Re: fatal: Fssh_packet_write_poll: Connection from xxx.xxx.xx.xx port yyyyy: Permission denied

From: KIRIYAMA Kazuhiko <kiri_at_kx.openedu.org> Date: Mon, 28 Nov 2016 17:49:24 +0900 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:09 UTC

At Wed, 23 Nov 2016 17:24:32 +0900,
my wrote:
> 
> At Tue, 22 Nov 2016 10:47:17 -0500,
> Allan Jude wrote:
> > 
> > [1 Re: fatal: Fssh_packet_write_poll: Connection from xxx.xxx.xx.xx port yyyyy: Permission denied <multipart/mixed (7bit)>]
> > [1.1  <text/plain; windows-1252 (quoted-printable)>]
> > On 2016-11-22 02:37, KIRIYAMA Kazuhiko wrote:
> > > Hi, all
> > > 
> > > I've updated to HEAD(r308871) at 2 days ago, and also ports
> > > too(r426562). Then all stuffs including applications have
> > > been updated and tried to slogin to this host,but can't
> > > connect with the message `userauth_pubkey: key type ssh-dss
> > > not in PubkeyAcceptedKeyTypes [preauth]' in
> > > /var/log/auth.log. I found new OpenSSH-7.* has not been
> > > supported DSA and to connect from client with old ssh(lower
> > > than OpenSSH-7.0),set `ssh-dss' or some values set to
> > > relevant variables in /etc/ssh/sshd_config. According to [1]
> > > and [2] I've set these variables as below:
> > > 
> > > PubkeyAcceptedKeyTypes=+ssh-dss
> > > HostKeyAlgorithms=+ssh-dss
> > > KexAlgorithms=+diffie-hellman-group-exchange-sha256
> > > 
> > > and successfully slogined:
> > > 
> > 
> > snip
> > 
> > > 
> > > And with the message `fatal: Fssh_packet_write_poll:
> > > Connection from xxx.xxx.xx.xx port yyyyy: Permission denied'
> > > in /var/log/auth.log:

I've tried to between *same* version(r308871) with
RSA,but failed to the same message:

admin_at_kx:~ % scp /jails/backup/hosts/201606020717/vm/wrk/* bhy:/vm/images
freebsd-10r.img                                    0%    0     0.0KB/s   --:-- ETAFssh_packet_write_poll: Connection to xxx.xxx.xx.xx port yyyyy: Permission denied
lost connection
admin_at_kx:~ % 

I found whole filesystem looks like set NFSv4 ACLs. Is this
right?

admin_at_kx:~ % getfacl /
# file: /
# owner: root
# group: wheel
            owner_at_:rwxp--aARWcCos:-------:allow
            group_at_:r-x---a-R-c--s:-------:allow
         everyone_at_:r-x---a-R-c--s:-------:allow
admin_at_kx:~ % getfacl /tmp
# file: /tmp
# owner: root
# group: wheel
            owner_at_:rwxp--aARWcCos:-------:allow
            group_at_:rwxp--a-R-c--s:-------:allow
         everyone_at_:rwxp--a-R-c--s:-------:allow
admin_at_kx:~ % getfacl /var/tmp
# file: /var/tmp
# owner: root
# group: wheel
            owner_at_:rwxp--aARWcCos:-------:allow
            group_at_:rwxp--a-R-c--s:-------:allow
         everyone_at_:rwxp--a-R-c--s:-------:allow
admin_at_kx:~ % 

---
KIRIYAMA Kazuhiko