2011-04-18 08:05:22     SSH with Tunneling failure BF531

Document created by Aaronwu Employee on Aug 26, 2013
Version 1Show Document
  • View in full screen mode

2011-04-18 08:05:22     SSH with Tunneling failure BF531

Shyam sundar (INDIA)

Message: 99941   

 

Hello world,

 

I am trying to do a ssh with tunneling option in 2009 version but I am not able to do so.

 

I have enabled tunneling option and also enabled IP forwarding by giving the command

 

echo 1 >  /proc/sys/net/ipv4/ip_forward

 

The normal ssh works fine, but tunneling is failing.

 

For ssh connection I am trying to use a file config option.The following are the options specified in the file

 

Do I need to enable any other config in the make menuconfig

 

 

# This is the ssh client system-wide configuration file.  See

# ssh_config(5) for more information.  This file provides defaults for

# users, and the values can be changed in per-user configuration files

# or on the command line.

 

# Configuration data is parsed as follows:

#  1. command line options

#  2. user-specific file

#  3. system-wide file

# Any configuration value is only changed the first time it is set.

# Thus, host-specific definitions should be at the beginning of the

# configuration file, and defaults at the end.

 

# Site-wide defaults for some commonly used options.  For a comprehensive

# list of available options, their meanings and defaults, please see the

# ssh_config(5) man page.

 

Host *

#   ForwardAgent no

#   ForwardX11 no

#   ForwardX11Trusted yes

#   RhostsRSAAuthentication no

#   RSAAuthentication yes

#   PasswordAuthentication yes

#   HostbasedAuthentication no

#   GSSAPIAuthentication no

#   GSSAPIDelegateCredentials no

#   GSSAPIKeyExchange no

#   GSSAPITrustDNS no

#   BatchMode no

#   CheckHostIP yes

#   AddressFamily any

#   ConnectTimeout 0

#   StrictHostKeyChecking ask

#   IdentityFile ~/.ssh/identity

#   IdentityFile ~/.ssh/id_rsa

#   IdentityFile ~/.ssh/id_dsa

#   Port 22

#   Protocol 2,1

#   Cipher 3des

#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc

#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160

#   EscapeChar ~

#   Tunnel no

#   TunnelDevice any:any

#   PermitLocalCommand no

#   VisualHostKey no

    SendEnv LANG LC_*

    HashKnownHosts yes

    GSSAPIAuthentication yes

    GSSAPIDelegateCredentials no

    Tunnel yes

 

 

 

root:/> cat /proc/net/dev

Inter-|   Receive                                                |  Transmit

face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed

    lo:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0

tunl0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0

  ppp0:    7098      47    1    0    0     0          0         0     5680      56    0    0    0     0       0          0

root:/> ssh -NCfv -F /etc/ssh/ssh_config -w 0:0 root@x.x.x.x

OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Applying options for *

/etc/ssh/ssh_config line 51: Unsupported option "GSSAPIAuthentication"

/etc/ssh/ssh_config line 52: Unsupported option "GSSAPIDelegateCredentials"

debug1: Connecting to x.x.x.x [x.x.x.x] port 22.

debug1: connect to address x.x.x.x port 22: No route to host

ssh: connect to host x.x.x.x port 22: No route to host

root:/> ifconfig

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

 

ppp0      Link encap:Point-to-Point Protocol

          inet addr:110.225.161.111  P-t-P:10.0.0.1  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1

          RX packets:48 errors:1 dropped:0 overruns:0 frame:0

          TX packets:58 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3

          RX bytes:7186 (7.0 KiB)  TX bytes:5800 (5.6 KiB)

 

root:/> ssh -NCfv -F /etc/ssh/ssh_config -w 0:0 root@x.x.x.x

OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Applying options for *

/etc/ssh/ssh_config line 51: Unsupported option "GSSAPIAuthentication"

/etc/ssh/ssh_config line 52: Unsupported option "GSSAPIDelegateCredentials"

debug1: Connecting to x.x.x.x [x.x.x.x] port 22.

debug1: Connection established.

debug1: permanently_set_uid: 0/0

debug1: identity file /root/.ssh/identity type -1

debug1: identity file /root/.ssh/id_rsa type -1

debug1: identity file /root/.ssh/id_dsa type -1

debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-6ubuntu2

debug1: match: OpenSSH_5.1p1 Debian-6ubuntu2 pat OpenSSH*

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_5.1

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: server->client aes128-cbc hmac-md5 zlib@openssh.com

debug1: kex: client->server aes128-cbc hmac-md5 zlib@openssh.com

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

debug1: Host 'x.x.x.x' is known and matches the RSA host key.

debug1: Found key in /root/.ssh/known_hosts:1

debug1: ssh_rsa_verify: signature correct

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,password

debug1: Next authentication method: publickey

debug1: Trying private key: /root/.ssh/identity

debug1: Trying private key: /root/.ssh/id_rsa

debug1: Trying private key: /root/.ssh/id_dsa

debug1: Next authentication method: password

root@x.x.x.x's password:

debug1: Enabling compression at level 6.

debug1: Authentication succeeded (password).

debug1: Requesting tun unit 0 in mode 1

debug1: sys_tun_open: failed to open tunnel control interface: No such file or directory

Tunnel device open failed.

