2011-04-18 08:05:22 SSH with Tunneling failure BF531
Shyam sundar (INDIA)
Message: 99941
Hello world,
I am trying to do a ssh with tunneling option in 2009 version but I am not able to do so.
I have enabled tunneling option and also enabled IP forwarding by giving the command
echo 1 > /proc/sys/net/ipv4/ip_forward
The normal ssh works fine, but tunneling is failing.
For ssh connection I am trying to use a file config option.The following are the options specified in the file
Do I need to enable any other config in the make menuconfig
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
Host *
# ForwardAgent no
# ForwardX11 no
# ForwardX11Trusted yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# GSSAPIKeyExchange no
# GSSAPITrustDNS no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
Tunnel yes
root:/> cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
tunl0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ppp0: 7098 47 1 0 0 0 0 0 5680 56 0 0 0 0 0 0
root:/> ssh -NCfv -F /etc/ssh/ssh_config -w 0:0 root@x.x.x.x
OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
/etc/ssh/ssh_config line 51: Unsupported option "GSSAPIAuthentication"
/etc/ssh/ssh_config line 52: Unsupported option "GSSAPIDelegateCredentials"
debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
debug1: connect to address x.x.x.x port 22: No route to host
ssh: connect to host x.x.x.x port 22: No route to host
root:/> ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ppp0 Link encap:Point-to-Point Protocol
inet addr:110.225.161.111 P-t-P:10.0.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:48 errors:1 dropped:0 overruns:0 frame:0
TX packets:58 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:7186 (7.0 KiB) TX bytes:5800 (5.6 KiB)
root:/> ssh -NCfv -F /etc/ssh/ssh_config -w 0:0 root@x.x.x.x
OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
/etc/ssh/ssh_config line 51: Unsupported option "GSSAPIAuthentication"
/etc/ssh/ssh_config line 52: Unsupported option "GSSAPIDelegateCredentials"
debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-6ubuntu2
debug1: match: OpenSSH_5.1p1 Debian-6ubuntu2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 zlib@openssh.com
debug1: kex: client->server aes128-cbc hmac-md5 zlib@openssh.com
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'x.x.x.x' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: password
root@x.x.x.x's password:
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (password).
debug1: Requesting tun unit 0 in mode 1
debug1: sys_tun_open: failed to open tunnel control interface: No such file or directory
Tunnel device open failed.
Could not request tunnel forwarding.
debug1: Requesting no-more-sessions@openssh.com
daemon() failed: No such file or directory
QuoteReplyEditDelete
2011-04-18 10:03:15 Re: SSH with Tunneling failure BF531
Mike Frysinger (UNITED STATES)
Message: 99942
the first error is most likely a problem with your network settings and not ssh:
ssh: connect to host x.x.x.x port 22: No route to host
for the second one, run it through strace or read the source code to see what it's talking about:
debug1: sys_tun_open: failed to open tunnel control interface: No such file or directory
QuoteReplyEditDelete
2011-04-19 00:53:18 Re: SSH with Tunneling failure BF531
Shyam sundar (INDIA)
Message: 99953
Hello Mike,
I enabled strace and got the following response. It is visible that it is not able to open /dev/net/tun as that device is not available.When I give cat /proc/net/dev,I am able to see the tunlo device.
Is there something I am missing in make menuconfig ? How can I add tun to device list?
root:/> cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
tunl0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ppp0: 2691 19 1 0 0 0 0 0 2331 23 0 0 0 0 0 0
write(2, "debug1: Authentication succeeded "..., 46debug1: Authentication succeeded (password).
) = 46
write(2, "debug1: Requesting tun unit 0 in "..., 41debug1: Requesting tun unit 0 in mode 1
) = 41
open("/dev/net/tun", O_RDWR|O_LARGEFILE) = -1 ENOENT (No such file or directory)
write(2, "debug1: sys_tun_open: failed to o"..., 90debug1: sys_tun_open: failed to open tunnel control interface: No such file or directory
) = 90
write(2, "Tunnel device open failed.\r\n"..., 28Tunnel device open failed.
) = 28
write(2, "Could not request tunnel forwardi"..., 38Could not request tunnel forwarding.
) = 38
write(2, "debug1: Requesting no-more-sessio"..., 49debug1: Requesting no-more-sessions@openssh.com
) = 49
write(2, "daemon() failed: No such file or "..., 44daemon() failed: No such file or directory
) = 44
_exit(255) = ?
QuoteReplyEditDelete
2011-04-19 00:57:17 Re: SSH with Tunneling failure BF531
Shyam sundar (INDIA)
Message: 99954
Now I have enable TAP/TUN feature!!
