2024-06-30 Connecting the laptop to the server using UUCP ========================================================= I recently connected my server to another server via UUCP. Now I'm thinking that perhaps I'd like to connect my laptop as another node to it. I probably don't need it, because I connected the laptop to the server via NNCP. But still. Perhaps @lkh@social.sdfeu.org still wants to do stuff via UUCP. Perhaps it is the completionist in me. For reference, see UUCP over SSH by @bortzmeyer@mastodon.gougere.fr. Since we're using SSH, there will be a key pair, and since we're using UUCP, we'll still a username and password. It's going to be both. I know, why aren't we using NNCP. Generate the key pair. cd /var/spool/uucp sudo mkdir .ssh sudo chown uucp:uucp .ssh cd .ssh sudo -u uucp ssh-keygen -C "uucp@melanobombus" -f id_rsa The file uucp-key.pub now has the public key. On the server (!), add a line to /var/spool/uucp/.ssh/authorized_keys , replacing the public key: restrict,command="/usr/sbin/uucico -u Umelanobombus -l" ssh-rsa KEY_FROM_ID_RSA_PUB uucp@dwalin We will be using the username Umelanobombus to connect to the server. This is not a real user! On the server, save username and password in /etc/uucp/passwd. Umelanobombus *secret* On the laptop, save system name, username and the same password in /etc/uucp/call. sibirocobombus Umelanobombus *secret* Now we have both levels: the public and private keys that allow the uucp user to connect via ssh – and the username and password that is used by uucp. Define our own name in /etc/uucp/config on the laptop. nodename melanobombus Let's add the system to /etc/uucp/sys. That is, on the laptop, define the server we're going to call. Since I already know that sibirocobombus will report itself as campaignwiki, I'm setting up an alias. The commands line is important because by default only rmail and rnews are allowed but I want to allow rsmtp, too. The chat script waits for the "Password:" prompt and then sends it. Note that this chat script is much shorter than the one used in "UUCP over SSH", linked above. Apparently there's no "Login:" prompt on my server so I had to change it. system sibirocobombus alias campaignwiki commands rmail rnews rsmtp call-login * call-password * time any chat Password: \P chat-timeout 30 protocol i port ssh_campaignwiki Add the new port to etc/uucp/port. Note that I'm listening to incoming ssh connections on a non-standard port so I have to provide. Also note that here we're defining the uucp "port" with a non-standard ssh "port". Just in case you're not already confused. port ssh_campaignwiki type pipe command /usr/bin/ssh -a -x -q -p 882 uucp@campaignwiki.org reliable true protocol etyig Before doing our first test, make sure that the server is a "known host" on the laptop, for the uucp user. Note how I am not using -q because I want to see the prompt! The password to give on the prompt is the one in /etc/uucp/call. sudo -u uucp ssh -p 882 uucp@campaignwiki.org The authenticity of host '[campaignwiki.org]:882 ([2a02:418:6a04:178:209:50:237:1]:882)' can't be established. ED25519 key fingerprint is SHA256:ups6Q5G8Ab5QT/cTnrv5FpdmdvVtK09ZG8j1ToEBV9c. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[campaignwiki.org]:882' (ED25519) to the list of known hosts. PTY allocation request failed on channel 0 Password: *secret* Shere=campaignwiki ^C Let's add the laptop to /etc/uucp/sys on the server. Since the server is never going to call the laptop, no credentials and no port is required. system melanobombus called-login Umelanobombus commands rmail rnews rsmtp local-send / local-receive /var/spool/uucppublic remote-send / remote-receive /var/spool/uucppublic time any forward ANY protocol i Let's test it! On the client: echo hallo > hallo.txt uucp hallo.txt 'sibirocobombus!~/' Let's check the log. This is what it looks like when things don't work: uulog|tail uucp sibirocobombus alex (2024-06-30 18:02:27.50 9274) Queuing send of /home/alex/hallo.txt to ~/ uucico sibirocobombus - (2024-06-30 18:02:27.50 9275) Calling system sibirocobombus (port ssh_campaignwiki) uucico sibirocobombus - (2024-06-30 18:02:31.51 9275) ERROR: Line disconnected You can try to replace -q with -v in /etc/uucp/port in order to see what ssh has to say. If you try again, the log says that the system is not ready to try again: uucp sibirocobombus alex (2024-06-30 18:04:47.94 9454) Queuing send of /home/alex/hallo.txt to ~/ uucico sibirocobombus - (2024-06-30 18:04:47.94 9455) Retry time not reached Force a call and check the log again. sudo -u uucp uucico -S sibirocobombus You might be specifying the wrong login, or using the wrong chat script. On the server, the log might look as follows: uulog|tail uucico - - (2024-06-30 17:56:42.92 1245805) Incoming call (login Umelanobombus port stdin) uucico - - (2024-06-30 17:56:49.12 