[Info-vax] Eisner/Encompasserve down

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Thu Sep 5 14:44:36 EDT 2024 

On 2024-09-05 16:49:00 +0000, John H. Reinhardt said:

> I don't know if this helps any.  I make a successful connection.  I 
> have an older version of Open SSH 8.6p1 vs 9.0p1
> 
> For some of my older OpenVMS systems I do have to specify specific algorithms.
> 
> Host    asimov
>      HostName            asimov.xxxxxxxx.xxx
>      KexAlgorithms       +diffie-hellman-group1-sha1
>      HostKeyAlgorithms   +ssh-dss
>      Ciphers             aes128-cbc
> 
> But nothing special for eisner
> 
> Host    eisner
>      HostName            eisner.decus.org
>      Port                22867
>      User                reinhardt


Yeah; my ~/.ssh/config was a little more complex than yours. The ssh 
connection was still refused after temporarily nerfing all that.


Tried the usual fallback and some extensions to contend with ssh-dss 
deprecation in recent versions (with the ssh commands listed in my 
earlier reply), as well.


Tried forcing password only access, and that via the registration user:

% ssh -o PubkeyAuthentication=no -o PreferredAuthentications=password 
-p 22867 registration at eisner.decus.org
ssh: connect to host eisner.decus.org port 22867: Connection refused
%


Comcast routing looks funky, but then Comcast routing often looks funky:

% traceroute eisner.decus.org
traceroute to eisner.decus.org (192.42.95.250), 64 hops max, 52 byte packets
[expurgated]
 4  burl-lnk-70-109-168-28.ngn.east.myfairpoint.net (70.109.168.28)  
10.272 ms  10.027 ms  10.388 ms
 5  et-0-3-0.mpr1.yul1.ca.zip.zayo.com (64.124.142.45)  12.110 ms  
12.093 ms  12.184 ms
 6  * * *
 7  * * *
 8  be-202-pe11.111eighthave.ny.ibone.comcast.net (50.242.151.213)  
24.940 ms  24.781 ms  30.398 ms
 9  be-3311-cs03.newyork.ny.ibone.comcast.net (96.110.34.25)  29.100 ms
    be-3111-cs01.newyork.ny.ibone.comcast.net (96.110.34.17)  25.225 ms 
 24.952 ms
10  be-32011-ar01.needham.ma.boston.comcast.net (96.110.42.2)  31.394 
ms  26.703 ms
    be-32041-ar01.needham.ma.boston.comcast.net (96.110.42.14)  158.537 ms
11  be-1-sur02.framingham.ma.boston.comcast.net (96.108.69.50)  26.929 
ms  26.606 ms  31.571 ms
12  eisner.decus.org (192.42.95.250)  31.720 ms  31.621 ms  26.567 ms
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
^C
%


Nmap is happy:

% nmap -F eisner.decus.org
Starting Nmap 7.92 ( https://nmap.org ) at 2024-09-05 14:20 EDT
Nmap scan report for eisner.decus.org (192.42.95.250)
Host is up (0.030s latency).
Not shown: 93 filtered tcp ports (no-response)
PORT    STATE  SERVICE
21/tcp  closed ftp
25/tcp  closed smtp
53/tcp  closed domain
80/tcp  closed http
443/tcp closed https
587/tcp closed submission
993/tcp closed imaps

Nmap done: 1 IP address (1 host up) scanned in 5.08 seconds
%


On the off chance it's something within the macOS DNS or mDNS local 
universe, the following was checked and was found working:

% dscacheutil -q host -a name eisner.decus.org
name: eisner.decus.org
ip_address: 192.42.95.250

%
% dns-sd -G v4v6 eisner.decus.org
DATE: ---Thu 05 Sep 2024---
14:36:43.045  ...STARTING...
Timestamp     A/R  Flags         IF  Hostname                           
    Address                                      TTL
14:36:43.046  Add  40000003       0  eisner.decus.org.                  
    0000:0000:0000:0000:0000:0000:0000:0000%<0>  752   No Such Record
14:36:43.046  Add  40000002       0  eisner.decus.org.                  
    192.42.95.250                                2252
%


As for another symptom: Safari can't connect to the server 
https://eisner.decus.org.  That's Safari on macOS 13.6.9, with Safari 
Version 17.6 (18618.3.11.11.7, 18618).


Firewall?  Something doing DPI?  Virtual network in the hypervisor?




-- 
Pure Personal Opinion | HoffmanLabs LLC

More information about the Info-vax mailing list