ssh - connection refused issue

[christia...@gmail.com]

Dear all,

I just want to ask you for a hint on how to resolve this "ssh connection refused"-Issue. Below is the background info - the ssh message, the ping to 10.0.0.1, the ifconfig of my Fedora 24 system (the machine is not connected to the internet), the network and the dmesg - output for usb0. 

-> What do I miss in the configuration? Why is the connection refused?

Thank you for any feedback

Christian

ssh:
[zh10015@localhost rules.d]$ ssh -v usba...@10.0.0.1
OpenSSH_7.2p2, OpenSSL 1.0.2h-fips  3 May 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Connecting to 10.0.0.1 [10.0.0.1] port 22.
debug1: connect to address 10.0.0.1 port 22: Connection refused
ssh: connect to host 10.0.0.1 port 22: Connection refused

$ ping 10.0.0.1  (pings usbarmory -> OK)
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.082 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.078 ms

ifconfig (the network seems ok)
usb0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.1  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::5c57:d1c:f3fb:7148  prefixlen 64  scopeid 0x20<link>
        ether 1a:55:89:a2:69:42  txqueuelen 1000  (Ethernet)
        RX packets 41  bytes 1460 (1.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 34  bytes 5002 (4.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Name of connection: (had to add the net
....\rules.d $ ls
10-network.rules  60-vboxdrv.rules

g_ether (had to create this myself, host_addr is anonymized..):
....\modprobe.d $ more usbarmory.conf 
# details g_ether for USB armory
options g_ether use_eem=0 dev_addr=1A:55:89:A2:69:42 host_addr=00:11:22.33:44:55

dmesg: (always ends with "becomes ready..."
[43730.886164] usb 2-1: new high-speed USB device number 6 using ehci-pci
[43731.005676] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a2
[43731.005686] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[43731.005694] usb 2-1: Product: RNDIS/Ethernet Gadget
[43731.005701] usb 2-1: Manufacturer: Linux 4.6.1 with 53f80000.usb
[43731.014206] cdc_subset: probe of 2-1:1.0 failed with error -22
[43731.015369] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-0000:00:1d.7-1, CDC Ethernet Device, 1a:55:89:a2:69:42
[43731.150614] IPv6: ADDRCONF(NETDEV_UP): usb0: link is not ready
[43731.151034] cdc_ether 2-1:1.0 usb0: kevent 12 may have been dropped
[43731.187318] IPv6: ADDRCONF(NETDEV_UP): usb0: link is not ready
[43735.043071] IPv6: ADDRCONF(NETDEV_CHANGE): usb0: link becomes ready
[43735.043086] cdc_ether 2-1:1.0 usb0: kevent 12 may have been dropped
[43735.044707] cdc_ether 2-1:1.0 usb0: kevent 12 may have been dropped

[Andrea Barisani]

On Sunday, July 3, 2016 at 3:20:32 PM UTC+2, christia...@gmail.com wrote:

Dear all,

Hello, see my response in-line.

Your usb0 is configured incorrectly. Please look carefully at our documentation at:

https://github.com/inversepath/usbarmory/wiki/Host-communication

and

https://github.com/inversepath/usbarmory/wiki/Frequently-Asked-Questions-(FAQ)#help-i-cant-connect-to-my-usb-armory

Your host side network interface (usb0 in this case) should have address 10.0.0.2 with netmask 255.255.255.0.

The IP address 10.0.0.1 is the one assigned to the USB armory and *not* on your host, Therefore your host must have an IP address on the same subnet so that the USB armory can talk to it (e.g. 10.0.0.2).

Cheers

[christia...@gmail.com]

Dear all, Dear Andrea,

comming back to this issue, unfortunately. I've switched OS (now Ubuntu 16 LTS) and I've diabled the network renaming, so that everything runs with usb0.

When I connect now I finally get to the ssh command with the result that the connection is refused after the host sends the "SSH2_MSG_KEXINIT".

I fear that I missed something elementary, and thus am happy on any comment on the additional information below.

