You are not logged in.

#1 2025-09-28 04:07:10

Zinput
Member
Registered: 2022-03-12
Posts: 31

[SOLVED] mkinitcpio-systemd-extras | ssh hangs

I am following this guide: https://wiki.archlinux.org/title/Dm-cry … kinitcpio)

Current Situation since title edit:
I can ping my server and authenticate with my tinyssh server, but it freezes after authentication before giving me the password prompt for luks. There is no error message. I have also tried dropbear and it has the same behavior. I now have tried removing the command "systemd-tty-ask-password-agent --query --watch". This now gives me access to the shell in initramfs.

Original Post:
I have almost everything working. I have my public key on the server. I am able to ping the computer during boot and the ssh server seems to respond. However, I get the error message `/bin/sh: systemd-tty-ask-password-agent: not found` before the connection closes. I have tried updating packages and rebuilding the initramfs. The boot messages on the server shows per connection requests and the IP I am trying to connect from. When I use the wrong identity key, it does respond with the appropriate error message. There seems to be no information on the internet about using tinyssh with systemd-boot and mkinitcpio besides that single guide. Any help would be appreciated as I am pretty lost.

Solution:
It took me a while to figure this out, but the final problem was that I had switched many mkinitcpio hooks to the newer `sd-xxxxx` version of the hooks including switching from `encrypt` to `sd-encrypt`. This is why it was not prompting me for a luks password because the config no longer worked and it didn't know which device to decrypt. The solution is making the change described here: https://wiki.archlinux.org/title/Dm-cry … oot_loader

Last edited by Zinput (2025-09-28 20:02:37)

Offline

#2 2025-09-28 08:06:35

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,074

Re: [SOLVED] mkinitcpio-systemd-extras | ssh hangs

Did you add systemd-tty-ask-password-agent to the BINARIES, https://wiki.archlinux.org/title/Mkinit … _and_FILES ?

Offline

#3 2025-09-28 15:40:42

Zinput
Member
Registered: 2022-03-12
Posts: 31

Re: [SOLVED] mkinitcpio-systemd-extras | ssh hangs

That somehow doesn't make a difference. Actually, it seems like nothing I change in `/etc/mkinitcpio.conf` is actually reflected in the initramfs despite running `mkinitcpio -P`. The console output from `mkinitcpio` looks normal and shows the hooks I've seletced. Checking the timestamp on the generated initramfs also shows the current date. However, it seems like removing modules doesn't actually remove it from the initramfs during boot.

Last edited by Zinput (2025-09-28 15:45:26)

Offline

#4 2025-09-28 16:13:37

Zinput
Member
Registered: 2022-03-12
Posts: 31

Re: [SOLVED] mkinitcpio-systemd-extras | ssh hangs

I just realized that I have two copies of the initramfs. One set in /boot and one set in /boot/efi. Mkinitcpio is only updating that in /boot and it seems like my loaders in /efi only load the ones in /boot/efi. After editing /etc/mkinitcpio.d/linux.preset, I just need to figure out why I get an error for "not a valid kernel module directory" so I can regenerate the initramfs in the correct directory.

Edit: I figured out how to generate for the correct kernel and use the config to add the hooks. Magically, the networking doesn't work anymore in the new initramfs, so I've pretty much taken a step back.

Last edited by Zinput (2025-09-28 17:12:27)

Offline

#5 2025-09-28 17:54:50

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,074

Re: [SOLVED] mkinitcpio-systemd-extras | ssh hangs

You're mouting your /boot partition into /boot/efi which is wrong - you can mount the ESP there (or anywhere else) but if your ESP doubles as /boot partition it needs to be mounted into /boot

Offline

#6 2025-09-28 18:22:52

Zinput
Member
Registered: 2022-03-12
Posts: 31

Re: [SOLVED] mkinitcpio-systemd-extras | ssh hangs

I ended up reinstalling. I think I ended up with /boot/efi because I incorrectly mounted it when trying to fix it with arch-chroot. Now, everything works until I try to authenticate with the tinyssh server. It just hangs. The server console detects the connection and it can tell me permission denied when I try to login to any user that's not root. But it just freezes when I try to login to root with my key.

Here's some output from `ssh -vvv`:

Authenticated to 192.168.1.4 ([192.168.1.4]:22) using "publickey".
debug1: channel 0: new session [client-session] (inactive timeout: 0)
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Entering interactive session.
debug1: pledge: filesystem
debug3: client_repledge: enter
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug3: client_repledge: enter
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 131072 rmax 16384
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
debug3: obfuscate_keystroke_timing: starting: interval ~20ms
debug3: obfuscate_keystroke_timing: stopping: chaff time expired (0 chaff packets sent)

Last edited by Zinput (2025-09-28 18:33:11)

Offline

#7 2025-09-28 18:59:29

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,074

Re: [SOLVED] mkinitcpio-systemd-extras | ssh hangs

You might want to update the subject (edit your initial post, you can change it there) or start a new thread … or try https://archlinux.org/packages/extra/an … -dropbear/ tongue

Offline

#8 2025-09-28 19:05:23

Zinput
Member
Registered: 2022-03-12
Posts: 31

Re: [SOLVED] mkinitcpio-systemd-extras | ssh hangs

I have edited my post title. I also tried dropbear and the behavior is the same.

Offline

#9 2025-09-28 19:10:42

Zinput
Member
Registered: 2022-03-12
Posts: 31

Re: [SOLVED] mkinitcpio-systemd-extras | ssh hangs

Removing the line

SD_TINYSSH_COMMAND="systemd-tty-ask-password-agent --query --watch"

seems to give me access to a shell. So maybe something is wrong with the ask password agent. Running it in the shell results in no response. I don't get a "not found" error though.

Offline

Board footer

Powered by FluxBB