9front/Plan 9 common strange errors and their possible causes

Auth server error

On terminal (drawterm or cpu command) side:

username@authdom password:
cpu: cannot read authenticator in p9sk1: Connection refused


On server kernel messages side:

cpu: srvauth: auth_proxy rpc write: auth server protocol botch

Possible cause

You’re using the wrong password. If you’ve forgotten your password, you should run auth/changeuser YOUR_USERNAME to change your password, and if that user is the hostowner, you should make sure that password is the same as the password in nvram by running auth/wrkey, all as hostowner.

Another probable cause is that you haven’t set up /lib/ndb/local properly, and need a proper ipnet block with an auth server to point to, and need to add your machine to the ipnet.

aux/listen should be started, and /bin/service.auth/tcp567 should be enabled.

Apparently you can’t have passwords larger than 8 characters or something. It sucks. Apparently DES keys or a bad hash is used or something. It sucks.

Also, apparently cwfs doesn’t care about authentication by default.

I wonder about the random number generator.

Get haxed.

No localhost

You’re fucked. Even if I add a localhost entry in /net/ndb, it’s useless. I don’t know.

Just connect from a different host or something. Or look at what your sys is in /net/ndb.

; cat /net/ndb
ip= ipmask= ipgw=
; ip/ping yourhost
sending 32 64 byte messages 1000 ms apart to icmp!yourhost!1
0: rtt 15 µs, avg rtt 15 µs, ttl = 255
1: rtt 12 µs, avg rtt 13 µs, ttl = 255
; aux/trampoline tcp!yourhost!565   # LIKE NETCAT
i am sysname cirno you are port 58569


By: a (Fri Jan 30 12:17:19 EST 2015)
Your "No localhost" bit is... odd, maybe wrong. Plan 9 has localhost and loopback. What distribution are you running? Mainline's had it for years (I believe since 3rd edition), and 9atom's had it for as long as it's been around; I can't say about 9front.

To see if your IP stack knows about the normal loopback address, try this:
: root; grep /net*/ipselftab
/net/ipselftab: 01 6u
If you get a result like that, you should be able to ping it. If those work, you just have a name issue: in /lib/ndb/local (or a file referenced by it), you'll want this:
ip= sys=localhost dom=localhost
If the grep and ping above don't work, something else weird is going on.

Also, you misunderstand /net/ndb - it's basically a free-form holding area for config info; changing the contents doesn't cause anything to change.

Since the werc blog thing doesn't do notifications, I'm unlikely to see any follow-up, but feel free to swing by #plan9 on freenode if you have trouble; I'm anth (or anth_x or similar) there.

By: amonk (Sun Feb 1 13:23:15 EST 2015)
This can also occur when another machine has usurped the cpu's IP address. Authentication succeeds via drawterm, but is shortly dropped, giving the...

cpu: cannot read authenticator in p9sk1: Connection refused

message, and, when started from a terminal, leaving...

eof: n=-1 Connection reset by peer
panic: sysfatal

on the screen.

So, also make sure your cpu's IP address has not been usurped (i.e. two machines are trying to use it now). Finding and eliminating the IP interloper solved this annoying problem for me. Good luck. :)

-- amonk (not all together stupid and crazy)

By: Glenda (Mon Jul 27 03:08:05 EDT 2015)
- 9front doesnt configure loopback by default. you can setup that youself if you need it (whats the point?).
- after installation, the disk fileserver (cwfs) has authentication disabled. but it also does not listen on the network, so you wont get haxed :) it cannot do authentication because for that you need to have a host key in factotum (password).

By: Glenda (Sun Oct 25 23:36:53 EDT 2020)
my problem seems to be it wants to authenticate me as a user that doesnt exist (that would be the hostname of the pc im connecting from)
when i WANT to be authenticated as glenda..
so i never get the chance to put in the right password