Could not request tunnel forwarding.

debug1: Requesting no-more-sessions@openssh.com

daemon() failed: No such file or directory

QuoteReplyEditDelete

 

 

2011-04-18 10:03:15     Re: SSH with Tunneling failure BF531

Mike Frysinger (UNITED STATES)

Message: 99942   

 

the first error is most likely a problem with your network settings and not ssh:

ssh: connect to host x.x.x.x port 22: No route to host

 

for the second one, run it through strace or read the source code to see what it's talking about:

debug1: sys_tun_open: failed to open tunnel control interface: No such file or directory

QuoteReplyEditDelete

 

 

2011-04-19 00:53:18     Re: SSH with Tunneling failure BF531

Shyam sundar (INDIA)

Message: 99953   

 

Hello Mike,

 

I enabled strace and got the following response. It is visible that  it is not able to open /dev/net/tun as that device is not available.When I give cat /proc/net/dev,I am able to see the tunlo device.

 

Is there something I am missing in make menuconfig ? How can I add tun to device list?

 

root:/> cat /proc/net/dev

Inter-|   Receive                                                |  Transmit

face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed

    lo:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0

tunl0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0

  ppp0:    2691      19    1    0    0     0          0         0     2331      23    0    0    0     0       0          0

 

 

 

 

write(2, "debug1: Authentication succeeded "..., 46debug1: Authentication succeeded (password).

) = 46

write(2, "debug1: Requesting tun unit 0 in "..., 41debug1: Requesting tun unit 0 in mode 1

) = 41

open("/dev/net/tun", O_RDWR|O_LARGEFILE) = -1 ENOENT (No such file or directory)

write(2, "debug1: sys_tun_open: failed to o"..., 90debug1: sys_tun_open: failed to open tunnel control interface: No such file or directory

) = 90

write(2, "Tunnel device open failed.\r\n"..., 28Tunnel device open failed.

) = 28

write(2, "Could not request tunnel forwardi"..., 38Could not request tunnel forwarding.

) = 38

write(2, "debug1: Requesting no-more-sessio"..., 49debug1: Requesting no-more-sessions@openssh.com

) = 49

write(2, "daemon() failed: No such file or "..., 44daemon() failed: No such file or directory

) = 44

_exit(255)                              = ?

QuoteReplyEditDelete

 

 

2011-04-19 00:57:17     Re: SSH with Tunneling failure BF531

Shyam sundar (INDIA)

Message: 99954   

 

Now I have enable TAP/TUN feature!!

 

I think it should work now

QuoteReplyEditDelete

 

 

2011-04-19 01:29:31     Re: SSH with Tunneling failure BF531

Shyam sundar (INDIA)

Message: 99955   

 

Hello world,

 

Though I have enabled Universal TUN/TAP device driver support in the make menuconfig

 

I am not able to find /dev/net/tun, but I do see /dev/tun

 

Do I need to change the the source code in ssh where it opens /dev/net/tun

 

 

 

## Booting kernel from Legacy Image at 01000000 ...

   Image Name:   Linux-2.6.28.10-ADI-2009R1.1-svn

   Created:      2011-04-19   4:59:14 UTC

   Image Type:   Blackfin Linux Kernel Image (gzip compressed)

   Data Size:    5210244 Bytes =  5 MB

   Load Address: 00001000

   Entry Point:  0015ee24

   Verifying Checksum ... OK

   Uncompressing Kernel Image ... OK

Starting Kernel at = 0015ee24

Linux version 2.6.28.10-ADI-2009R1.1-svn9124 (root@shyam-laptop) (gcc version 4.1.2 (ADI svn)) #54 Tue Apr 19 10:29:05 IST 2011

bootconsole [early_shadow0] enabled

bootconsole [early_BFuart0] enabled

early printk enabled on early_BFuart0

Warning: limiting memory to 31MB due to hardware anomaly 05000263

Board Memory: 32MB

Kernel Managed Memory: 32MB

Memory map:

  fixedcode = 0x00000400-0x00000490

  text      = 0x00001000-0x000ea6c0

  rodata    = 0x000ea6c0-0x00134300

  bss       = 0x00135000-0x00145418

  data      = 0x00145418-0x00154000

    stack   = 0x00152000-0x00154000

  init      = 0x00154000-0x00a37000

  available = 0x00a37000-0x01eff000

  DMA Zone  = 0x01f00000-0x02000000

Hardware Trace Active and Enabled

Boot Mode: 6

Reset caused by Software reset

Blackfin support (C) 2004-2009 Analog Devices, Inc.