Thank you

Christian

zh10015@ana:~$ ssh -v usba...@10.0.0.1
OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g  1 Mar 2016

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug1: Connecting to 10.0.0.1 [10.0.0.1] port 22.

debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/zh10015/.ssh/id_rsa type -1
.... (more protocol 1 not found..)
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u2
debug1: match: OpenSSH_6.7p1 Debian-5+deb8u2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.1:22 as 'usbarmory'
debug1: SSH2_MSG_KEXINIT sent
Connection reset by 10.0.0.1 port 22

ifconfig:
usb0      Link encap:Ethernet  HWaddr 1a:55:89:a2:69:42 
          inet addr:10.0.0.2  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::1855:89ff:fea2:6942/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:75 errors:0 dropped:0 overruns:0 frame:0
          TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4908 (4.9 KB)  TX bytes:7572 (7.5 KB)

wlan0     Link encap:Ethernet  HWaddr 00:13:e8:70:5f:a3 
          inet addr:10.0.0.8  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::213:e8ff:fe70:5fa3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:60 errors:0 dropped:0 overruns:0 frame:0
          TX packets:220 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:16007 (16.0 KB)  TX bytes:30498 (30.4 KB)

dmesg:
[ 2093.544176] usb 2-2: new high-speed USB device number 3 using ehci-pci
[ 2093.678626] usb 2-2: New USB device found, idVendor=0525, idProduct=a4a2
[ 2093.678636] usb 2-2: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[ 2093.678644] usb 2-2: Product: RNDIS/Ethernet Gadget
[ 2093.678651] usb 2-2: Manufacturer: Linux 4.6.1 with 53f80000.usb
[ 2093.685750] cdc_ether 2-2:1.0 usb0: register 'cdc_ether' at usb-0000:00:1d.7-2, CDC Ethernet Device, 1a:55:89:a2:69:42
[ 2093.748885] IPv6: ADDRCONF(NETDEV_UP): usb0: link is not ready
[ 2093.749085] cdc_ether 2-2:1.0 usb0: kevent 12 may have been dropped
[ 2093.749093] cdc_ether 2-2:1.0 usb0: kevent 12 may have been dropped
[ 2093.786753] IPv6: ADDRCONF(NETDEV_UP): usb0: link is not ready
[ 2097.781112] IPv6: ADDRCONF(NETDEV_CHANGE): usb0: link becomes ready
[ 2097.781123] cdc_ether 2-2:1.0 usb0: kevent 12 may have been dropped

[Andrea Barisani]

On Sun, Oct 23, 2016 at 4:25 PM, <christia...@gmail.com> wrote:

Dear all, Dear Andrea,

comming back to this issue, unfortunately. I've switched OS (now Ubuntu 16 LTS) and I've diabled the network renaming, so that everything runs with usb0.

When I connect now I finally get to the ssh command with the result that the connection is refused after the host sends the "SSH2_MSG_KEXINIT".

I fear that I missed something elementary, and thus am happy on any comment on the additional information below.

Thank you

Christian

Your usb0 and wlan0 are in conflict as they are both serving network 10.0.0.0/24 (note that wlan0 is 10.0.0.8).

You need a network setup without conflicts, so either change your wireless AP addressing or change the subnet used on the USB armory image (to do so you have to mount and edit the microSD card contents).

Cheers

 

--
You received this message because you are subscribed to the Google Groups "USB armory" group.
To unsubscribe from this group and stop receiving emails from it, send an email to usbarmory+unsubscribe@googlegroups.com.
To post to this group, send email to usba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/usbarmory/12f6237c-7759-4681-81d5-f312e5efc8c1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[christia...@gmail.com]

Dear Andrea,

thank you for your guidance, but although the ping to 10.0.0.1 works, I still get:

debug1: Authenticating to 10.0.0.1:22 as 'usbarmory'

debug1: SSH2_MSG_KEXINIT sent

Connection reset by 10.0.0.1 port 22

IP wise ifconfig looks like:

root@anakin-T61:/home/zh10015# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1a:6b:ce:52:69  

          inet addr:192.168.127.202  Bcast:192.168.127.255  Mask:255.255.255.0

          inet6 addr: fe80::21a:6bff:fece:5269/64 Scope:Link

...

lo        Link encap:Local Loopback  

          inet addr:127.0.0.1  Mask:255.0.0.0

          inet6 addr: ::1/128 Scope:Host

          UP LOOPBACK RUNNING  MTU:65536  Metric:1

... 

