I recently connected my server to another server via UUCP. Now I'm thinking that perhaps I'd like to connect my laptop as another node to it. I probably don't need it, because I connected the laptop to the server via NNCP. But still. Perhaps @lkh@social.sdfeu.org still wants to do stuff via UUCP. Perhaps it is the completionist in me.
connected my server to another server via UUCP
connected the laptop to the server via NNCP
For reference, see UUCP over SSH by @bortzmeyer@mastodon.gougere.fr. Since we're using SSH, there will be a key pair, and since we're using UUCP, we'll still a username and password. It's going to be both.
I know, why aren't we using NNCP.
Generate the key pair.
cd /var/spool/uucp sudo mkdir .ssh sudo chown uucp:uucp .ssh cd .ssh sudo -u uucp ssh-keygen -C "uucp@melanobombus" -f id_rsa
The file `uucp-key.pub` now has the public key.
On the server (!), add a line to `/var/spool/uucp/.ssh/authorized_keys`, replacing the public key:
restrict,command="/usr/sbin/uucico -u Umelanobombus -l" ssh-rsa KEY_FROM_ID_RSA_PUB uucp@dwalin
We will be using the username `Umelanobombus` to connect to the server. This is not a real user!
On the server, save username and password in `/etc/uucp/passwd`.
Umelanobombus *secret*
On the laptop, save system name, username and the same password in `/etc/uucp/call`.
sibirocobombus Umelanobombus *secret*
Now we have both levels: the public and private keys that allow the `uucp` user to connect via `ssh` – and the username and password that is used by `uucp`.
Define our own name in `/etc/uucp/config` on the laptop.
nodename melanobombus
Let's add the system to `/etc/uucp/sys`. That is, on the laptop, define the server we're going to call. Since I already know that sibirocobombus will report itself as `campaignwiki`, I'm setting up an `alias`. The `commands` line is important because by default only `rmail` and `rnews` are allowed but I want to allow `rsmtp`, too. The `chat` script waits for the "Password:" prompt and then sends it. Note that this chat script is much shorter than the one used in "UUCP over SSH", linked above. Apparently there's no "Login:" prompt on my server so I had to change it.
system sibirocobombus alias campaignwiki commands rmail rnews rsmtp call-login * call-password * time any chat Password: \P chat-timeout 30 protocol i port ssh_campaignwiki
Add the new port to `etc/uucp/port`. Note that I'm listening to incoming `ssh` connections on a non-standard port so I have to provide. Also note that here we're defining the `uucp` "port" with a non-standard `ssh` "port". Just in case you're not already confused.
port ssh_campaignwiki type pipe command /usr/bin/ssh -a -x -q -p 882 uucp@campaignwiki.org reliable true protocol etyig
Before doing our first test, make sure that the server is a "known host" on the laptop, for the `uucp` user. Note how I am not using `-q` because I want to see the prompt!
The password to give on the prompt is the one in `/etc/uucp/call`.
sudo -u uucp ssh -p 882 uucp@campaignwiki.org The authenticity of host '[campaignwiki.org]:882 ([2a02:418:6a04:178:209:50:237:1]:882)' can't be established. ED25519 key fingerprint is SHA256:ups6Q5G8Ab5QT/cTnrv5FpdmdvVtK09ZG8j1ToEBV9c. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[campaignwiki.org]:882' (ED25519) to the list of known hosts. PTY allocation request failed on channel 0 Password: *secret* Shere=campaignwiki ^C
Let's add the laptop to `/etc/uucp/sys` on the server. Since the server is never going to call the laptop, no credentials and no port is required.
system melanobombus called-login Umelanobombus commands rmail rnews rsmtp local-send / local-receive /var/spool/uucppublic remote-send / remote-receive /var/spool/uucppublic time any forward ANY protocol i
Let's test it!
On the client:
echo hallo > hallo.txt uucp hallo.txt 'sibirocobombus!~/'
Let's check the log.
This is what it looks like when things don't work:
uulog|tail uucp sibirocobombus alex (2024-06-30 18:02:27.50 9274) Queuing send of /home/alex/hallo.txt to ~/ uucico sibirocobombus - (2024-06-30 18:02:27.50 9275) Calling system sibirocobombus (port ssh_campaignwiki) uucico sibirocobombus - (2024-06-30 18:02:31.51 9275) ERROR: Line disconnected
You can try to replace `-q` with `-v` in `/etc/uucp/port` in order to see what `ssh` has to say.
If you try again, the log says that the system is not ready to try again:
uucp sibirocobombus alex (2024-06-30 18:04:47.94 9454) Queuing send of /home/alex/hallo.txt to ~/ uucico sibirocobombus - (2024-06-30 18:04:47.94 9455) Retry time not reached
Force a call and check the log again.
sudo -u uucp uucico -S sibirocobombus
You might be specifying the wrong login, or using the wrong chat script. On the server, the log might look as follows:
uulog|tail uucico - - (2024-06-30 17:56:42.92 1245805) Incoming call (login Umelanobombus port stdin) uucico - - (2024-06-30 17:56:49.12 1245805) ERROR: Line disconnected uucico - - (2024-06-30 18:02:30.70 1247584) ERROR: Bad login uucico - - (2024-06-30 18:07:25.26 1248690) ERROR: Bad login
Check the passwords:
1. `/etc/uucp/call` on the laptop says what username and password to use
2. `/etc/uucp/passwd` on the server says what username and password to accept, separated by a TAB (!)
