man pages
> >=20
> > Problems:
> > 1. I created a user who is a member of the wheel group.=20
> That user has
> > a
> > password. I started sshd, and after it finished generating the
> > keypairs,
> > it began running. When I try to ssh in to the machine, it will not
> > let
> > me connect, claiming that the password is incorrect.

In my frustration, I seem to have mis-interpreted the error. The actual
error is: "Password authentication failed"
Does that ring a bell to anyone?
It is weird because ssh in 1.5 worked just fine on a default install.
This is actually the most important thing to solve, because I have no
sun monitor/kb/mouse and am borrowing a serial terminal just until I get
sshd working. NetBSD 2.0 sparc taking all my not-at-work time for four
days Just To Install, which was a lot longer than I anticipated. The
person I am borrowing the terminal from wants it back ASAP. If I don't
at least get sshd running in the next day or two, I'm going to be forced
to give up NetBSD as a lost cause.

> >I tried
> > resetting
> > the password and still no dice. In previous versions of=20
> NetBSD I have
> > never had this problem, and have googled it to no luck. Any
> > suggestions?
>=20
> I have had a probably unrelated problem: I just recently installed 2.0
> on i386 and it seems that after a while keys begin to repeat very
> easily on the console (remote seems fine). This made it difficult to
> log in locally unless I typed really slowly and carefully.

Unfortunately, I don't think they are the same root cause.
I haven't used i386 in almost 6 years now so I can't really help...
Sorry! Using a serial console on a sparc IPC has a silly problem where
if you less something or open it in vi, it mixes the previous text on
the console with what should currently be displaying... Giving garbled
mush to the user. Never bothered me before because in previous releases,
ssh access has been one command away, and this problem does not manifest
over an ssh connection. (This manifests both on the hardware and
software terminals I have tested it with...)

> > 2. I need to disable IPV6 without recompiling the kernel. Before
> > everyone jumps on me with "IPv6 is great, no one should disable it,
> > it
> > just works", hear me out. I don't care whether IPv6 is running or
> > not, I
> > don't use it. However, in 2.0, whenever I try to use=20
> pkg_add, it sits
> > and hangs for a while before spitting out an IPv6 address and
> > claiming
> > "no rout to host" I was under the impression that if IPv6 failed,
> > pkg_add/ftp/etc should try IPv4, but it is not! The only time I got
> > pkg_add to work was when I ran the following:
> > $ pkg_add
> > ftp://204.152.190.13/pub/NetBSD/packages/2.0/sparc/All/static-tcsh
> > Then, the computer sat there, not doing anything for about=20
> 10 minutes
> > before suddenly installing the package. It is my guess that it took
> > forever because it had to fall over to IPv4, rather than using it
> > first.
> > Also, randomly I get notifications, when logged in as root, that
> > sendmail is unable to find a rout to the host and then,=20
> once again, I
> > get some annoying IPv6 address.
>=20
> I notice that whenever I contact some host under .netbsd.org=20
> (e.g. FTP)
> the DNS returns an IPv6 address first. Shouldn't DNS requests=20
> from IPv4
> requestors return IPv4 addresses by default (I don't have IPv6
> enabled)? This only seems to happen when connecting using a NetBSD
> client for some reason (seems true under 1.6, haven't tried with 2.0).
> Is this just how DNS works with IPv6? It does sound like some unwanted
> coercion to use a network protocol you have no use for (and=20
> even if you
> did, your ISP probably doesn't anyway).

I don't think it is just limited to *.netbsd.org as sendmail has been
erroring with an IPv6 "no route to host" also. <shrug>
I really know very little about IPv6, except that it seems to be causing
all sorts of sysadmin misery for me so I don't know if that is how IPv6
DNS is supposed to work. If it is, then IPv6 seems like a bad idea to
me. I agree about the unwanted coercion, with this release (and after
reading the responses on various @netbsd.org mailing lists) it seems
like someone decided that IPv6 is the only way to go and is on a holy
crusade to force as many people to switch to it as possible, with little
care if it breaks stuff along the way. Yes, I am bitter... I have yet to
find a single way to turn it off, other than recompiling the kernel. I
can't recompile the kernel until I can get /src and I cannot get /src
until I can get ftp working. (I have since tried to ftp using ip address
instead of domain name and I am back to the IPv6 "no route to host"
problem.)Catch 22 anyone? Also, the only responses I have found in
googleing turning off IPv6 are "recompile the kernel" and responses
saying "I cannont imagine why you would want to disable IPv6". <whimper>