1245805) ERROR: Line disconnected uucico - - (2024-06-30 18:02:30.70 1247584) ERROR: Bad login uucico - - (2024-06-30 18:07:25.26 1248690) ERROR: Bad login Check the passwords: 1. /etc/uucp/call on the laptop says what username and password to use 2. /etc/uucp/passwd on the server says what username and password to accept, separated by a TAB (!) Check the system: 1. /etc/uucp/config on the laptop says what the client is called 2. /etc/uucp/sys on the laptop says what the server is called and how to connect to it, using what port 3. /etc/uucp/port on the laptop describes that port 4. /etc/uucp/sys on the server says what the client is called, what username to expect Check the login again, by going through it by hand. Check whether the chat script would have worked. sudo -u uucp ssh -p 882 uucp@campaignwiki.org PTY allocation request failed on channel 0 Password: *secret* Shere=campaignwiki ^C When calling the server, specify a high debugging level: sudo -u uucp uucico -x 11 -S sibirocobombus To look at the debug output. Here's an example where I mistyped the nodename in /etc/uucp/config on the laptop: sudo uulog -D uucico - - (2024-06-30 19:06:09.74 14487) DEBUG: usysdep_detach: Forked; old PID 14486, new pid 14487 uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: fsysdep_get_work_init: Found C.NPBZaHpAACZk uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: fsysdep_get_work_init: Found C.NPDpxIuAACce uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: fconn_open: Opening port ssh_campaignwiki (default speed) uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) Calling system sibirocobombus (port ssh_campaignwiki) uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: Forking /usr/bin/ssh -a -x -v -p 882 uucp@campaignwiki.org uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: icexpect: Looking for 5 "word:" uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: icexpect: Got "Password:" (found it) uucico sibirocobombus - (2024-06-30 19:06:10.32 14487) DEBUG: fcsend: Writing password "*secret*\r" uucico sibirocobombus - (2024-06-30 19:06:10.32 14487) DEBUG: zget_uucp_cmd: Got "\020Shere=campaignwiki\000" uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) Login successful uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) DEBUG: fsend_uucp_cmd: Sending "Smelanobobus -R -N047" uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) DEBUG: fconn_write: Writing 23 "\020Smelanobobus -R -N047\000" uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) DEBUG: zget_uucp_cmd: Got "\020RYou are unknown to me\000" uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) ERROR: Handshake failed (You are unknown to me) uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) DEBUG: fconn_close: Closing connection uucico sibirocobombus - (2024-06-30 19:06:10.43 14487) DEBUG: Call failed: 4 (Handshake failed) If everything worked, however, the log on the client says: uulog uucico sibirocobombus - (2024-06-30 19:18:07.77 15159) Calling system sibirocobombus (port ssh_campaignwiki) uucico sibirocobombus - (2024-06-30 19:18:08.40 15159) Login successful uucico sibirocobombus - (2024-06-30 19:18:08.41 15159) Handshake successful (protocol 'i' sending packet/window 1024/16 receiving 1024/16) uucico sibirocobombus alex (2024-06-30 19:18:08.42 15159) Sending /home/alex/hallo.txt (6 bytes) uucico sibirocobombus alex (2024-06-30 19:18:08.42 15159) Sending /home/alex/hallo.txt (6 bytes) uucico sibirocobombus - (2024-06-30 19:18:08.42 15159) Protocol 'i' packets: sent 9, resent 0, received 7 uucico sibirocobombus - (2024-06-30 19:18:08.42 15159) Call complete (0 seconds 12 bytes 0 bps) The log on the server says: uucico - - (2024-06-30 19:18:08.89 1265032) Incoming call (login Umelanobombus port stdin) uucico melanobombus - (2024-06-30 19:18:08.90 1265032) Handshake successful (protocol 'i' sending packet/window 1024/16 receiving 1024/16) uucico melanobombus alex (2024-06-30 19:18:08.90 1265032) Receiving /var/spool/uucppublic/hallo.txt (6 bytes) uucico melanobombus alex (2024-06-30 19:18:08.90 1265032) Receiving /var/spool/uucppublic/hallo.txt (6 bytes) uucico melanobombus - (2024-06-30 19:18:08.91 1265032) Protocol 'i' packets: sent 6, resent 0, received 8 uucico melanobombus - (2024-06-30 19:18:08.91 1265032) Call complete (0 seconds 12 bytes 0 bps) And the file is in the public area: ls /var/spool/uucppublic/ hallo.txt And in the other direction, send a similar file to alex@melanobombus. uuto hallo.txt 'melanobombus!alex' On the laptop: sudo -u uucp uucico -S sibirocobombus uupick from campaignwiki: file hallo.txt ? m . And I have it! Don't fogert the warning in the uuto documentation: > Note that `uuto' does not provide any security – any user on the > remote system can examine the files. We really should have used NNCP! 😄 ​#Administration #UUCP ​#UUCP