Jump to content

Orange Pi PC unable to connect through SSH from Macbook


twilipi

Recommended Posts

Hi all, I'm a n00b e to the SBCs and linux

I've bought my very first SBC:orange pi PC, and it arrived the day before

after some struggling with the "connection refused" error (just resolve it by opening the remote login inside preference>sharing on my macOS 10.12)

I finally enter the login screen, and use the command "ssh root@169.254.134.132" to my terminal

it denied my password request

I'm sure the password I've used is 1234, but whatever I used this, or restart my computer, using the desktop version, even changing other workable SD card, it still get the same result. (I'm not going to use the nightly version, seems it doesn't get any end support)

and I try all the legacy kernels (ubuntu and debian) the result still the same

here's my ifconfig result to my board:

en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=27<RXCSUM,TXCSUM,VLAN_MTU,TSO4>
	ether e8:06:88:b4:e7:40 
	inet6 fe80::1c5f:353e:4d59:ceb6%en0 prefixlen 64 secured scopeid 0x4 
	inet 169.254.134.132 netmask 0xffff0000 broadcast 169.254.255.255
	nd6 options=201<PERFORMNUD,DAD>
	media: autoselect (100baseTX <full-duplex>)
	status: active

and here's my failed login record (sounds not necessary, and censored some privacy stuffs)

_________-MacBook:~ ____$ ssh root@169.254.134.132
The authenticity of host '169.254.134.132 (169.254.134.132)' can't be established.
ECDSA key fingerprint is SHA256:00Yd+CCokUivY9n4hw18G+ppctvrCdMesyZGIaS9JOw.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '169.254.134.132' (ECDSA) to the list of known hosts.
Password:
Password:
Password:
root@169.254.134.132's password: 
Permission denied, please try again.
root@169.254.134.132's password: 
Permission denied, please try again.
root@169.254.134.132's password: 
Received disconnect from 169.254.134.132 port 22:2: Too many authentication failures
Authentication failed.

is it my Macbook(2010 unibody version)'s problem or that orange Pi PC is defected?

 

thanks!

Link to comment
Share on other sites

_________-MacBook:~ ____$ ssh -v root@orangepipc.local
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /etc/ssh/ssh_config
ssh: Could not resolve hostname orangepipc.local: nodename nor servname provided, or not known
_________-MacBook:~ ____$ ssh -v root@169.254.134.132
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 169.254.134.132 [169.254.134.132] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /Users/____/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/____/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/____/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/____/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/____/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/____/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/____/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/____/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 169.254.134.132:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:00Yd+CCokUivY9n4hw18G+ppctvrCdMesyZGIaS9JOw
debug1: Host '169.254.134.132' is known and matches the ECDSA host key.
debug1: Found key in /Users/____/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/____/.ssh/id_rsa
debug1: Trying private key: /Users/____/.ssh/id_dsa
debug1: Trying private key: /Users/____/.ssh/id_ecdsa
debug1: Trying private key: /Users/____/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
Password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
root@169.254.134.132's password: 
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
root@169.254.134.132's password: 
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
root@169.254.134.132's password: 
Received disconnect from 169.254.134.132 port 22:2: Too many authentication failures
Authentication failed.

using orangepipc.local doesn't help it,

the "-v" seems to be the debugging modem, and the result is above (with orangepipc.local one)

 

PS: using ping scan command "nmap -sn orangepipc.local" in nmap has that result, it should be the board doesn't even provide this URL???

Starting Nmap 7.40 ( https://nmap.org ) at 2017-04-23 01:25 HKT
Failed to resolve "orangepipc.local".
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 5.14 seconds

testing with  forum.armbian.com:

Starting Nmap 7.40 ( https://nmap.org ) at 2017-04-23 01:29 HKT
Nmap scan report for forum.armbian.com (93.103.15.56)
Host is up (0.34s latency).
rDNS record for 93.103.15.56: 93-103-15-56.static.t-2.net
Nmap done: 1 IP address (1 host up) scanned in 1.74 seconds

and the IP I've found in ifconfig

Starting Nmap 7.40 ( https://nmap.org ) at 2017-04-23 01:34 HKT
Nmap scan report for 169.254.134.132
Host is up.
Nmap done: 1 IP address (1 host up) scanned in 1.12 second

 

in this intense scan with TCP ports, looks like the SSH port is open, so I assume the SSH tunnel still exist, or there's some encryption/decryption issue?