Compiled for ADSP-BF533 Rev 0.3

Blackfin Linux support by   blackfin.uclinux.org/

Processor Speed: 393 MHz core clock and 78 MHz System Clock

NOMPU: setting up cplb tables

Instruction Cache Enabled for CPU0

Data Cache Enabled for CPU0 (write-back)

Built 1 zonelists in Zone order, mobility grouping off.  Total pages: 7873

Kernel command line: root=/dev/mtdblock0 rw clkin_hz=24576000 earlyprintk=serial,uart0,57600 console=ttyBF0,57600

Configuring Blackfin Priority Driven Interrupts

PID hash table entries: 128 (order: 7, 512 bytes)

console [ttyBF0] enabled, bootconsole disabled

console [ttyBF0] enabled, bootconsole disabled

Dentry cache hash table entries: 4096 (order: 2, 16384 bytes)

Inode-cache hash table entries: 2048 (order: 1, 8192 bytes)

Memory available: 20992k/32768k RAM, (9100k init code, 933k kernel code, 423k data, 1024k dma, 296k reserved)

Calibrating delay loop... 782.33 BogoMIPS (lpj=1564672)

Security Framework initialized

Mount-cache hash table entries: 512

Blackfin Scratchpad data SRAM: 4 KB

Blackfin L1 Data A SRAM: 16 KB (15 KB free)

Blackfin L1 Data B SRAM: 16 KB (16 KB free)

Blackfin L1 Instruction SRAM: 64 KB (52 KB free)

net_namespace: 288 bytes

NET: Registered protocol family 16

Blackfin DMA Controller

stamp_init(): registering device resources

NET: Registered protocol family 2

IP route cache hash table entries: 1024 (order: 0, 4096 bytes)

TCP established hash table entries: 1024 (order: 1, 8192 bytes)

TCP bind hash table entries: 1024 (order: 0, 4096 bytes)

TCP: Hash tables configured (established 1024 bind 1024)

TCP reno registered

NET: Registered protocol family 1

msgmni has been set to 41

io scheduler noop registered

io scheduler anticipatory registered (default)

io scheduler cfq registered

simple-gpio: now handling 16 GPIOs: 0 - 15

Serial: Blackfin serial driver

bfin-uart.1: ttyBF0 at MMIO 0xffc00400 (irq = 21) is a BFIN-UART

bfin-sport-uart.0: ttySS0 at MMIO 0xffc00800 (irq = 16) is a SPORT0

bfin-sport-uart.1: ttySS1 at MMIO 0xffc00900 (irq = 18) is a SPORT1

brd: module loaded

PPP generic driver version 2.4.2

tun: Universal TUN/TAP device driver, 1.6

tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>

bfin-spi bfin-spi.0: Blackfin on-chip SPI Controller Driver, Version 1.0, regs_base@ffc00500, dma channel@5

bfin-wdt: initialized: timeout=20 sec (nowayout=0)

IPv4 over IPv4 tunneling driver

TCP cubic registered

NET: Registered protocol family 17

Freeing unused kernel memory: 9100k freed

dma_alloc_init: dma_page @ 0x00a34000 - 256 pages at 0x01f00000

                           _____________________________________

        a8888b.           / Welcome to the uClinux distribution \

       d888888b.         /       _     _                         \

       8P"YP"Y88        /       | |   |_|            __  __ (TM)  |

       8|o||o|88  _____/        | |    _ ____  _   _ \ \/ /       |

       8'    .88       \        | |   | |  _ \| | | | \  /        |

       8`._.' Y8.       \       | |__ | | | | | |_| | /  \        |

      d/      `8b.       \      \____||_|_| |_|\____|/_/\_\       |

     dP   .    Y8b.       \   For embedded processors including   |

    d8:'  "  `::88b        \    the Analog Devices Blackfin      /

   d8"         'Y88b        \___________________________________/

  :8P    '      :888

   8a.   :     _a88P         For further information, check out:

._/"Yaa_:   .| 88P|            -   blackfin.uclinux.org/

\    YP"    `| 8P  `.          -   docs.blackfin.uclinux.org/

/     \.___.d|    .'           -   www.uclinux.org/

`--..__)8888P`._.'  jgs/a:f    -   www.analog.com/blackfin

 

Have a lot of fun...

