PDA

Bekijk de volledige versie : ssh port tunneling/forwarding with dropbear: connect from any host?


joe_heaven
29-01-2006, 15:40
Hi,

I tried to setup a port forwarding from one computer (PC1) with a running OpenSSH on port 8022 to my ASUS WL-500g (Oleg 1.9.2.7-7b).

What I did and what is working:
1) Enabled dropbear 0.47 on WL-500g on boottime with following options:
dropbear -a -s -g -p 2225
Note that I included the "-a" switch.
2) Enabled public_key authorization
3) With putty on PC2 (connected directly to WL-500g) connect to WL-500g:
--> Everything works perfectly: No user prompt, no password, direct connection. OK up to here

Set up PC1:
1) Start OpenSSH (cygwin) on Port 8022
2) Check running sshd on PC1 with user/password authentication --> Perfect!
3) Initiate port forwarding on PC1:
plink -v -ssh -P 2225 -R 8022:pc1:8022 -i private.ppk admin@wl500g
Results:

Server version: SSH-2.0-dropbear_0.47
We claim version: SSH-2.0-PuTTY_Release_0.58
Using SSH protocol version 2
Using Diffie-Hellman with standard group "group1"
Doing Diffie-Hellman key exchange
Host key fingerprint is:
ssh-rsa 1040 *********************
Initialised AES-256 client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Using username "admin".
Reading private key file "private.ppk"
Offered public key
Offer of public key accepted
Authenticating with public key "rsa-key"
Access granted
Opened channel for session
Requesting remote port 8022 forward to pc1:8022
Remote port forwarding from 8022 enabled
Allocated pty (ospeed 38400bps, ispeed 38400bps)
Started a shell/command
4) Checking to connect to PC1 from ASUS:

[admin@WL500g root]$ ssh -l username -p 8022 localhost
Received remote port 8022 open request from 127.0.0.1:2300
Attempting to forward remote port to PC1:8022
Forwarded port opened successfully

--> Everything is fine! Local port 8022 on ASUS is forwarded to PC1. Good.

5) Connect from PC2 to PC1
putty on PC2 tries to connect to ASUS WL-500g on port 8022.
--> NOT WORKING!

It seems that everything is setup well, the port is forwarded, but no connection from another host than the WL-500g itself is allowed to connect to this port.

Why is that the case, even if I explicitely allowed
"-a Allow connections to forwarded ports from any host"
in my dropbear options?

I know this is a bit lengthy but I tried to include everything what might help and to rule out possible misunderstanding on what is working and what is not working. It is only the last inch of my way to connect from PC2 to PC1 that is missing.

Many thanks in advance and greeting from Cologne!

Jochen
joe_heaven
30-01-2006, 20:42
Hi there,

I gave it another try:

So I have a running dropbear on the WL-500g.

PC1 is to be remote controlled (and is sitting behind a firewall)
1) Fire up VNC server on port 5901
2) Inititate a ssh-connection with port forwarding:
plink -ssh -R 5901:localhost:5901 -i private.ppk admin@WL500g

PC2 is the remote controlling computer.
3) Inititate another ssh-connection with port forwarding:
plink -ssh -L 5901:localhost:5901 -i private.ppk admin@WL500g
4) Start VNC viewer with "localhost:5901"

It works!

What I was looking for in my first post was something like
3+4) Start VNC viewer with "WL500g:5901" and to access the port on the ASUS rather than doing another port forwarding.

The current (working) solution has the disadvantage of running another instance of dropbear lowering the free memory to frightening regions. There are only 1440 kBytes left.
Is this a problem? I experienced my WL-500g as a rock solid system, running easily for a year now (without a single reboot) with Olegs firmwares.

So, finally I have a working solution which makes me able to access my home PC and my office PC (both protected by restrictive firewalls) by just using a single port on the ASUS with (hopefully) secure public key authentification.

I thank all who thought about my problem. Maybe someone comes up with a more elegant solution. Looking forward to this.

Best regards
Jochen

PS: What you, Oleg, are doing with this piece of ASUS is incredible and I thank you very much for all your efforts and constant patience! Keep on it!
wrinkledcheese
02-05-2008, 00:34
I don't know what you're running on your AUSU router but I know that when I run OpenWRT on my router, the dropbear that comes with it binds all port forwarding to local host.

