Bird, RPKI/RTR and issues with SSH

[Ondrej Zajicek]

On Thu, Apr 11, 2019 at 05:52:59PM -0700, Louis Poinsignon wrote:
> Hello everyone,
> I hope this mailing list is the correct place for my message.

Hello

Yes, it is correct place.


> While it's not impacting, when the RTR server returns a NO DATA, the client
> will bomb of requests as shown by a higher log level of GoRTR.
> 
> > gortr_1  | time="2019-04-11T21:40:13Z" level=debug msg="10.1.0.3:54874
> > (v1) / Serial: 0: Received PDU Reset Query v1"
> > gortr_1  | time="2019-04-11T21:40:13Z" level=debug msg="10.1.0.3:54874
> > (v1) / Serial: 0 > Request Cache"
> > gortr_1  | time="2019-04-11T21:40:13Z" level=debug msg="10.1.0.3:54874
> > (v1) / Serial: 0 < No data"
> > gortr_1  | time="2019-04-11T21:40:13Z" level=debug msg="10.1.0.3:54874
> > (v1) / Serial: 0: Received PDU Reset Query v1"
> > gortr_1  | time="2019-04-11T21:40:13Z" level=debug msg="10.1.0.3:54874
> > (v1) / Serial: 0 > Request Cache"
> 
> 
> I am not sure if I'm missing a timeout but I feel this may be a bug.

Yes, that is likely a bug.


> For ssh I am having another issue.
> The faulty configuration is the following:
> https://github.com/lspgn/compose-bird-gortr/blob/bird-rtr-ssh/bird/config_local/bird1.conf
> 
> With the statement:
> 
> > protocol rpki gortr {
> >     debug all;
> >     roa4 { table t_roa4; };
> >     roa6 { table t_roa6; };
> >     remote "10.1.0.4" port 8283;
> >     transport ssh {
> >         user "rpki";
> >         bird private key "/etc/bird/id_rsa";
> >     };
> >     retry keep 90;
> >     refresh keep 900;
> >     expire keep 172800;
> > }
> 
> 
> > bird1_1  | bird: gortr: Lost connection: Failed to read private key:
> > /etc/bird/id_rsa

Do you have an SSH key in /etc/bird/id_rsa with appropriate rights?


-- 
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."