Solved

Looking for info on buffered log warnings and errors

  • 12 January 2021
  • 2 replies
  • 54 views

Userlevel 3

I’m seeing the following repeated continuously. This is an AP330 running 6.5.13.0

Any info on what this means (couldn’t find in KB or google)? Is this something to be concerned about?

 

error

ah_auth: fe ioctl failed for [set station IP]: Bad address
ah_auth: ioctl 4096 failed, rc = -1: Bad address

 

warning

ah_auth: Undefined last_auth_method, tag service type as framed by default!

 

 

this is categorized as “info” but includes the word “WARNING” which I thought was interesting

sshd[5787]: WARNING: /etc/moduli does not exist, using fixed modulus

icon

Best answer by Sam Pirok 13 January 2021, 15:38

Hi John, for the first set of errors, that’s going to be the APs notifying each other of a client disassociation/association during roaming. This KB covers those messages: https://extremeportal.force.com/ExtrArticleDetail?an=000056859&q=err%20ah_auth%3A%20fe%20ioctl%20failed%20for%20%5Bset%20station%20IP%5D%3A%20Bad%20address

The second looks like a client device used an unknown authentication method and was rejected. Are you seeing any reports of clients unable to connect? 

The third I’m unfamiliar with and I’m not finding anything in my searches so I’ll have to look in to that one further for you. I’ll update when I know more. 

 

 

View original

2 replies

Userlevel 6

Hi John, for the first set of errors, that’s going to be the APs notifying each other of a client disassociation/association during roaming. This KB covers those messages: https://extremeportal.force.com/ExtrArticleDetail?an=000056859&q=err%20ah_auth%3A%20fe%20ioctl%20failed%20for%20%5Bset%20station%20IP%5D%3A%20Bad%20address

The second looks like a client device used an unknown authentication method and was rejected. Are you seeing any reports of clients unable to connect? 

The third I’m unfamiliar with and I’m not finding anything in my searches so I’ll have to look in to that one further for you. I’ll update when I know more. 

 

 

Userlevel 6

Thanks for your patience here, the reason we were having issues finding information on that second message is that it’s a linux message, rather than HiveOS specific. 

The /etc/moduli file contains prime numbers and generators for use by sshd in the Diffie-Hellman Group Exchange key exchange method. Modulus itself is in hexadecimal. When performing Diffie-Hellman Group Exchange, sshd first estimates the size of the modulus required to produce enough Diffie-Hellman output to sufficiently key the selected symmetric cipher. Sshd then randomly selects a modulus from /etc/moduli that best meets the size requirement. The Diffi-Hellman key exchange is used in the beginning of SSH sessions to generate a shared secret between the client and the server. During this, the preferred file size for the key exchange did not match and therefore, for this one session, the default modulus was used.

 

For more information, please visit: https://entropux.net/article/openssh-moduli/

Reply