I read this in the PDF. The solution is to recompile dropbear and try port forwarding then.

http://www.infosecwriters.com/text_resources/pdf/ssh_tunneling.pdf

Here's an excerpt from that PDF:



root@OpenWrt:~# ssh -l you -p 2200 localhost
The reason that the direct login to remote forwarded port doesn't work is - "dropbear binds remote port forwardings to
the loopback address. This prevents other remote hosts from connecting to forwarded ports."
To fix it, you can recompile dropbear for your router.
Recompiling dropbear for OpenWRT
To recompile dropbear for your router, you need 'build toolchain' for your router platform. For WRT54G it is
mipsel. You can get mipsel build toolchain for x86 host from the following link-
http://downloads.openwrt.org/people/nbd/whiterussian/OpenWrt-SDK-Linux-i686-1.tar.bz2
Download and extract this file on a linux machine. Also download dropbear source package and follow the
instructions below to compile dropbear-
1. Set path variable to include path to build toolchain utilities:
4 of 6
Defeating Firewalls : Sneaking Into Office Computers From Home
export PATH=$PATH:~/OpenWrt-SDK-Linux-i686-1/staging_dir_mipsel/bin
2. cd into dropbear source directory and issue following command to configure dropbear -
./configure --build=i686-pc-linux-gnu --host=mipsel-linux \
--prefix=$HOME --disable-zlib --disable-lastlog
3. Edit options.h (not necessary in many cases)
#define DROPBEAR_RANDOM_DEV "/dev/random"
to
#define DROPBEAR_RANDOM_DEV "/dev/urandom"
4. Edit tcp-accept.c
98c98
< nsocks = dropbear_listen("", portstring, socks,
---
> nsocks = dropbear_listen(NULL, portstring, socks,
5. Compile
make PROGRAMS="dropbear" STATIC=1
6. Strip
mipsel-linux-strip dropbear
Transfer this compiled dropbear to your router. You can use wget or scp available on OpenWRT to transfer this
file. Test this binary by running it on some other port. Once you are sure that it's running fine, replace original
one with this binary.
strangesnork
01-11-2014, 13:16
Hi,

I tried to setup a port forwarding from one computer (PC1) with a running OpenSSH on port 8022 to my ASUS WL-500g (Oleg 1.9.2.7-7b).

What I did and what is working:
1) Enabled dropbear 0.47 on WL-500g on boottime with following options:
dropbear -a -s -g -p 2225
Note that I included the "-a" switch.
2) Enabled public_key authorization
3) With putty on PC2 (connected directly to WL-500g) connect to WL-500g:
--> Everything works perfectly: No user prompt, no password, direct connection. OK up to here

Set up PC1:
1) Start OpenSSH (cygwin) on Port 8022
2) Check running sshd on PC1 with user/password authentication --> Perfect!
3) Initiate port forwarding on PC1:
plink -v -ssh -P 2225 -R 8022:pc1:8022 -i private.ppk admin@wl500g
Results:

Server version: SSH-2.0-dropbear_0.47
We claim version: SSH-2.0-PuTTY_Release_0.58
Using SSH protocol version 2
Using Diffie-Hellman with standard group "group1"
Doing Diffie-Hellman key exchange
Host key fingerprint is:
ssh-rsa 1040 *********************
Initialised AES-256 client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Using username "admin".
Reading private key file "private.ppk"
Offered public key
Offer of public key accepted
Authenticating with public key "rsa-key"
Access granted
Opened channel for session
Requesting remote port 8022 forward to pc1:8022
Remote port forwarding from 8022 enabled
Allocated pty (ospeed 38400bps, ispeed 38400bps)
Started a shell/command
4) Checking to connect to PC1 from ASUS:

[admin@WL500g root]$ ssh -l username -p 8022 localhost
Received remote port 8022 open request from 127.0.0.1:2300
Attempting to forward remote port to PC1:8022
Forwarded port opened successfully

--> Everything is fine! Local port 8022 on ASUS is forwarded to PC1. Good.

5) Connect from PC2 to PC1
putty on PC2 tries to connect to ASUS WL-500g on port 8022.
--> NOT WORKING!

It seems that everything is setup well, the port is forwarded, but no connection from another host than the WL-500g itself is allowed to connect to this port.

Why is that the case, even if I explicitely allowed
"-a Allow connections to forwarded ports from any host"
in my dropbear options?

I know this is a bit lengthy but I tried to include everything what might help and to rule out possible misunderstanding on what is working and what is not working. It is only the last inch of my way to connect from PC2 to PC1 that is missing.

Many thanks in advance and greeting from Cologne!

Jochen

Hello Joe, where did you add an -a key? Cant find dropbear autostart script