Check the system:
1. `/etc/uucp/config` on the laptop says what the client is called
2. `/etc/uucp/sys` on the laptop says what the server is called and how to connect to it, using what port
3. `/etc/uucp/port` on the laptop describes that port
4. `/etc/uucp/sys` on the server says what the client is called, what username to expect
Check the login again, by going through it by hand. Check whether the chat script would have worked.
sudo -u uucp ssh -p 882 uucp@campaignwiki.org PTY allocation request failed on channel 0 Password: *secret* Shere=campaignwiki ^C
When calling the server, specify a high debugging level:
sudo -u uucp uucico -x 11 -S sibirocobombus
To look at the debug output. Here's an example where I mistyped the nodename in `/etc/uucp/config` on the laptop:
sudo uulog -D uucico - - (2024-06-30 19:06:09.74 14487) DEBUG: usysdep_detach: Forked; old PID 14486, new pid 14487 uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: fsysdep_get_work_init: Found C.NPBZaHpAACZk uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: fsysdep_get_work_init: Found C.NPDpxIuAACce uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: fconn_open: Opening port ssh_campaignwiki (default speed) uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) Calling system sibirocobombus (port ssh_campaignwiki) uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: Forking /usr/bin/ssh -a -x -v -p 882 uucp@campaignwiki.org uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: icexpect: Looking for 5 "word:" uucico sibirocobombus - (2024-06-30 19:06:09.75 14487) DEBUG: icexpect: Got "Password:" (found it) uucico sibirocobombus - (2024-06-30 19:06:10.32 14487) DEBUG: fcsend: Writing password "*secret*\r" uucico sibirocobombus - (2024-06-30 19:06:10.32 14487) DEBUG: zget_uucp_cmd: Got "\020Shere=campaignwiki\000" uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) Login successful uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) DEBUG: fsend_uucp_cmd: Sending "Smelanobobus -R -N047" uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) DEBUG: fconn_write: Writing 23 "\020Smelanobobus -R -N047\000" uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) DEBUG: zget_uucp_cmd: Got "\020RYou are unknown to me\000" uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) ERROR: Handshake failed (You are unknown to me) uucico sibirocobombus - (2024-06-30 19:06:10.33 14487) DEBUG: fconn_close: Closing connection uucico sibirocobombus - (2024-06-30 19:06:10.43 14487) DEBUG: Call failed: 4 (Handshake failed)
If everything worked, however, the log on the client says:
uulog uucico sibirocobombus - (2024-06-30 19:18:07.77 15159) Calling system sibirocobombus (port ssh_campaignwiki) uucico sibirocobombus - (2024-06-30 19:18:08.40 15159) Login successful uucico sibirocobombus - (2024-06-30 19:18:08.41 15159) Handshake successful (protocol 'i' sending packet/window 1024/16 receiving 1024/16) uucico sibirocobombus alex (2024-06-30 19:18:08.42 15159) Sending /home/alex/hallo.txt (6 bytes) uucico sibirocobombus alex (2024-06-30 19:18:08.42 15159) Sending /home/alex/hallo.txt (6 bytes) uucico sibirocobombus - (2024-06-30 19:18:08.42 15159) Protocol 'i' packets: sent 9, resent 0, received 7 uucico sibirocobombus - (2024-06-30 19:18:08.42 15159) Call complete (0 seconds 12 bytes 0 bps)
The log on the server says:
uucico - - (2024-06-30 19:18:08.89 1265032) Incoming call (login Umelanobombus port stdin) uucico melanobombus - (2024-06-30 19:18:08.90 1265032) Handshake successful (protocol 'i' sending packet/window 1024/16 receiving 1024/16) uucico melanobombus alex (2024-06-30 19:18:08.90 1265032) Receiving /var/spool/uucppublic/hallo.txt (6 bytes) uucico melanobombus alex (2024-06-30 19:18:08.90 1265032) Receiving /var/spool/uucppublic/hallo.txt (6 bytes) uucico melanobombus - (2024-06-30 19:18:08.91 1265032) Protocol 'i' packets: sent 6, resent 0, received 8 uucico melanobombus - (2024-06-30 19:18:08.91 1265032) Call complete (0 seconds 12 bytes 0 bps)
And the file is in the public area:
ls /var/spool/uucppublic/ hallo.txt
And in the other direction, send a similar file to `alex@melanobombus`.
uuto hallo.txt 'melanobombus!alex'
On the laptop:
sudo -u uucp uucico -S sibirocobombus uupick from campaignwiki: file hallo.txt ? m .
And I have it!
Don't fogert the warning in the `uuto` documentation:
Note that `uuto' does not provide any security – any user on the remote system can examine the files.
We really should have used NNCP! 😄
#Administration #UUCP