Starting Nmap 7.40 ( https://nmap.org ) at 2017-04-23 01:37 HKT
NSE: Loaded 143 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 01:37
Completed NSE at 01:37, 0.00s elapsed
Initiating NSE at 01:37
Completed NSE at 01:37, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 01:37
Completed Parallel DNS resolution of 1 host. at 01:37, 0.02s elapsed
Initiating SYN Stealth Scan at 01:37
Scanning 169.254.134.132 [65535 ports]
Discovered open port 22/tcp on 169.254.134.132
Increasing send delay for 169.254.134.132 from 0 to 5 due to max_successful_tryno increase to 5
SYN Stealth Scan Timing: About 5.22% done; ETC: 01:47 (0:09:23 remaining)

 

Link to comment
Share on other sites

The IP address 169.254.134.132 is or is not the IP of your MAC ?

How did you figured out that this IP could be the one from OrangePiPC ?

If your router doesn't help to figure out the real IP of the OPi, your will need to connect using Serial USB-TTL and do "ifconfig" on the board itself.

"orangepipc.local" doesn't work until "avahi-daemon" is installed on the OPi, when you will get access to it, simply go "apt-get install avahi-daemon".

 

Link to comment
Share on other sites

10 hours ago, martinayotte said:

The IP address 169.254.134.132 is or is not the IP of your MAC ?

How did you figured out that this IP could be the one from OrangePiPC ?

If your router doesn't help to figure out the real IP of the OPi, your will need to connect using Serial USB-TTL and do "ifconfig" on the board itself.

"orangepipc.local" doesn't work until "avahi-daemon" is installed on the OPi, when you will get access to it, simply go "apt-get install avahi-daemon".

 

of course I've prove that, in a very simple but dumb way

First, I connect my board directly to my Macbook through LAN and Macbook is standalone, no internet or local network access

and then use "ping 169.254.134.132" to check its connectivity

during this process, I disconnect the LAN cable, and the packet start losing

so that's why I'm sure this IP is for that board, or it isn't?

Link to comment
Share on other sites

Hi twilipi

then it is clear. when you connect your two clients with a cable there is no DHCP server in this "network". So the desperate clients will construct an APIPA Address to try and communicate.

But when you connect the clients to your internet router, the DHCP server in it will give an other address to each client. you have to find out these new addresses! First on your macbook, say it will be something like 192.168.x.y. Then you can find out the address of your router, often 192.168.x.1.

and once you have this you enter your routers web interface with http://address.of.your.router .

There you can find out, what address it assigned to our opi, often in a list called "home network" or "DHCP table".

Finally connect to your opi at this address.

 

Link to comment
Share on other sites

This looks more like a common network problem then an Armbian problem. In general if you see somewhere a 169.254 address you know you have a problem......

These addresses are of a special range:

 

"in modern networks addresses are assigned by a DHCPserver. 

Most IPv4 hosts use link-local addressing only as a last resort. 

For these link-local addressing, IPv4 uses the special block 169.254.0.0/16 as described in RFC 3927." 

 

So you better first start thinking as a network technician. 

- is your Orange Pi connected to your network?

- find out which range your local network uses. Most times it starts with 192 or 172 or 10. If your local network ( your internet router) has a DHCP server it will provide your SoC also with a IP address. You can find this address in the lease table of your router. 

- poor mans solution would be to ping every address in the same range as your computer to see if any device is answering. 

 

And yes. First investment in the SoC hobby should be a USB serial cable!

Link to comment
Share on other sites

17 hours ago, tkaiser said:

Better try 'ssh -v root@orangepipc.local' instead

I forgot that Armbian doesn't add the 'avahi-autoipd' package for whatever reasons. Would solve such problems easily but usually Linux users hate stuff that 'just works'.

