Article <vc1kjb$u2i9$1@dont-email.me>

Deutsch English Français Italiano
<vc1kjb$u2i9$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Stephen Hoffman <seaohveh@hoffmanlabs.invalid>
Newsgroups: comp.os.vms
Subject: Re: EISNER is once again decuserve.org
Date: Fri, 13 Sep 2024 11:09:31 -0400
Organization: HoffmanLabs LLC
Lines: 104
Message-ID: <vc1kjb$u2i9$1@dont-email.me>
References: <vc1egc$sq1j$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 13 Sep 2024 17:09:31 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="52e4bc0405f3eaff820845a7d3b763c4";
	logging-data="985673"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18VMDt50l/CphjzdYtlDWai6As2hL73Zls="
User-Agent: Unison/2.2
Cancel-Lock: sha1:FJhXlUkw+EEKfs3XduLyg8bHXmE=
Bytes: 4700

On 2024-09-13 13:25:26 +0000, Hunter Goatley said:

> DECUServe lives again!
> 
> EISNER, the DECUServe system, is once again known as decuserve.org.
> 
> I always hated encompasserve.org, a name that was foisted on us by an 
> organization that was never involved in DECUServe in the first place.
> 
> For many years now, encompasserve.org has used to reach the DECUServe 
> system (along with eisner.decus.org).
> 
> When Mark Daniel set up WASD on EISNER a decade ago, he removed 
> references to Encompasserve from the web pages, restoring the name 
> DECUServe.
> 
> Now, finally, we've fixed up some many-years-broken DNS entries and 
> updated certificates. As of today, encompasserve.org will not get you 
> to EISNER. Well, it will, but you'll get gripes about bad certificates.
> 
> To reach EISNER now, please use eisner.decus.org, decus.org, or 
> decuserve.org. This applies to both SSH and https.
> ...


Seems to be working, though ssh isn't playing well.

% ssh -vvv -o HostKeyAlgorithms=ssh-rsa,ssh-dss -o 
KexAlgorithms=diffie-hellman-group1-sha1 -o Ciphers=aes128-cbc,3des-cbc 
-o MACs=hmac-md5,hmac-sha1 -p 22867 h*@d*.o*
OpenSSH_9.0p1, LibreSSL 3.3.6
debug1: Reading configuration data /Users/*/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* 
matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> 
'/Users/*/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> 
'/Users/*/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to decuserve.org port 22867.
ssh: connect to host decuserve.org port 22867: Connection refused
%


% sudo nmap -A -Pn decuserve.org
Starting Nmap 7.92 ( https://nmap.org ) at 2024-09-13 11:01 EDT
Nmap scan report for decuserve.org (192.42.95.250)
Host is up (0.029s latency).
rDNS record for 192.42.95.250: eisner.decus.org
All 1000 scanned ports on decuserve.org (192.42.95.250) are in ignored states.
Not shown: 992 filtered tcp ports (no-response), 8 filtered tcp ports 
(host-prohibited)
Too many fingerprints match this host to give specific OS details
Network Distance: 12 hops

TRACEROUTE (using proto 1/icmp)
HOP RTT      ADDRESS
1   ...
2   ...
3   ...
4   ...
5   ...
6   ...
7   25.63 ms ae18.ter1.lga5.us.zip.zayo.com (64.125.25.59)
8   24.68 ms be-202-pe11.111eighthave.ny.ibone.comcast.net (50.242.151.213)
9   24.83 ms be-3111-cs01.newyork.ny.ibone.comcast.net (96.110.34.17)
10  24.74 ms be-32011-ar01.needham.ma.boston.comcast.net (96.110.42.2)
11  23.39 ms be-1-sur02.framingham.ma.boston.comcast.net (96.108.69.50)
12  24.61 ms eisner.decus.org (192.42.95.250)

OS and Service detection performed. Please report any incorrect results 
at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.83 seconds
%
....
Nmap scan report for decuserve.org (192.42.95.250)
Host is up (0.027s latency).
rDNS record for 192.42.95.250: eisner.decus.org
Not shown: 992 filtered tcp ports (no-response)
PORT    STATE  SERVICE    VERSION
21/tcp  closed ftp
25/tcp  closed smtp
53/tcp  closed domain
80/tcp  closed http
443/tcp closed https
563/tcp closed snews
587/tcp closed submission
993/tcp closed imaps
....


Given my use of nmap -O, and nmap -A -Pn and a few other switches, I 
should have just lit up any server logs and firewall logs, too.

Firewall?  Hyervisor virtual network rules? Or is something happening 
within the ssh daemon? Or is the ssh daemon just not playing nice with 
OpenSSH_9.0p1?


-- 
Pure Personal Opinion | HoffmanLabs LLC