USBNet/Telnet fail, need help

[glasnost]

*Edit*

A big thank you to @knc1 and @NiLuJe, who patiently walked me through diagnostic steps.

Solution: I updated my 5.6.5 kindle firmware post-jailbreak to (drum roll) 5.6.5. Turns out you can do that! It solved my weird #root password issues and verified that my jailbreak-bridge was successful (which I discovered by seeing 'bridge+' shortly after the update was complete, but before the PW3 rebooted). Finally:

After reading a multitude of threads with diverse (and often contradictory) recommendations, I finally went to the Wiki* and discovered that there is, indeed, a #root password that might just work on my system. All of a sudden:

Code:

$ scp /home/hal/.ssh/hal9k_id_rsa.pub root@192.168.15.244:/mnt/us/usbnet/etc/authorized_keys

could work, because all I'd need to do is enter mario as the password once. Now my systems know each other :-) And all is good with the world.

*

Spoiler:

This particular wiki entry is New and Improved: Now With SpellChekr(tm) Technology so that it does not look like someone may have accidentally instructed you to set the IP of the connection to 192.168.15.201 and then connect to root@192.168.15.244 without any context and with a lot of typos, you might have reasonably assumed that this was an inadvertent error. You would be wrong: the two different addresses are quite intentional. And that whole 'mario' password - I had to use it. Your mileage may vary.

I need your help - I can't get USB networking to function for the life of me.

The problem - I am asked for an unknown root password (not blank) even with shared keys. I cannot telnet in (connection denied). I cannot scp (root password request again).

Code:

hal@BABUSHKA:~$ ssh -i ./.ssh/id_teddy root@169.254.40.36 -v
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 169.254.40.36 [169.254.40.36] port 22.
debug1: Connection established.
debug1: identity file ./.ssh/id_teddy type 1
debug1: identity file ./.ssh/id_teddy-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6
debug1: Remote protocol version 2.0, remote software version MS_1.100
debug1: no match: MS_1.100
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: [redacted]
debug1: Host '169.254.40.36' is known and matches the RSA host key.
debug1: Found key in /home/hal/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available

debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available

debug1: Next authentication method: password
root@169.254.40.36's password:

My Setup
Win10 box running bash for windows (Ubuntu-based Bash shell for Windows)

PW3 5.6.5, software jb, USBNet_0.21.N, KUAL+, MRinstaller, rescuepack, python, gawk, kterm, vim, coreutils, usbotgmouse, linkss, linkfonts, koreader installed

Default config of USBNet, defaults on everything else (more or less - kterm is a pain without a functioning evdev so I can type!) tried a number of steps to fix this, so any help you can offer would be greatly appreciated!

problem with the install
I've tried resetting the config file to default using KUAL. I've tried uninstalling (default) and then reinstalling using MRinstaller. I've tried full uninstall, followed by an actual restart of the kindle, and a subsequent install of usbnet.

problem with the keygen
I have made keys in both ssh-keygen in the bash shell (native unix/utf8) and putty keygen. I have verified that the public keys use utf8, unix EOL, openssh format and get copied to usbnet/etc/authorized_keys. I, of course, have only used a single keypair each time, not wanting to create another point of failure, deleting my known_hosts after each attempt (shouldn't impact things, but...)

root password business???
I haven't (knowingly) set a password, and I can #su without being asked for one. my /etc/shadow folder does show something different than the rest of the accounts "root:$1$dL<snip>q1:17029:0: ..." whereas everything but framework & guest are "blah:*:10933:0: ..."

I did have a lock on my device, but I removed it in case that was the holdup.

I have never used diags.

weird ip
So the kindle ip address has changed several times. I have no idea why, I am blaming windows - even though I thought this was set through the sshd config?

Unfortunately, MS screwed up the big update to Win10 and now there is a kernel panic from partmgr every time you plug in the kindle. Because, you know, fat is really difficult for microsoft to parse ;-) The only way to avoid this and actually transfer books/files to the Kindle is to boot or wake from sleep with the device plugged in.

