Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[yikoru]

Hello!
I am having 2 problems with the DNS-320L SSH service
the first is with the keys, every time I restart the NAS the keys change and I find the following error

Code: [Select]

[yikoru@yikoru-pc ~]$ ssh admin@10.255.255.254
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the DSA key sent by the remote host is
SHA256:JL8RxfBnCEF0hca9PWOrNR4bsMh49XK/iKkhtQe/i9M.
Please contact your system administrator.
Add correct host key in /home/yikoru/.ssh/known_hosts to get rid of this message.
Offending DSA key in /home/yikoru/.ssh/known_hosts:9
DSA host key for 10.255.255.254 has changed and you have requested strict checking.
Host key verification failed.
the second problem is that I can not log in to the NAS because I figure this error:

Code: [Select]

[yikoru@yikoru-pc ~]$ ssh admin@10.255.255.254
admin@10.255.255.254's password:
WARNING: Your password has expired.
You must change your password now and login again!
passwd: No such file or directory
Connection to 10.255.255.254 closed.
I have the nas directly connected by network cable to my notebook and I have no problems with the web administration, change the password and tried again but the problem still persists
I use firmware 1.09
I am from Santiago, Chile but the nas was bought in the USA

[ivan]

As you describe your setup of [notebook]<------cable------>[DNS-320L] there is no DHCP server so you must have fixed IP addresses. 

Can we assume that you have set fixed IP addresses for your notebook and the DNS-320L and they are in the same subnet? 

As a follow up on that why are you even trying to use SSH in that situation? It is an unnecessary layer between your computer and NAS.

If your computer and NAS are connected through a router that has access to the internet and you have allowed access between the internet and the NAS that is a different situation and you wouldn't be using 10.xxx.xxx.xxx subnet.

[yikoru]

This is how I use static IP, I have no connectivity problems since I have no problems accessing the WEB
I need SSH access since there are things I want to do from the terminal just for that, I saw an openssh add-on that I have not yet installed but I assume that if the web gives me the option to connect via SSH I should not install it

[ivan]

The fact you can post here indicates one of two things.
1) you have a separate notebook that is only used to connect to the NAS.
2) you connect to the NAS through a router that also connects to the internet.

If it is option 1 make sure that your notebook is set to a static IP address on the 10.255.255.xxx subnet, any other subnet will cause failure.

If it is option 2 have you switched off the DHCP server in the router because if you haven't it will be trying to give your notebook an IP address and that could be the cause of your problem.

Without knowing your exact network setup it is almost impossible to advise you of where to look to solve the problem.  In some cases if I know enough about the network setup I will build that setup during the night shift and try and reproduce the problem and then pass on how I resolved it.

[yikoru]

the network topology does not have much to do in this instance, the fact that when negotiating the keys with the NAS fails, indicates that if there is communication between the notebook and the NAS, it is also validated the fact that I have access to the interface WEB and shared resources.
It is also a sign of this that the NAS requests the password to enter everything seems to indicate that it is a configuration problem in the NAS but I do not know what I need to configure
my network topology is currently:
wired connection: gigabit ethernet network segment 10.255.255.248/29, on this network I directly connect the NAS with my notebook
IP NAS 10.255.255.254/29
IP notebook 10.255.255.252/29
I also have a server in the same segment to which I connect via SSH, web and NoVNC (server virtualization)
IP server 10.255.255.253/29
I do not have a switch so I have the notebook connected to the NAS or the server, for both connections only one of the ends is changed and not the complete cable
The notebook connects to the internet via WiFi to the segment 192.168.90.0/24
I tried to disconnect this network but the problem persists (I insist it is not a network topology problem)

[ivan]

OK, rather an odd setup but let me try for a little more information.

When you login to the NAS webUI and go to 'Management' --> 'Network Management' --> 'Lan Setup'  You should see something like the following:

Static IP indicated

IP address       10.255.255.254
Subnet mask    255.255.255.0
Gateway          10.255.255.    <-- the would logically be 254 or 0 - see note 1
DNS 1              8.8.8.8                <-- this is an example - see note 1
DNS 2              8.8.4.4                <-- this is an example - see note 1

Note 1:
To get the Gateway, DNS 1 and DNS 2 you need to open a command prompt window and type in  ipconfig /all and press return.
Depending on a number of things you can get a lot of data but you are looking for:
IPv4 Address   <-- this is the IP address of your computer.
Subnet Mask   <-- this should be the same as in the NSA Lan Setup.
Default Gateway <-- this should be the same as in the NAS Lan Setup and should not be the same as the NAS or computer IP address and will most probably be set by the wireless connection.
DNS Servers    <-- this will be defined by your router and is what is required in the Lan Setup of the NAS.

The above information should also appear in the computers wired network adapter properties under 'Internet Protocol Version 4' --> Properties.

If they are vastly different from the above please post them (use a private mail to me if you are concerned with security).