 

 

BusyBox v1.13.4 (2011-04-19 09:30:13 IST) built-in shell (msh)

Enter 'help' for a list of built-in commands.

root:/> ls /dev/

console             gpio5               ram1                random

cpu_dma_latency     gpio6               ram10               stderr

fd                  gpio7               ram11               stdin

full                gpio8               ram12               stdout

gpio0               gpio9               ram13               tty

gpio1               kmsg                ram14               ttyBF0

gpio10              log                 ram15               ttySS0

gpio11              mem                 ram2                ttySS1

gpio12              network_latency     ram3                tun

gpio13              network_throughput  ram4                urandom

gpio14              null                ram5                watchdog

gpio15              ppp                 ram6                zero

gpio2               ptmx                ram7

gpio3               pts                 ram8

gpio4               ram0                ram9

QuoteReplyEditDelete

 

 

2011-04-19 01:32:02     Re: SSH with Tunneling failure BF531

Mike Frysinger (UNITED STATES)

Message: 99956   

 

move the device node yourself to the right place.  this is already fixed in newer releases.

QuoteReplyEditDelete

 

 

2011-04-19 01:52:26     Re: SSH with Tunneling failure BF531

Shyam sundar (INDIA)

Message: 99958   

 

How can I move the device node?

QuoteReplyEditDelete

 

 

2011-04-19 02:08:38     Re: SSH with Tunneling failure BF531

Shyam sundar (INDIA)

Message: 99960   

 

So will be adding

 

tun[0-9]* 0:0 0660 =net/

 

in the mdev.conf

QuoteReplyEditDelete

 

 

2011-04-19 02:10:23     Re: SSH with Tunneling failure BF531

Mike Frysinger (UNITED STATES)

Message: 99961   

 

`man mv`

QuoteReplyEditDelete

 

 

2011-04-19 03:04:04     Re: SSH with Tunneling failure BF531

Shyam sundar (INDIA)

Message: 99969   

 

Why do  I get the message daemon() failed?

 

strace ssh -NCvf -F /etc/ssh/ssh_config -w 0:0 root@x.x.x.x

 

Is this argument invalid?

 

When same command is being given from a PC it works !

 

mmap2(NULL, 69632, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x400000

mmap2(NULL, 69632, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x420000

mmap2(NULL, 69632, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x440000

mmap2(NULL, 69632, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x460000

write(2, "debug1: Authentication succeeded "..., 46debug1: Authentication succeeded (password).

) = 46

write(2, "debug1: Requesting tun unit 0 in "..., 41debug1: Requesting tun unit 0 in mode 1

) = 41

open("/dev/net/tun", O_RDWR|O_LARGEFILE) = 4

ioctl(4, TUNSETIFF, 0x8ff6a4)           = 0

write(2, "debug1: sys_tun_open: tun0 mode 1"..., 40debug1: sys_tun_open: tun0 mode 1 fd 4

) = 40

mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x2a4000

mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x2a6000

ioctl(4, SNDCTL_TMR_TIMEBASE or TCGETS, 0x8ff5f0) = -1 EINVAL (Invalid argument)

fcntl64(4, F_GETFL)                     = 0x20002 (flags O_RDWR|O_LARGEFILE)

fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK|O_LARGEFILE) = 0

fcntl64(4, F_GETFL)                     = 0x20802 (flags O_RDWR|O_NONBLOCK|O_LARGEFILE)

write(2, "debug1: channel 0: new [tun]\r\n"..., 30debug1: channel 0: new [tun]

) = 30

write(2, "debug1: Requesting no-more-sessio"..., 49debug1: Requesting no-more-sessions@openssh.com

) = 49

write(2, "daemon() failed: Invalid argument"..., 35daemon() failed: Invalid argument

) = 35

_exit(255)                              = ?

QuoteReplyEditDelete

 

 

2011-04-19 03:07:59     Re: SSH with Tunneling failure BF531

Shyam sundar (INDIA)

Message: 99970   

 

Hi Mike,

 

I added tun[0-9]* 0:0 0660 =net/

 

in the file uclinuxdist-2009R1/vendors/RITCoE/common/mdev.conf

 

and was able to set the device path as  /dev/net/tun from /dev/tun

QuoteReplyEditDelete

 

 

2011-04-19 03:09:38     Re: SSH with Tunneling failure BF531

Mike Frysinger (UNITED STATES)

Message: 99972   

 

i dont know ... you'd have to consult the source to see what it's doing.  strace doesnt currently work across forks (which is what daemon does).

Attachments

    Outcomes