usb0      Link encap:Ethernet  HWaddr 1a:55:89:a2:69:42  

          inet addr:10.0.0.2  Bcast:10.0.0.255  Mask:255.255.255.0

          inet6 addr: fe80::1855:89ff:fea2:6942/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:81 errors:0 dropped:0 overruns:0 frame:0

          TX packets:83 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000 

          RX bytes:5363 (5.3 KB)  TX bytes:12986 (12.9 KB)

-> so I guess usb0 with 10.0.0.2 should no longer be an issue.

dmesg lokks like this:

[ 3230.544171] usb 2-2: new high-speed USB device number 7 using ehci-pci

[ 3230.682053] usb 2-2: New USB device found, idVendor=0525, idProduct=a4a2

[ 3230.682064] usb 2-2: New USB device strings: Mfr=1, Product=2, SerialNumber=0

[ 3230.682072] usb 2-2: Product: RNDIS/Ethernet Gadget

[ 3230.682079] usb 2-2: Manufacturer: Linux 4.6.1 with 53f80000.usb

[ 3230.689046] cdc_ether 2-2:1.0 usb0: register 'cdc_ether' at usb-0000:00:1d.7-2, CDC Ethernet Device, 1a:55:89:a2:69:42

[ 3230.751914] IPv6: ADDRCONF(NETDEV_UP): usb0: link is not ready

[ 3230.752346] cdc_ether 2-2:1.0 usb0: kevent 12 may have been dropped

[ 3234.535133] cdc_ether 2-2:1.0 usb0: kevent 12 may have been dropped

I did set the IPv6 to "ignore" in the network setting (the network app in the system settings of my ubuntu 16 but it shows up as not ready - issue?

Also I did run:

# /sbin/ip link set usb0 up

# /sbin/ip addr add 10.0.0.2/24 dev usb0

RTNETLINK answers: File exists       <- I did it several times....

# /sbin/iptables -t nat -A POSTROUTING -s 10.0.0.1/32 -o wlan0 -j MASQUERADE

# echo 1 > /proc/sys/net/ipv4/ip_forward

Can you see what I do wrong in the configuration of the network?

Thank you (again!)

Christian

To unsubscribe from this group and stop receiving emails from it, send an email to usbarmory+...@googlegroups.com.

[Andrea Barisani]

Please provide the output of 'ip route -a' and 'ip addr', also ensure that no firewall rule is affecting that flow.

Thanks

> To view this discussion on the web visit https://groups.google.com/d/msgid/usbarmory/3d49fd72-df6f-4456-82b3-956002d7a402%40googlegroups.com.

[christia...@gmail.com]

Dear Andrea
as requested ip route and ip addr (there isn't a -a option on my ubuntu 16). The thing that I don't understand is the 169...-IP, that doesn't show with ifconfig or in the GUI of network manager..(and I've eth0, i.e. the ethernet network on DHCP)
Let me know if you see somathing that would explain the "connection reset" by ssh.
Christian

# ip route
default via 192.168.127.200 dev eth0  proto static  metric 100
default via 10.0.0.2 dev usb0  proto static  metric 101
10.0.0.0/24 dev usb0  proto kernel  scope link  src 10.0.0.2  metric 100
169.254.0.0/16 dev eth0  scope link  metric 1000
192.168.127.0/24 dev eth0  proto kernel  scope link  src 192.168.127.202  metric 100

ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:1a:6b:ce:52:69 brd ff:ff:ff:ff:ff:ff
    inet 192.168.127.202/24 brd 192.168.127.255 scope global dynamic eth0
       valid_lft 946079345sec preferred_lft 946079345sec
    inet6 fe80::21a:6bff:fece:5269/64 scope link
       valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:13:e8:70:5f:a3 brd ff:ff:ff:ff:ff:ff
4: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 1a:55:89:a2:69:42 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.2/24 brd 10.0.0.255 scope global usb0
       valid_lft forever preferred_lft forever
    inet6 fe80::1855:89ff:fea2:6942/64 scope link
       valid_lft forever preferred_lft forever

ssh -v output

debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u2
debug1: match: OpenSSH_6.7p1 Debian-5+deb8u2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.1:22 as 'usbarmory'
debug1: SSH2_MSG_KEXINIT sent
Connection reset by 10.0.0.1 port 22

On Sunday, 3 July 2016 15:20:32 UTC+2, christia...@gmail.com wrote:

[Andrea Barisani]

Have you tried re-imaging the microSD from scratch?

Networking wise you have a duplicate default route, but this doesn't affect the specific problem that you are debugging. The route towards usb0 looks correct.

So I see two options:

  1) for some reason creation of the SSH host keys failed at the first boot of the USB armory (can happen if it's plugged, prematurely disconnected and then re-plugged), please re-image the microSD and retry

  2) you have a firewall rule that DROPs the SSH connection to the USB armory

 

--
You received this message because you are subscribed to the Google Groups "USB armory" group.

To unsubscribe from this group and stop receiving emails from it, send an email to usbarmory+unsubscribe@googlegroups.com.

To post to this group, send email to usba...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/usbarmory/bf6f98ce-d4a2-4a7e-915e-16238a80643f%40googlegroups.com.

[christia...@gmail.com]

Dear Andrea,
I did turn off the firewall (# ufw disable) to check out option 2, but the answer "Connection reset by 10.0.0.1 port 22" still happens.
I'll now re-image and let you know the result.
Thank you
Christian

PS: no immediate reply required..

On Sunday, 3 July 2016 15:20:32 UTC+2, christia...@gmail.com wrote:

[christia...@gmail.com]

Dear Andrea,

no joy with the re-imaging.

Then I did insert another SD card, loaded it with a Kali-Linux, did the configuration (RNDIS and ssh of the kali-image) that I found in another discussion, and - quelle surprise -  my Windows can open a connection to the kali-sdcard. So far so good.

I did then change the 10.0.0.1/2 addresses configures on my ubuntu (to the windows 192.168.137.1/2) and tried to connect -> the authentication runs through to the request for the password and fails :-(    (the same password that works from the windows machine....)

Now I just think, that the problem may come from the ssh end on my ubuntu-machine..

Well this just as an update.

Cheers Christian


PS: .... the end of the ssh -v output
debug1: Next authentication method: password
ro...@192.168.137.2's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
ro...@192.168.137.2's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
ro...@192.168.137.2's password:
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
Permission denied (publickey,password).

[Andrea Barisani]

On Thursday, November 17, 2016 at 7:23:51 PM UTC+1, christia...@gmail.com wrote:

Dear Andrea,

no joy with the re-imaging.

Then I did insert another SD card, loaded it with a Kali-Linux, did the configuration (RNDIS and ssh of the kali-image) that I found in another discussion, and - quelle surprise -  my Windows can open a connection to the kali-sdcard. So far so good.

I did then change the 10.0.0.1/2 addresses configures on my ubuntu (to the windows 192.168.137.1/2) and tried to connect -> the authentication runs through to the request for the password and fails :-(    (the same password that works from the windows machine....)

Now I just think, that the problem may come from the ssh end on my ubuntu-machine..

Well this just as an update.

Cheers Christian

The fact that you can connect to the USB armory from your windows machine confirms that the board works fine, therefore it's just some network misconfiguration that prevents you from connecting to it successfully from Ubuntu.

I recommend that:

  1. you ensure that your Ubuntu network interface routes is correctly configured to route whatever IP address you have configured on the USB armory to its interface

  2. no firewall are in place

  3. that you are connecting with the right username/password for the distribution you are running on the USB armory

I am not sure why you are using 192.168.137.x network now, be aware that recent Kali images also use 10.0.0.1/24 on the USB armory just like our Debian one.

I hope this helps.

Cheers

[ber...@marcade.biz]

‘I am not sure why you are using 192.168.137.x network now, be aware that recent Kali images also use 10.0.0.1/24 on the USB armory just like our Debian one.’

What seems to be happening here is that modern Debian systems, and derivatives such as Ubuntu have a daemon that automatically sets the IP address of devices it finds on the USB ports to an address in this network.  Rather than re-configuring the daemon it is simpler to run:

/sbin/ip link set usb0 down

before the other commands.  My one caveat is that you don’t want the daemon to re-set the address before you have had a chance to set it up yourself.  So it is probably best to run the commands from a script.