Re: Wii SSH isn't working

To: Harold Gutch <logix%foobar.franken.de@localhost>
Subject: Re: Wii SSH isn't working
From: Anne DeCusatis <anne.decusatis%gmail.com@localhost>
Date: Mon, 5 May 2025 11:52:21 -0400

Hi,

> I haven't used made *heavy* use of the Wii's wifi, but I have tested
> it briefly on both current and netbsd-10 (well, actually a 10.1
> release with the wifi patches backported) and I didn't have any issues
> like these.  My first guess is that it's a resolver issue of sorts.

Thanks very much for the hints and for confirming it's something with
my setup in particular!

I now suspect the issue is related to my Raspberry Pi's Pi-Hole
network configuration.
On the Pi-Hole side I have toggled off "Never forward reverse lookups
for private IP ranges" and I have added Local DNS records for the
static IPs I configured for the pi's and the wii using my router DHCP.
On my router's side, I've toggled on IPv6. I then rebooted everything
I'd changed (wifi router, raspberry pi, wii). This alone doesn't seem
to have fixed it but I'll keep trying to understand and will report
back to the thread once I figure it out.

I've answered your questions with additional debug info below, in case
it helps someone pattern match it to their setup in the future, but I
suspect a fix to my specific issue is out of scope for the broader
list at this point, so I understand if we'd rather close this thread
here.

Thanks again,
Anne

> Can you resolve (on the Wii) the IP from which you are trying to ssh
> in?  I.e., what happens if you do a "host aaa.bbb.ccc.ddd"?
My Raspberry Pi is named "tvpi" and assigned an IP at 192.168.x.5. My
Wii is named "wii" and assigned an IP at 192.168.x.7.

On the wii:
host tvpi returns the correct IP assignment of .5 as well as an ipv6 address.
host 192.168.x.5 gives me: Host 5.x.168.192.in-addr.arpa. not found: 3(NXDOMAIN)
I am prompted for a password and able to SSH when I SSH to myself at
192.168.x.7 or at wii
I am not prompted for a password (it looks like SSH hangs) when I SSH
to the pi via either IP or name, though ssh with -vvv shows that it
hangs at "expecting SSH2_MSG_KEX_ECDH_REPLY" -- I can cat the full log
to a file and pull it from the wii if desirable.

On the raspberry pi:
host tvpi, same addresses as on the wii
host wii, ipv4 address of .7 is correctly there, no ipv6
host for the IP address of either .5 or .7 fails with nxdomain
I am able to SSH to myself and to other locations on the network (not the wii)
When I try to SSH to the Wii I get:
parsnip@tvpi:~ $ ssh root@wii -vvv
OpenSSH_8.4p1 Raspbian-5+deb11u3, OpenSSL 1.1.1w  11 Sep 2023
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include
/etc/ssh/ssh_config.d/*.conf matched no fil
es
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' ->
'/home/parsnip/.ssh/known_ho
sts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' ->
'/home/parsnip/.ssh/known_h
osts2'
debug2: resolving "wii" port 22
debug2: ssh_connect_direct
debug1: Connecting to wii [192.168.x.7] port 22.
debug1: Connection established.
debug1: identity file /home/parsnip/.ssh/id_rsa type -1
debug1: identity file /home/parsnip/.ssh/id_rsa-cert type -1
debug1: identity file /home/parsnip/.ssh/id_dsa type -1
debug1: identity file /home/parsnip/.ssh/id_dsa-cert type -1
debug1: identity file /home/parsnip/.ssh/id_ecdsa type -1
debug1: identity file /home/parsnip/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/parsnip/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/parsnip/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/parsnip/.ssh/id_ed25519 type -1
debug1: identity file /home/parsnip/.ssh/id_ed25519-cert type -1
debug1: identity file /home/parsnip/.ssh/id_ed25519_sk type -1
debug1: identity file /home/parsnip/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/parsnip/.ssh/id_xmss type -1
debug1: identity file /home/parsnip/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.4p1 Raspbian-5+deb11u3
debug1: Remote protocol version 2.0, remote software version
OpenSSH_1009 NetBSD_Secure_
Shell-20250409-hpn13v14-lpk
debug1: match: OpenSSH_1009 NetBSD_Secure_Shell-20250409-hpn13v14-lpk
pat OpenSSH* compa
t 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to wii:22 as 'root'
debug3: hostkeys_foreach: reading file "/home/parsnip/.ssh/known_hosts"
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent

And on my Ubuntu laptop:
host tvpi returns 2 SERVFAIL
host wii returns 2 SERVFAIL
host 192.168.x.5 or .7 gives me a 3 NXDOMAIN
I am prompted for a password and able to SSH to the Pi when I SSH to
192.168.x.5 (though expectedly the name tvpi doesn't resolve)
I am not prompted for a password when I SSH to 192.168.x.7 - same
hanging / kexinit behavior as when I SSH from the Raspberry Pi

> Adding the IP from which you are connecting to /etc/hosts and/or
> adding a working nameserver to /etc/resolv.conf (that's both on the
> Wii, not on the client you are connecting from) should help.
It looks like /etc/resolv.conf on the Wii correctly points to the wifi
router here at 192.168.x.1, which is configured router-side to forward
to pi-hole on the pi (192.168.x.5) for DNS.

Follow-Ups:
- Re: Wii SSH isn't working
  - From: Harold Gutch

References:
- Wii SSH isn't working
  - From: Anne DeCusatis
- Re: Wii SSH isn't working
  - From: Harold Gutch

Prev by Date: Re: Wii SSH isn't working
Next by Date: Re: Wii SSH isn't working
Previous by Thread: Re: Wii SSH isn't working
Next by Thread: Re: Wii SSH isn't working
Indexes:

Home | Main Index | Thread Index | Old Index