AFP548 - nbirnbaum's Replies

Forum Replies Created

Viewing 5 posts - 1 through 5 (of 5 total)

Author

Posts
November 2, 2006 at 12:46 am in reply to: enabling AFP over SSH #367501

nbirnbaum
Participant

A gazillion gabillion thanks to all who stuck with me on this issue. The solution came about by troubleshooting the SSH connection from the client: ssh -vv user@server

This spit out a whole lotta debugging junk, but before I flushed crimson and went back to OS 9, I noticed the lines,

debug1: An invalid name was supplied
Cannot determine realm for numeric host address

No surprise, because I was connecting with the server’s IP address (i.e. [email protected].1.2). That’s because the workstation is using the router for DNS, and doesn’t know the server’s DNS name.

So, just to get this error out of the way (not expecting it to lead to a solution), I put an entry in the workstation’s /etc/hosts for the server’s name and connected that way. Worked fine, so I went into the AFP Connect to Server dialog and entered the server’s “new” hostname and… voila! Secure connection city!

I don’t know enough about SSH to understand why a connection to the IP address didn’t work, but a connection to the name did. If anybody would like to bring down the learnin’, please do.

Thanks once again to everybody.

Noam

November 1, 2006 at 12:45 am in reply to: enabling AFP over SSH #367499

nbirnbaum
Participant

I captured the packets that describe the transaction. What’s weird is that there are no packets on the SSH port:

No. Time Source Destination Protocol Info
297 4.099816 192.168.2.12 192.168.2.150 TCP 61995 > afpovertcp [SYN] Seq=0 Len=0 MSS=1460 WS=2 TSV=776625822 TSER=0

Frame 297 (82 bytes on wire, 82 bytes captured)
Ethernet II, Src: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9), Dst: AppleCom_0a:69:70 (00:03:93:0a:69:70)
Internet Protocol, Src: 192.168.2.12 (192.168.2.12), Dst: 192.168.2.150 (192.168.2.150)
Transmission Control Protocol, Src Port: 61995 (61995), Dst Port: afpovertcp (548), Seq: 0, Len: 0
Source port: 61995 (61995)
Destination port: afpovertcp (548)
Sequence number: 0 (relative sequence number)
Header length: 44 bytes
Flags: 0x0002 (SYN)
Window size: 262140 (scaled)
Checksum: 0x6951 [correct]
Options: (24 bytes)

No. Time Source Destination Protocol Info
298 4.099986 192.168.2.150 192.168.2.12 TCP afpovertcp > 61995 [SYN, ACK] Seq=0 Ack=1 Win=131070 [TCP CHECKSUM INCORRECT] Len=0 MSS=1460 WS=1 TSV=346735601 TSER=776625822

Frame 298 (74 bytes on wire, 74 bytes captured)
Ethernet II, Src: AppleCom_0a:69:70 (00:03:93:0a:69:70), Dst: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9)
Internet Protocol, Src: 192.168.2.150 (192.168.2.150), Dst: 192.168.2.12 (192.168.2.12)
Transmission Control Protocol, Src Port: afpovertcp (548), Dst Port: 61995 (61995), Seq: 0, Ack: 1, Len: 0
Source port: afpovertcp (548)
Destination port: 61995 (61995)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 40 bytes
Flags: 0x0012 (SYN, ACK)
Window size: 131070 (scaled)
Checksum: 0x8621 [incorrect, should be 0xd19b (maybe caused by checksum offloading?)]
Options: (20 bytes)

No. Time Source Destination Protocol Info
299 4.100703 192.168.2.12 192.168.2.150 TCP 61995 > afpovertcp [ACK] Seq=1 Ack=1 Win=196928 Len=0 TSV=776625822 TSER=346735601

Frame 299 (70 bytes on wire, 70 bytes captured)
Ethernet II, Src: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9), Dst: AppleCom_0a:69:70 (00:03:93:0a:69:70)
Internet Protocol, Src: 192.168.2.12 (192.168.2.12), Dst: 192.168.2.150 (192.168.2.150)
Transmission Control Protocol, Src Port: 61995 (61995), Dst Port: afpovertcp (548), Seq: 1, Ack: 1, Len: 0
Source port: 61995 (61995)
Destination port: afpovertcp (548)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
Window size: 196928 (scaled)
Checksum: 0x3d10 [correct]
Options: (12 bytes)

No. Time Source Destination Protocol Info
300 4.100910 192.168.2.12 192.168.2.150 DSI Request GetStatus (1)

