ExtremeWireless (Aerohive)

 Looking for info on buffered log warnings and errors

Jump to Best Answer
w1f1n00b's profile image
w1f1n00b posted 01-12-2021 16:18

I’m seeing the following repeated continuously. This is an AP330 running

Any info on what this means (couldn’t find in KB or google)? Is this something to be concerned about?



ah_auth: fe ioctl failed for [set station IP]: Bad address
ah_auth: ioctl 4096 failed, rc = -1: Bad address



ah_auth: Undefined last_auth_method, tag service type as framed by default!



this is categorized as “info” but includes the word “WARNING” which I thought was interesting

sshd[5787]: WARNING: /etc/moduli does not exist, using fixed modulus

Sam Pirok's profile image
Sam Pirok

Hi John, for the first set of errors, that’s going to be the APs notifying each other of a client disassociation/association during roaming. This KB covers those messages: https://extremeportal.force.com/ExtrArticleDetail?an=000056859&q=err%20ah_auth%3A%20fe%20ioctl%20failed%20for%20%5Bset%20station%20IP%5D%3A%20Bad%20address

The second looks like a client device used an unknown authentication method and was rejected. Are you seeing any reports of clients unable to connect? 

The third I’m unfamiliar with and I’m not finding anything in my searches so I’ll have to look in to that one further for you. I’ll update when I know more. 



Sam Pirok's profile image
Sam Pirok

Thanks for your patience here, the reason we were having issues finding information on that second message is that it’s a linux message, rather than HiveOS specific. 

The /etc/moduli file contains prime numbers and generators for use by sshd in the Diffie-Hellman Group Exchange key exchange method. Modulus itself is in hexadecimal. When performing Diffie-Hellman Group Exchange, sshd first estimates the size of the modulus required to produce enough Diffie-Hellman output to sufficiently key the selected symmetric cipher. Sshd then randomly selects a modulus from /etc/moduli that best meets the size requirement. The Diffi-Hellman key exchange is used in the beginning of SSH sessions to generate a shared secret between the client and the server. During this, the preferred file size for the key exchange did not match and therefore, for this one session, the default modulus was used.


For more information, please visit: https://entropux.net/article/openssh-moduli/