There is, of course, no problem when it's in usbnet mode, and everything gets properly recognized as a gadget & an ip address is found. But it seems to be dynamic. So: Microsoft's fault.

telnet

Yeah, you got me. I can't telnet in. Connection is refused. No idea what's going on. I haven't changed anything in /etc, so I don't know why telnet would be refused. Yes, telnet works in all of its insecure glory on other devices, using bash, command prompt, and putty.

dmesg clue?
After unplugging, turing on UN, dmesg reports:
usb0 gets a mac address
g_ether gadget controller 'fsl-usb2-udc' not recognized; trying CDC Ethernet (ECM)
g_ether gadget . . . Memorial Day 2008
g_ether gadget: g_ether ready

*I've tried both a USB3 and a USB2 port, I think this is from the USB3. But I thought CDC Ethernet was what I wanted?

The ask
I'm flummoxed. Any suggestions you have would be greatly appreciated. I want to unlock the full power of my Kindle (so that I can vim on the go with an otg keyboard )

[knc1]

Please list the Ethernet address setup of the Windows box end of the cable.

[glasnost]

Quote:

Originally Posted by knc1

Please list the Ethernet address setup of the Windows box end of the cable.

Thanks for your reply. I'm not entirely sure what you are asking for, but:

I have tested two different ways: 1. airplane mode, except for the gadget ethernet connection. 2. winbox w/ wifi, IP/DNS assigned by the router. minimal firewall (ddwrt does most of the heavy lifting).

nothing particularly out of the ordinary. I do limit myself to ipv4 for the time being - it plays better with my vpn (which was not in use during these trials).

192.168.1.111 subnet 255x gateway 192.168.1.1, tunnel adapter for VPN

Netbios over TCP/ip is enabled (not entirely sure why), autoconfig is enabled

[knc1]

Quote:

Originally Posted by glasnost

192.168.1.111 subnet 255x gateway 192.168.1.1, tunnel adapter for VPN

And for the Kindle:
root@169.254.40.36

Which isn't going to work unless you set-up your gateway to map from the one network block to the other and back again.

The first thing you should do is get everything working over the USB cable.
Then what you need to do for wifi access should be more apparent.

[NiLuJe]

That doesn't look like an untouched shadow file (the root account should be locked, which is indicated by a simple bang character in the password field).

In any case, that should be irrelevant, the default config should let you in no matter what (over USB only, that goes out the window as soon as you enable the "SSH over WiFi" thingy in KUAL [or enable the use of the OpenSSH server instead of dropbear]).

Which would point to a PEBCAK in where you're actually trying to connect, which is what @knc1 is asking you to look into .

[glasnost]

I much prefer to cast aspersions on Microsoft (which released an update that causes a kernel fault when attached to a rather common device, rather than either a. dropping communication with the device, or b. actually connecting to it.)

That said, I have always said that I know just enough to get myself into trouble, rarely enough to get out. Hence I thought I'd reach out to you, because PEBCAK.

First things:

I am not trying to connect over wifi. I haven't taken my kindle out of airplane mode in quite some time :-)

Here is a scrubbed, sorted version of ipconfig /all

Spoiler:

Windows IP Configuration

Host Name . . . . . . . . . . . . : babushka
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : snip
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : USB Ethernet/RNDIS Gadget #3
Physical Address. . . . . . . . . : EE-49-00-00-00-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4118:snip (Preferred)
Autoconfiguration IPv4 Address. . : 169.254.99.26(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 837699840
DHCPv6 Client DUID. . . . . . . . : snip
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
Physical Address. . . . . . . . . : 36-snip
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 34-snip
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Windows Adapter V9
Physical Address. . . . . . . . . : 00-snip
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F3snip}:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:169.254.99.26%15(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 134217728
DHCPv6 Client DUID. . . . . . . . : 00snip
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{snipFCA}:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.111%16(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 587202560
DHCPv6 Client DUID. . . . . . . . : 00-snip
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 3160
Physical Address. . . . . . . . . : snip
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.111(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 16, 2016 6:50:09 AM
Lease Expires . . . . . . . . . . : Wednesday, August 17, 2016 6:50:09 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth PAN HelpText
Physical Address. . . . . . . . . : snip
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4_Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

I'm not sure what you meant by setting up my gateway to map from one block to the other.