Link to comment
Share on other sites

1 hour ago, gnasch said:

Hi twilipi

then it is clear. when you connect your two clients with a cable there is no DHCP server in this "network". So the desperate clients will construct an APIPA Address to try and communicate.

But when you connect the clients to your internet router, the DHCP server in it will give an other address to each client. you have to find out these new addresses! First on your macbook, say it will be something like 192.168.x.y. Then you can find out the address of your router, often 192.168.x.1.

and once you have this you enter your routers web interface with http://address.of.your.router .

There you can find out, what address it assigned to our opi, often in a list called "home network" or "DHCP table".

Finally connect to your opi at this address.

 

umm, I've connect to that board directly, not through router, so I need to set it to manual and make a 192.168.x.x router adress on the preference>network page? 

I'm sorry that I'm definitely a n00b on this area

anyway, I've received a CP2102 TTL USB today, it should be much easier to connect...?(if yes, instruction needed.)

Link to comment
Share on other sites

3 minutes ago, twilipi said:

umm, I've connect to that board directly, not through router, so I need to set it to manual and make a 192.168.x.x router adress on the preference>network page? 

 

No, currently Armbian needs either a serial console, display+keyboard or a network with DHCP server. This commit (if not reverted) will fix that in the future. But for now you should reflash the OS image with Etcher, connect your board to the network if you want to set it up headless and if your router is not crappy you'll then be able to do both a 'ping orangepipc' and 'ssh root@orangepipc' after 2 minutes.

Link to comment
Share on other sites

6 minutes ago, martinayotte said:

'ping orangepipc.local' won't work on virgin image since avahi-daemon isn't installed by default.

Yep, I just tested it: avahi-daemon also installs libavahi-common-data, libavahi-common3 and libavahi-core7 and that increases image size by 888 KB. IMO worth adding it.

Link to comment
Share on other sites

@tkaiser, has it been added recently to builds (and how ?) ? in my recent builds I had to install it manually ...

 

Also, when I configure user-patches to install them during build process, it is installing them but failed to run their post-install scripts :

 

Setting up libavahi-common-data:arm64 (0.6.31-5) ...M
Setting up libavahi-common3:arm64 (0.6.31-5) ...M
Setting up libavahi-client3:arm64 (0.6.31-5) ...M
Setting up libavahi-core7:arm64 (0.6.31-5) ...M
Setting up libdaemon0:arm64 (0.14-6) ...M
Setting up avahi-daemon (0.6.31-5) ...M
You are required to change your password immediately (root enforced)M
chfn: PAM: Authentication token is no longer valid; new one requiredM
adduser: `/usr/bin/chfn -f Avahi mDNS daemon avahi' returned error code 1. Exiting.M
dpkg: error processing package avahi-daemon (--configure):M
 subprocess installed post-installation script returned error exit status 1M
dpkg: dependency problems prevent configuration of libnss-mdns:arm64:M
 libnss-mdns:arm64 depends on avahi-daemon (>= 0.6.16-1); however:M
  Package avahi-daemon is not configured yet.M
M
dpkg: error processing package libnss-mdns:arm64 (--configure):M
 dependency problems - leaving unconfiguredM
Setting up libtalloc2:arm64 (2.1.2-0+deb8u1) ...M
Setting up libwbclient0:arm64 (2:4.2.14+dfsg-0+deb8u5) ...M
Setting up samba-common (2:4.2.14+dfsg-0+deb8u5) ...M
M

 

Link to comment
Share on other sites

1 hour ago, op1tjaap said:

This is also also a nice post about an Orange Pi Zero

Unfortunately mentioning Win32DiskImager to burn OS images. When do people stop recommending such crappy tools?