I think it should work now
QuoteReplyEditDelete
2011-04-19 01:29:31 Re: SSH with Tunneling failure BF531
Shyam sundar (INDIA)
Message: 99955
Hello world,
Though I have enabled Universal TUN/TAP device driver support in the make menuconfig
I am not able to find /dev/net/tun, but I do see /dev/tun
Do I need to change the the source code in ssh where it opens /dev/net/tun
## Booting kernel from Legacy Image at 01000000 ...
Image Name: Linux-2.6.28.10-ADI-2009R1.1-svn
Created: 2011-04-19 4:59:14 UTC
Image Type: Blackfin Linux Kernel Image (gzip compressed)
Data Size: 5210244 Bytes = 5 MB
Load Address: 00001000
Entry Point: 0015ee24
Verifying Checksum ... OK
Uncompressing Kernel Image ... OK
Starting Kernel at = 0015ee24
Linux version 2.6.28.10-ADI-2009R1.1-svn9124 (root@shyam-laptop) (gcc version 4.1.2 (ADI svn)) #54 Tue Apr 19 10:29:05 IST 2011
bootconsole [early_shadow0] enabled
bootconsole [early_BFuart0] enabled
early printk enabled on early_BFuart0
Warning: limiting memory to 31MB due to hardware anomaly 05000263
Board Memory: 32MB
Kernel Managed Memory: 32MB
Memory map:
fixedcode = 0x00000400-0x00000490
text = 0x00001000-0x000ea6c0
rodata = 0x000ea6c0-0x00134300
bss = 0x00135000-0x00145418
data = 0x00145418-0x00154000
stack = 0x00152000-0x00154000
init = 0x00154000-0x00a37000
available = 0x00a37000-0x01eff000
DMA Zone = 0x01f00000-0x02000000
Hardware Trace Active and Enabled
Boot Mode: 6
Reset caused by Software reset
Blackfin support (C) 2004-2009 Analog Devices, Inc.
Compiled for ADSP-BF533 Rev 0.3
Blackfin Linux support by blackfin.uclinux.org/
Processor Speed: 393 MHz core clock and 78 MHz System Clock
NOMPU: setting up cplb tables
Instruction Cache Enabled for CPU0
Data Cache Enabled for CPU0 (write-back)
Built 1 zonelists in Zone order, mobility grouping off. Total pages: 7873
Kernel command line: root=/dev/mtdblock0 rw clkin_hz=24576000 earlyprintk=serial,uart0,57600 console=ttyBF0,57600
Configuring Blackfin Priority Driven Interrupts
PID hash table entries: 128 (order: 7, 512 bytes)
console [ttyBF0] enabled, bootconsole disabled
console [ttyBF0] enabled, bootconsole disabled
Dentry cache hash table entries: 4096 (order: 2, 16384 bytes)
Inode-cache hash table entries: 2048 (order: 1, 8192 bytes)
Memory available: 20992k/32768k RAM, (9100k init code, 933k kernel code, 423k data, 1024k dma, 296k reserved)
Calibrating delay loop... 782.33 BogoMIPS (lpj=1564672)
Security Framework initialized
Mount-cache hash table entries: 512
Blackfin Scratchpad data SRAM: 4 KB
Blackfin L1 Data A SRAM: 16 KB (15 KB free)
Blackfin L1 Data B SRAM: 16 KB (16 KB free)
Blackfin L1 Instruction SRAM: 64 KB (52 KB free)
net_namespace: 288 bytes
NET: Registered protocol family 16
Blackfin DMA Controller
stamp_init(): registering device resources
NET: Registered protocol family 2
IP route cache hash table entries: 1024 (order: 0, 4096 bytes)
TCP established hash table entries: 1024 (order: 1, 8192 bytes)
TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
TCP: Hash tables configured (established 1024 bind 1024)
TCP reno registered
NET: Registered protocol family 1
msgmni has been set to 41
io scheduler noop registered
io scheduler anticipatory registered (default)
io scheduler cfq registered
simple-gpio: now handling 16 GPIOs: 0 - 15
Serial: Blackfin serial driver
bfin-uart.1: ttyBF0 at MMIO 0xffc00400 (irq = 21) is a BFIN-UART
bfin-sport-uart.0: ttySS0 at MMIO 0xffc00800 (irq = 16) is a SPORT0
bfin-sport-uart.1: ttySS1 at MMIO 0xffc00900 (irq = 18) is a SPORT1
brd: module loaded
PPP generic driver version 2.4.2
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
bfin-spi bfin-spi.0: Blackfin on-chip SPI Controller Driver, Version 1.0, regs_base@ffc00500, dma channel@5
bfin-wdt: initialized: timeout=20 sec (nowayout=0)
IPv4 over IPv4 tunneling driver
TCP cubic registered
NET: Registered protocol family 17
Freeing unused kernel memory: 9100k freed
dma_alloc_init: dma_page @ 0x00a34000 - 256 pages at 0x01f00000
_____________________________________
a8888b. / Welcome to the uClinux distribution \
d888888b. / _ _ \
8P"YP"Y88 / | | |_| __ __ (TM) |
8|o||o|88 _____/ | | _ ____ _ _ \ \/ / |
8' .88 \ | | | | _ \| | | | \ / |
8`._.' Y8. \ | |__ | | | | | |_| | / \ |
d/ `8b. \ \____||_|_| |_|\____|/_/\_\ |
dP . Y8b. \ For embedded processors including |
d8:' " `::88b \ the Analog Devices Blackfin /
d8" 'Y88b \___________________________________/
:8P ' :888
8a. : _a88P For further information, check out:
._/"Yaa_: .| 88P| - blackfin.uclinux.org/
\ YP" `| 8P `. - docs.blackfin.uclinux.org/
/ \.___.d| .' - www.uclinux.org/
`--..__)8888P`._.' jgs/a:f - www.analog.com/blackfin
Have a lot of fun...