And as for my not untouched shadow file - I don't think I've done anything to it. I don't remember mounting the root file system RW at any point. How would I go about resetting my root account?

[knc1]

There is a 'super reset everything' procedure -
Just install an amazon update, it over-writes the entire 'main' image.
Step #7 of the current jb has direct links to a selection of 'main' versions for your pw3.

And yes, your jailbreak will survive (if you installed the 'hotfix' package).

[glasnost]

Sounds like a plan, knc1. I'll give amazon flash a try and hopefully it'll set things up nicely

[glasnost]

Quote:

Originally Posted by NiLuJe

That doesn't look like an untouched shadow file (the root account should be locked, which is indicated by a simple bang character in the password field).

In the instructions on jailbreak preservation, @knc1 said to remove any passcode/parental lock on the device. I did so, but subsequently reenabled my passcode.

Could this have affected the shadow file? And if so - is there any way to have a passcode locked, jailbroken kindle?

[knc1]

Quote:

Originally Posted by glasnost

In the instructions on jailbreak preservation, @knc1 said to remove any passcode/parental lock on the device. I did so, but subsequently reenabled my passcode.

Could this have affected the shadow file? And if so - is there any way to have a passcode locked, jailbroken kindle?

By using the menu for that purpose, before downgrading (which is a full Amazon image and would have over-written your changes).

And when you updated to a customer firmware image, it would have over-written them again.

[glasnost]

Telnet is still down, ssh won't accept shared keys, and I still don't have a root password.

I 'updated' to 5.6.5 again, placing the amazon binary in my root directory, clicking update (nothing happened) then restarting the kindle (update occurred.)
My 'about device' shows that I'm running 5.6.5, and on the plus side, my /etc/shadow file looks better.
Now root:!:10933:0 . . . just like framework, default, and guestuser

My bridge seems persistent though :-) (I assume, as flashing this ought to have killed things like 'su.'

I can update to 5.7.4.1, 5.8.1, and 5.8.2 - what's your recommendation? And what should I try next?

[knc1]

User's choice on what firmware version, I haven't used any of those, mine is still on 5.6.something.

You might not have noticed, but when you first re-boot after one of these full image updates you could see a progress message on-screen about the bridge code executing.

Now your next step would be to find the post here with the Win10, Kindle driver attachment, install that (on your Windows box of course, not on the Kindle).

Then open and read again the instructions in the USBnetworking archive.
There are also Window's specific instructions posted here, somewhere.

Get everything working (including pub-key auth) over the USB cable first, before dealing with trying to access it via Wifi.
(The Kindle end of the USB cable and the Kindle end of the Wifi connection do not use the same IP address. That might have been part of your earlier problems.)

You do not need the 'root password' - the USB networking add-in takes care of all of that for you, at least if you follow the directions.

[glasnost]

knc1 - I'm not looking for wifi, this has all been over cables ;-) All of the instructions are very clear on that point, but they emphasize the ability to connect via telnet sans password, and that is something that hasn't worked

I didn't notice the bridge notification. I may do a complete uninstall of usbnet and reflash just to look. I'll report back with any updates. Thanks for your patience.

[knc1]

Quote:

Originally Posted by glasnost

knc1 - I'm not looking for wifi, this has all been over cables ;-) All of the instructions are very clear on that point, but they emphasize the ability to connect via telnet sans password, and that is something that hasn't worked

I didn't notice the bridge notification. I may do a complete uninstall of usbnet and reflash just to look. I'll report back with any updates. Thanks for your patience.

Are you plugging the Kindle's USB cable into the modem or into the Windows box?

[glasnost]

Quote:

Originally Posted by knc1

You might not have noticed, but when you first re-boot after one of these full image updates you could see a progress message on-screen about the bridge code executing.

After the update completed, the kindle tree showed up and a small box appeared that said "Bridge+" in the below the tree. Can I assume that this means the bridge worked correctly? And so in theory, I should have a stock+jailbreak system partition?