Frame 300 (88 bytes on wire, 88 bytes captured)
Ethernet II, Src: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9), Dst: AppleCom_0a:69:70 (00:03:93:0a:69:70)
Internet Protocol, Src: 192.168.2.12 (192.168.2.12), Dst: 192.168.2.150 (192.168.2.150)
Transmission Control Protocol, Src Port: 61995 (61995), Dst Port: afpovertcp (548), Seq: 1, Ack: 1, Len: 18
Source port: 61995 (61995)
Destination port: afpovertcp (548)
Sequence number: 1 (relative sequence number)
[Next sequence number: 19 (relative sequence number)]
Acknowledgement number: 1 (relative ack number)
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 196928 (scaled)
Checksum: 0x2df0 [correct]
Options: (12 bytes)
Data Stream Interface

No. Time Source Destination Protocol Info
301 4.100949 192.168.2.150 192.168.2.12 TCP afpovertcp > 61995 [ACK] Seq=1 Ack=19 Win=65518 [TCP CHECKSUM INCORRECT] Len=0 TSV=346735601 TSER=776625822

Frame 301 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: AppleCom_0a:69:70 (00:03:93:0a:69:70), Dst: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9)
Internet Protocol, Src: 192.168.2.150 (192.168.2.150), Dst: 192.168.2.12 (192.168.2.12)
Transmission Control Protocol, Src Port: afpovertcp (548), Dst Port: 61995 (61995), Seq: 1, Ack: 19, Len: 0
Source port: afpovertcp (548)
Destination port: 61995 (61995)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 19 (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
Window size: 65518 (scaled)
Checksum: 0x8619 [incorrect, should be 0x7d57 (maybe caused by checksum offloading?)]
Options: (12 bytes)

No. Time Source Destination Protocol Info
302 4.102685 192.168.2.150 192.168.2.12 DSI Reply GetStatus (1)

Frame 302 (612 bytes on wire, 612 bytes captured)
Ethernet II, Src: AppleCom_0a:69:70 (00:03:93:0a:69:70), Dst: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9)
Internet Protocol, Src: 192.168.2.150 (192.168.2.150), Dst: 192.168.2.12 (192.168.2.12)
Transmission Control Protocol, Src Port: afpovertcp (548), Dst Port: 61995 (61995), Seq: 1, Ack: 19, Len: 546
Source port: afpovertcp (548)
Destination port: 61995 (61995)
Sequence number: 1 (relative sequence number)
[Next sequence number: 547 (relative sequence number)]
Acknowledgement number: 19 (relative ack number)
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 65534 (scaled)
Checksum: 0x883b [incorrect, should be 0x98f2 (maybe caused by checksum offloading?)]
Options: (12 bytes)
Data Stream Interface

No. Time Source Destination Protocol Info
303 4.102896 192.168.2.150 192.168.2.12 TCP afpovertcp > 61995 [FIN, ACK] Seq=547 Ack=19 Win=65536 [TCP CHECKSUM INCORRECT] Len=0 TSV=346735601 TSER=776625822

Frame 303 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: AppleCom_0a:69:70 (00:03:93:0a:69:70), Dst: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9)
Internet Protocol, Src: 192.168.2.150 (192.168.2.150), Dst: 192.168.2.12 (192.168.2.12)
Transmission Control Protocol, Src Port: afpovertcp (548), Dst Port: 61995 (61995), Seq: 547, Ack: 19, Len: 0
Source port: afpovertcp (548)
Destination port: 61995 (61995)
Sequence number: 547 (relative sequence number)
Acknowledgement number: 19 (relative ack number)
Header length: 32 bytes
Flags: 0x0011 (FIN, ACK)
Window size: 65536 (scaled)
Checksum: 0x8619 [incorrect, should be 0x7b2b (maybe caused by checksum offloading?)]
Options: (12 bytes)

No. Time Source Destination Protocol Info
304 4.129023 192.168.2.12 192.168.2.150 TCP 61995 > afpovertcp [ACK] Seq=19 Ack=547 Win=196380 Len=0 TSV=776625822 TSER=346735601

Frame 304 (70 bytes on wire, 70 bytes captured)
Ethernet II, Src: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9), Dst: AppleCom_0a:69:70 (00:03:93:0a:69:70)
Internet Protocol, Src: 192.168.2.12 (192.168.2.12), Dst: 192.168.2.150 (192.168.2.150)
Transmission Control Protocol, Src Port: 61995 (61995), Dst Port: afpovertcp (548), Seq: 19, Ack: 547, Len: 0
Source port: 61995 (61995)
Destination port: afpovertcp (548)
Sequence number: 19 (relative sequence number)
Acknowledgement number: 547 (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
Window size: 196380 (scaled)
Checksum: 0x3b65 [correct]
Options: (12 bytes)

No. Time Source Destination Protocol Info
305 4.129122 192.168.2.12 192.168.2.150 TCP 61995 > afpovertcp [ACK] Seq=19 Ack=548 Win=196380 Len=0 TSV=776625822 TSER=346735601

Frame 305 (70 bytes on wire, 70 bytes captured)
Ethernet II, Src: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9), Dst: AppleCom_0a:69:70 (00:03:93:0a:69:70)
Internet Protocol, Src: 192.168.2.12 (192.168.2.12), Dst: 192.168.2.150 (192.168.2.150)
Transmission Control Protocol, Src Port: 61995 (61995), Dst Port: afpovertcp (548), Seq: 19, Ack: 548, Len: 0
Source port: 61995 (61995)
Destination port: afpovertcp (548)
Sequence number: 19 (relative sequence number)
Acknowledgement number: 548 (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
Window size: 196380 (scaled)
Checksum: 0x3b64 [correct]
Options: (12 bytes)

No. Time Source Destination Protocol Info
306 4.129253 192.168.2.12 192.168.2.150 TCP 61995 > afpovertcp [FIN, ACK] Seq=19 Ack=548 Win=196380 Len=0 TSV=776625822 TSER=346735601

Frame 306 (70 bytes on wire, 70 bytes captured)
Ethernet II, Src: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9), Dst: AppleCom_0a:69:70 (00:03:93:0a:69:70)
Internet Protocol, Src: 192.168.2.12 (192.168.2.12), Dst: 192.168.2.150 (192.168.2.150)
Transmission Control Protocol, Src Port: 61995 (61995), Dst Port: afpovertcp (548), Seq: 19, Ack: 548, Len: 0
Source port: 61995 (61995)
Destination port: afpovertcp (548)
Sequence number: 19 (relative sequence number)
Acknowledgement number: 548 (relative ack number)
Header length: 32 bytes
Flags: 0x0011 (FIN, ACK)
Window size: 196380 (scaled)
Checksum: 0x3b63 [correct]
Options: (12 bytes)

No. Time Source Destination Protocol Info
307 4.129299 192.168.2.150 192.168.2.12 TCP afpovertcp > 61995 [ACK] Seq=548 Ack=20 Win=65536 [TCP CHECKSUM INCORRECT] Len=0 TSV=346735602 TSER=776625822

Frame 307 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: AppleCom_0a:69:70 (00:03:93:0a:69:70), Dst: AppleCom_7f:b1:f9 (00:14:51:7f:b1:f9)
Internet Protocol, Src: 192.168.2.150 (192.168.2.150), Dst: 192.168.2.12 (192.168.2.12)
Transmission Control Protocol, Src Port: afpovertcp (548), Dst Port: 61995 (61995), Seq: 548, Ack: 20, Len: 0
Source port: afpovertcp (548)
Destination port: 61995 (61995)
Sequence number: 548 (relative sequence number)
Acknowledgement number: 20 (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
Window size: 65536 (scaled)
Checksum: 0x8619 [incorrect, should be 0x7b29 (maybe caused by checksum offloading?)]
Options: (12 bytes)

*******

Any suggestions would be GREATLY appreciated. Thanks!

October 31, 2006 at 8:39 pm in reply to: enabling AFP over SSH #367498

nbirnbaum
Participant

Those ports are both open. Have made no SSH config changes. The user does have shell assigned, though when I SSH in I get the message, “Could not chdir to home directory /Network/Servers/server.macgeeks.mcs/Users/test: No such file or directory,” even though I assigned a home dir to the user. :question:

September 2, 2004 at 9:46 pm in reply to: changing users’ passwords via command line #358978

nbirnbaum
Participant

Thanks, Joel. As it turns out, passwd wasn’t working because of misconfigured DNS and hence misconfigured Kerberos.

So okay. passwd works. But.

I’m trying to figure out how to set a user’s password type from Crypt to Open Directory via the command line. I’ve tried duplicating a valid user’s AuthenticationAuthority attribute to another user via dscl but no dice. Any genius suggestions?

Thanks,
Noam

August 24, 2004 at 4:48 am in reply to: Changing passwords for POP3 only users #358880

nbirnbaum
Participant

Can you give me an example of the correct syntax to be used by the ldapmodify command in order to change the users’ passwords?
Author

Posts

Viewing 5 posts - 1 through 5 (of 5 total)

Forum Replies Created

Recent Forum Topics

Recent Comments