[Buildroot] openssh - kernel messages upon connection attempts (always ending with "connection reset" at the other end)

Arnout Vandecappelle arnout at mind.be
Wed Oct 20 12:01:08 UTC 2021



On 20/10/2021 13:36, Steve wrote:
> Hello all,
> 
> I recently downloaded buildroot and used the default config for RasperryPi3, 
> altered to add openssh, among a couple other things.
> (no idea whether that matters, I am using a USB connection from the raspi 
> running g_cdc driver (ethernet + serial gadget), and am trying to ssh into it 
> from the USB host computer the raspi is plugged into)
> 
> I have found that root ssh'ing into the machine is off by default. So I altered 
> the sshd_config to, for now, say yes to PermitRootLogin. (I'll look into how to 
> add a non-root user later - but this here *should* normally work, right? UNless 
> something is broken)
> Still, on the computer that tries to SSH into the buildroot raspi, I get 
> "connection reset" immediately.
> 
> There is a kernel message for each such attempt:
>    "audit: type=1326 audit (time...) auid=... uid=1000 gid=1000 ses=... pid=... 
> comm="sshd" exe="/usr/sbin/sshd" sig=31 arch=40000028 syscall=413 compat=0 
> ip=... code=0x0"

  This comes from SELinux. However, the raspberrypi3_defconfig enables AppArmor, 
not SELinux (and AFAIK AppArmor doesn't give messages like this). So somehow you 
did something weird there...

  Anyway, the problem is that your AppArmor or SELinux setup is not correct to 
allow sshd.

  The htop problem might be the same.

  Regards,
  Arnout

> 
> (the dots replace numbers I guess are pointless to type)
> 
> I searched a bit around and found threads in forums with similar seeming 
> problems but somewhat different numbers in the message, claims of some problem 
> with this stuff and libc6 and linux versions prior to 5.1, well if I "uname -a" 
> here, it says "5.10.46-v7", I guess that one should not have *that* problem, 
> unless it has nothing to do with that.
> 
> Any ideas?
> 
> _______________________________________________
> buildroot mailing list
> buildroot at buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
> 


More information about the buildroot mailing list