BusyBox v1.13.4 (2011-04-19 09:30:13 IST) built-in shell (msh)
Enter 'help' for a list of built-in commands.
root:/> ls /dev/
console gpio5 ram1 random
cpu_dma_latency gpio6 ram10 stderr
fd gpio7 ram11 stdin
full gpio8 ram12 stdout
gpio0 gpio9 ram13 tty
gpio1 kmsg ram14 ttyBF0
gpio10 log ram15 ttySS0
gpio11 mem ram2 ttySS1
gpio12 network_latency ram3 tun
gpio13 network_throughput ram4 urandom
gpio14 null ram5 watchdog
gpio15 ppp ram6 zero
gpio2 ptmx ram7
gpio3 pts ram8
gpio4 ram0 ram9
QuoteReplyEditDelete
2011-04-19 01:32:02 Re: SSH with Tunneling failure BF531
Mike Frysinger (UNITED STATES)
Message: 99956
move the device node yourself to the right place. this is already fixed in newer releases.
QuoteReplyEditDelete
2011-04-19 01:52:26 Re: SSH with Tunneling failure BF531
Shyam sundar (INDIA)
Message: 99958
How can I move the device node?
QuoteReplyEditDelete
2011-04-19 02:08:38 Re: SSH with Tunneling failure BF531
Shyam sundar (INDIA)
Message: 99960
So will be adding
tun[0-9]* 0:0 0660 =net/
in the mdev.conf
QuoteReplyEditDelete
2011-04-19 02:10:23 Re: SSH with Tunneling failure BF531
Mike Frysinger (UNITED STATES)
Message: 99961
`man mv`
QuoteReplyEditDelete
2011-04-19 03:04:04 Re: SSH with Tunneling failure BF531
Shyam sundar (INDIA)
Message: 99969
Why do I get the message daemon() failed?
strace ssh -NCvf -F /etc/ssh/ssh_config -w 0:0 root@x.x.x.x
Is this argument invalid?
When same command is being given from a PC it works !
mmap2(NULL, 69632, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x400000
mmap2(NULL, 69632, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x420000
mmap2(NULL, 69632, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x440000
mmap2(NULL, 69632, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x460000
write(2, "debug1: Authentication succeeded "..., 46debug1: Authentication succeeded (password).
) = 46
write(2, "debug1: Requesting tun unit 0 in "..., 41debug1: Requesting tun unit 0 in mode 1
) = 41
open("/dev/net/tun", O_RDWR|O_LARGEFILE) = 4
ioctl(4, TUNSETIFF, 0x8ff6a4) = 0
write(2, "debug1: sys_tun_open: tun0 mode 1"..., 40debug1: sys_tun_open: tun0 mode 1 fd 4
) = 40
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x2a4000
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS|0x4000000, 0, 0) = 0x2a6000
ioctl(4, SNDCTL_TMR_TIMEBASE or TCGETS, 0x8ff5f0) = -1 EINVAL (Invalid argument)
fcntl64(4, F_GETFL) = 0x20002 (flags O_RDWR|O_LARGEFILE)
fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK|O_LARGEFILE) = 0
fcntl64(4, F_GETFL) = 0x20802 (flags O_RDWR|O_NONBLOCK|O_LARGEFILE)
write(2, "debug1: channel 0: new [tun]\r\n"..., 30debug1: channel 0: new [tun]
) = 30
write(2, "debug1: Requesting no-more-sessio"..., 49debug1: Requesting no-more-sessions@openssh.com
) = 49
write(2, "daemon() failed: Invalid argument"..., 35daemon() failed: Invalid argument
) = 35
_exit(255) = ?
QuoteReplyEditDelete
2011-04-19 03:07:59 Re: SSH with Tunneling failure BF531
Shyam sundar (INDIA)
Message: 99970
Hi Mike,
I added tun[0-9]* 0:0 0660 =net/
in the file uclinuxdist-2009R1/vendors/RITCoE/common/mdev.conf
and was able to set the device path as /dev/net/tun from /dev/tun
QuoteReplyEditDelete
2011-04-19 03:09:38 Re: SSH with Tunneling failure BF531
Mike Frysinger (UNITED STATES)
Message: 99972
i dont know ... you'd have to consult the source to see what it's doing. strace doesnt currently work across forks (which is what daemon does).