 

7 hours ago, martinayotte said:

when I configure user-patches to install them during build process, it is installing them but failed to run their post-install scripts

But at least it works when booting the image the first time:

macbookpro-tk:~ tk$ ping clearfogbase.local
PING clearfogbase.local (192.168.83.130): 56 data bytes
64 bytes from 192.168.83.130: icmp_seq=0 ttl=64 time=84.344 ms
64 bytes from 192.168.83.130: icmp_seq=1 ttl=64 time=4.982 ms
64 bytes from 192.168.83.130: icmp_seq=2 ttl=64 time=4.568 ms
^C

Still I think we should add 'avahi-daemon' to $PACKAGE_LIST_ADDITIONAL

Link to comment
Share on other sites

@tkaiser, that what I did when adding it as user-patches, but it is partially failed with (as mentioned above) :

 

chfn: PAM: Authentication token is no longer valid; new one requiredM
adduser: `/usr/bin/chfn -f Avahi mDNS daemon avahi' returned error code 1. Exiting.M

 

Link to comment
Share on other sites

just want to clarify that is it a need to turn on the internet sharing in order to connect the board?

and after turn it on, the IPv4 of the macbook will change it to 192 or 172 or 10 instead of that "link-local" ?

I haven't try it yet but I'd like to know it earlier:P

reference:

http://mycyberuniverse.com/mac-os/connect-to-raspberry-pi-from-a-mac-using-ethernet.html

 

Link to comment
Share on other sites

5 hours ago, twilipi said:

just want to clarify that is it a need to turn on the internet sharing in order to connect the board?

 

No, there is no 'need' to do so (though it will work). Just stop making things complicated, add your board to your network (where a router with DHCP server is active?), switch it on and access 'ssh root@orangepipc' 2 minutes later. Everyone does it this way so it should work for you too.

Link to comment
Share on other sites

I agree with tkaiser. You are making things to complicated. You are trying to let your Mac act as a DHCP server.. Possible...but complicated!

 

Please try to connect your OrangePi like it is an ordinary PC / Mac with wired network. So connect it to your network switch.

Then your OrangePi will get an IP address. Look it up in your router DHCP leases table which address it is...

If you succeded so far you can connect to it with ssh with user root and password 1234

 

See this image:

 

orangepi-network.jpg.b7eb96967877d32bad158c56dfce9180.jpg

Link to comment
Share on other sites

I've got couple of hour to play again with my orange pi pc

before this moment, I've taken a little research on direct connection between linux SBCs and Mac

this time, I've set the internet sharing from wifi to ethernet

this should make a basic router with DHCP address leasing, if my concept is correct

then arp- a

 

dyn-XXX:~ XXX$ arp -a
XXX (XXX) at XXXon en1 ifscope [ethernet]
XXX (XXX) at ff:ff:ff:ff:ff:ff on en1 ifscope [ethernet]
? (192.168.2.3) at XXX on bridge100 ifscope [bridge]
? (192.168.2.255) at ff:ff:ff:ff:ff:ff on bridge100 ifscope [bridge]
? (XXXX) at XXX on en1 ifscope permanent [ethernet]

 

 

 

seems arp -a is to find a list of established connection with my Mac

and my main target is 192.168.2.3 or 192.168.2.255, coz those are the local network IP, but 255 is broadcast IP, so properly my pi is 2.3 one

and then


 

root@192.168.2.3's password: (ornagepi)
 ____      _         ___                               ____  _   _____  ___  
|  _ \ ___| |_ _ __ / _ \ _ __ __ _ _ __   __ _  ___  |  _ \(_) |___ / / _ \ 
| |_) / _ \ __| '__| | | | '__/ _` | '_ \ / _` |/ _ \ | |_) | |   |_ \| | | |
|  _ <  __/ |_| |  | |_| | | | (_| | | | | (_| |  __/ |  __/| |  ___) | |_| |
|_| \_\___|\__|_|   \___/|_|  \__,_|_| |_|\__, |\___| |_|   |_| |____(_)___/ 
                                          |___/                              

Welcome to ARMBIAN Debian GNU/Linux 8 (jessie) 3.4.113-RetrOrangePi--sun8i 
System load:   0.49            Up time:       2 min
Memory usage:  23 % of 1000Mb IP:            192.168.2.3
CPU temp:      37°C           
Usage of /:    31% of 14G   

 

 

 

YAY! I made it! (although it’s a retrorangepi disto)

 

btw I’ve changed the ip address into static, but those command seems invalid?

iface eth0 inet static
    address 192.168.1.100
    netmask 255.255.255.0
    gateway 192.168.1.1

 

next step: VNC, wifi and G_ether :P

 

once again, thanks m8!

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines