Can't ssh to sshuttle server

[rob3rt...@gmail.com]

This is my server command. 

 sshuttle -l 0.0.0.0 -vvr remote-server 0/0

Afterwards I try to ssh to this machine and it eventually times out: see ssh connect output below. Any ideas? I can connect with a key when sshuttle isn't running fine. 

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_ecdsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_ecdsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_ed25519 type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_ed25519-cert type -1

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u2

ssh_exchange_identification: Connection closed by remote host

[Brian May]

rob3rt...@gmail.com writes:

> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rob/.ssh/id_ecdsa type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rob/.ssh/id_ecdsa-cert type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rob/.ssh/id_ed25519 type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rob/.ssh/id_ed25519-cert type -1
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u2
> ssh_exchange_identification: Connection closed by remote host

Looks like something is going wrong with the ssh connection to the
server, or ssh on the remote server.

AFAIK The next line is suppose to be something along the lines of
"debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u2"

Sorry, I don't think I can help you here. Suggest you turn debugging on
at the server and see if that shows any problems.
--
Brian May <br...@microcomaustralia.com.au>

[rob3rt...@gmail.com]

Thanks Brian. Here's complete output from both sides. 

# sshuttle -l 0.0.0.0 --dns -vvr 123u 0/0

Starting sshuttle proxy.

firewall manager: Starting firewall with Python version 2.7.12

firewall manager: ready method name nat.

IPv6 enabled: False

UDP enabled: False

DNS enabled: True

Binding redirector: 12300

TCP redirector listening on ('0.0.0.0', 12300).

TCP redirector listening with <socket._socketobject object at 0x7fdf3a16fc90>.

Binding DNS: 12300

DNS listening on ('0.0.0.0', 12300).

DNS listening with <socket._socketobject object at 0x7fdf3a16fd00>.

Starting client with Python version 2.7.12

c : connecting to server...

c : executing: ['ssh', '123u', '--', 'exec /bin/sh -c \'P=python3.5; $P -V 2>/dev/null || P=python; exec "$P" -c \'"\'"\'import sys, os; verbosity=2; sys.stdin = os.fdopen(0, "rb"); exec(compile(sys.stdin.read(958), "assembler.py", "exec"))\'"\'"\'\'']

c :  > channel=0 cmd=PING len=7 (fullness=0)

server: assembling u'sshuttle' (7 bytes)

server: assembling u'sshuttle.cmdline_options' (27 bytes)

server: assembling u'sshuttle.helpers' (949 bytes)

server: assembling u'sshuttle.ssnet' (5540 bytes)

server: assembling u'sshuttle.hostwatch' (2361 bytes)

server: assembling u'sshuttle.server' (3091 bytes)

Starting server with Python version 2.7.6

 s: latency control setting = True

 s: available routes:

 s:   2/172.27.224.0/20

 s:  > channel=0 cmd=PING len=7 (fullness=0)

 s:  > channel=0 cmd=ROUTES len=18 (fullness=7)

 s: Waiting: 1 r=[4] w=[5] x=[] (fullness=25/0)

 s:   Ready: 1 r=[] w=[5] x=[]

 s: mux wrote: 15/15

 s: Waiting: 1 r=[4] w=[5] x=[] (fullness=25/0)

 s:   Ready: 1 r=[] w=[5] x=[]

 s: mux wrote: 26/26

 s: Waiting: 1 r=[4] w=[] x=[] (fullness=25/0)

c : Connected.

c : Waiting: 3 r=[4, 7, 10] w=[10] x=[] (fullness=7/0)

c :   Ready: 3 r=[10] w=[10] x=[]

c : <  channel=0 cmd=PING len=7

c :  > channel=0 cmd=PONG len=7 (fullness=7)

c : <  channel=0 cmd=ROUTES len=18

firewall manager: Got subnets: [(2, 0, False, '0.0.0.0'), (2, 8, True, '127.0.0.1')]

firewall manager: Got partial nslist: [(2, '192.168.5.6')]

firewall manager: Got partial nslist: [(2, '192.168.5.6'), (2, '192.168.5.4')]

firewall manager: Got nslist: [(2, '192.168.5.6'), (2, '192.168.5.4')]

firewall manager: Got ports: 0,12300,0,12300

firewall manager: Got udp: False

firewall manager: setting up.

firewall manager: setting up IPv4.

>> iptables -t nat -N sshuttle-12300

>> iptables -t nat -F sshuttle-12300

>> iptables -t nat -I OUTPUT 1 -j sshuttle-12300

>> iptables -t nat -I PREROUTING 1 -j sshuttle-12300

>> iptables -t nat -A sshuttle-12300 -j RETURN --dest 127.0.0.1/8 -p tcp

>> iptables -t nat -A sshuttle-12300 -j REDIRECT --dest 0.0.0.0/0 -p tcp --to-ports 12300 -m ttl ! --ttl 42

>> iptables -t nat -A sshuttle-12300 -j REDIRECT --dest 192.168.5.6/32 -p udp --dport 53 --to-ports 12300 -m ttl ! --ttl 42

>> iptables -t nat -A sshuttle-12300 -j REDIRECT --dest 192.168.5.4/32 -p udp --dport 53 --to-ports 12300 -m ttl ! --ttl 42

c : mux wrote: 15/15

c : mux wrote: 15/15

c : Waiting: 3 r=[4, 7, 10] w=[] x=[] (fullness=14/0)

 s:   Ready: 1 r=[4] w=[] x=[]

 s: <  channel=0 cmd=PING len=7

 s:  > channel=0 cmd=PONG len=7 (fullness=25)

 s: <  channel=0 cmd=PONG len=7

 s: received PING response

 s: mux wrote: 15/15

 s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)

c :   Ready: 3 r=[10] w=[] x=[]

c : <  channel=0 cmd=PONG len=7

c : received PING response

c : Waiting: 3 r=[4, 7, 10] w=[] x=[] (fullness=0/0)

c :   Ready: 3 r=[4] w=[] x=[]

c : Accept TCP: 192.168.5.96:53818 -> 192.168.5.22:22.

c :  > channel=1 cmd=TCP_CONNECT len=17 (fullness=0)

c : new channel: 1

c : Waiting: 4 r=[4, 7, 8, 10] w=[10] x=[] (fullness=17/0)

c :   Ready: 4 r=[8] w=[10] x=[]

c : mux wrote: 25/25

c :  > channel=1 cmd=TCP_DATA len=39 (fullness=17)

c : Waiting: 4 r=[4, 7, 8, 10] w=[10] x=[] (fullness=56/0)

c :   Ready: 4 r=[] w=[10] x=[]

c : mux wrote: 47/47

c : Waiting: 4 r=[4, 7, 8, 10] w=[] x=[] (fullness=56/0)

 s:   Ready: 1 r=[4] w=[] x=[]

 s: <  channel=1 cmd=TCP_CONNECT len=17

 s: Connecting to 192.168.5.22:22

 s: new channel: 1

 s: Waiting: 2 r=[4] w=[6] x=[] (fullness=0/0)

 s:   Ready: 2 r=[4] w=[] x=[]

 s: <  channel=1 cmd=TCP_DATA len=39

 s: Waiting: 2 r=[4] w=[6] x=[] (fullness=0/0)

 s:   Ready: 2 r=[] w=[6] x=[]

 s: SW#6:192.168.5.22:22: done writing

 s: SW#6:192.168.5.22:22: done reading

 s: SW#6:192.168.5.22:22: uwrite: got EPIPE

 s: SW'unknown':Mux#1: done writing

 s:  > channel=1 cmd=TCP_EOF len=0 (fullness=0)

 s: SW'unknown':Mux#1: done reading

 s:  > channel=1 cmd=TCP_STOP_SENDING len=0 (fullness=0)

 s: SW'unknown':Mux#1: closing connection

 s: Waiting: 1 r=[4] w=[5] x=[] (fullness=0/0)

 s:   Ready: 1 r=[] w=[5] x=[]

 s: mux wrote: 8/8

 s: SW'unknown':Mux#1: deleting (1 remain)

 s: SW#6:192.168.5.22:22: deleting (0 remain)

 s: SW#6:192.168.5.22:22: error was: [Errno 110] Connection timed out

 s: Waiting: 1 r=[4] w=[5] x=[] (fullness=0/0)

 s:   Ready: 1 r=[] w=[5] x=[]

 s: mux wrote: 8/8

 s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)

c :   Ready: 4 r=[10] w=[] x=[]

c : <  channel=1 cmd=TCP_EOF len=0

c : SW'unknown':Mux#1: done reading

c :  > channel=1 cmd=TCP_STOP_SENDING len=0 (fullness=56)

c : <  channel=1 cmd=TCP_STOP_SENDING len=0

c : SW'unknown':Mux#1: done writing

c :  > channel=1 cmd=TCP_EOF len=0 (fullness=56)

c : SW'unknown':Mux#1: closing connection

c : mux wrote: 8/8

c : mux wrote: 8/8

c : SW#8:192.168.5.96:53818: done writing

c : SW#8:192.168.5.96:53818: done reading

c : Waiting: 4 r=[4, 7, 10] w=[] x=[] (fullness=56/0)

 s:   Ready: 1 r=[4] w=[] x=[]

 s: <  channel=1 cmd=TCP_STOP_SENDING len=0

 s: warning: closed channel 1 got cmd=TCP_STOP_SENDING len=0

 s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)

 s:   Ready: 1 r=[4] w=[] x=[]

 s: <  channel=1 cmd=TCP_EOF len=0

 s: warning: closed channel 1 got cmd=TCP_EOF len=0

 s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)

OpenSSH_6.7p1 Debian-5+deb8u2, OpenSSL 1.0.1t  3 May 2016

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug2: ssh_connect: needpriv 0

debug1: Connecting to 192.168.5.22 [192.168.5.22] port 22.

debug1: Connection established.

debug1: identity file /home/rob/.ssh/id_rsa type 1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_rsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_dsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_dsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_ecdsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_ecdsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_ed25519 type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/rob/.ssh/id_ed25519-cert type -1

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u2

ssh_exchange_identification: Connection closed by remote host

[rob3rt...@gmail.com]

Also it's not only SSH that's affected by starting sshuttle on this box. I also can't connect to the SAMBA server once sshuttle runs but it's fine once sshuttle dies, ideas? 

[Brian May]

rob3rt...@gmail.com writes:

> Thanks Brian. Here's complete output from both sides.

Sorry, you will have to look at the sshd server output.

This looks very much like a sshd connection issue, nothing to do with
sshuttle.
--
Brian May <br...@microcomaustralia.com.au>

[Brian May]

rob3rt...@gmail.com writes:

> Also it's not only SSH that's affected by starting sshuttle on this box. I
> also can't connect to the SAMBA server once sshuttle runs but it's fine
> once sshuttle dies, ideas?

You told it to redirect *all* traffic via ssh. However it couldn't
establish the ssh connection. So this is expected behaviour.
--
Brian May <br...@microcomaustralia.com.au>

[Brian May]

Brian May <br...@microcomaustralia.com.au> writes:

> Sorry, you will have to look at the sshd server output.

I am getting confused here I thought you were saying it wasn't
connecting at all.

However these logs suggest everything is working fine.

Up to the point when it stopped running. Did you stop it, or did it stop
itself?
--
Brian May <br...@microcomaustralia.com.au>

[rob3rt...@gmail.com]

It stopped itself. It initially establishes a ssh connection but then gets hung up on something, times out and dies.

[Brian May]

rob3rt...@gmail.com writes:

> It stopped itself. It initially establishes a ssh connection but then gets
> hung up on something, times out and dies.

Just a thought, maybe the remote ssh server automatically closes idle
connections?
--
Brian May <br...@microcomaustralia.com.au>