ssh error

[artenax]

When I run on the client:

sudo ssh -p 2222 denis@localhost
I get on the server:

[INFO]	Got a request to forward data from 127.0.0.1:22
client: connect: Connection refused
[WARNING]	failed to connect to 127.0.0.1:22
[WARNING]	Could not connect to 127.0.0.1:22

and nothing, doesn't work.

I would like to use another computer's internet via proxy. Like commercial vpn offer.

[artenax]

The reason was that openssh-server was not installed on the server computer.
https://phoenixnap.com/kb/ssh-connection-refused

sudo apt install openssh-server
sudo systemctl status sshd
ssh localhost

Now the ssh connection is established, but I don't know what to do with it or how to use the server internet.

[gjedeer]

I'm not sure tuntox is the best tool to use other computer's internet, but here's what you can do.

ssh -p 2222 -D 1234 denis@localhost

Then, set up your browser to use localhost:1234 as a SOCKS5 proxy:

It will only tunnel your web browser's traffic over tuntox.

[artenax]

The proxy server is refusing connections.

[gjedeer]

Do you have SSH running while you try to connect with Firefox? Does SSH work?

[artenax]

Do you have SSH running while you try to connect with Firefox? Does SSH work?

Client or server? There is silence in the client ssh terminal. Something is running with no status output. I try to make a request for some site through the browser. Exactly two minutes later the ssh connection is broken. In the logs after the triplet.

Server log (tuntox):
[denis@alt ~]$ sudo LD_LIBRARY_PATH=/usr/local/lib64 tuntox -C /etc/tuntox
2024-05-10 21:51:26: [INFO] Tuntox built from git commit 54289f5, toxcore version 0.2.19
2024-05-10 21:51:26: [INFO] Using 63362 for TCP relay port and 44863-44873 for UDP
2024-05-10 21:51:26: [INFO] Could not find Tox bootstrap nodes. Using hardcoded.
2024-05-10 21:51:26: [WARNING] Shared secret authentication is not used - skilled attackers may connect to your tuntox server
2024-05-10 21:51:26: [INFO] Using Tox ID: DA3DFBA4C7E1D3FB4CA22FDE917E81672D71E983C0DA859496E17A42A331172C865E4BC95273
2024-05-10 21:51:35: [INFO] Connection status changed: An UDP connection has been established
2024-05-10 21:52:06: [INFO] Accepted friend request from 59723A13545EEB374F78D471E362EABF365237DCB752E68F885505513FA37A734A6EE6107ADE as 0
2024-05-10 21:52:34: [INFO] Got a request to forward data from 127.0.0.1:22
2024-05-10 21:52:34: [INFO] Created a new tunnel object connid=54299 sockfd=5
...
2024-05-10 21:54:34: [WARNING] conn closed!
2024-05-10 21:54:34: [INFO] Deleting tunnel #54299 ptr 0x5652003ba640

Server log (sshd-server):
[denis@alt ~]$ sudo systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/lib/systemd/system/sshd.service; enabled; preset: enabled)
Active: active (running) since Fri 2024-05-10 21:50:03 +07; 7min ago
Process: 930 ExecStartPre=/usr/bin/ssh-keygen -A (code=exited, status=0/SUCCESS)
Process: 936 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 953 (sshd)
Tasks: 1 (limit: 522)
Memory: 3.9M
CPU: 138ms
CGroup: /system.slice/sshd.service
└─953 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"

мая 10 21:50:02 alt systemd[1]: Starting sshd.service - OpenSSH server daemon...
мая 10 21:50:03 alt systemd[1]: Started sshd.service - OpenSSH server daemon.
мая 10 21:50:03 alt sshd[953]: Server listening on 127.0.0.1 port 22.
мая 10 21:54:34 alt sshd[1483]: fatal: Timeout before authentication for 127.0.0.1 port 36618

/etc/openssh/sshd_config:
Port 22
#AddressFamily any
ListenAddress 127.0.0.1

Server ssh localhost:
[denis@alt ~]$ ssh localhost
denis@localhost's password:
Last login: Fri May 10 20:59:13 2024 from 127.0.0.1

---

[artenax]

Client log (tuntox):
denis@systemp:~$ sudo tuntox -C /etc/tuntox -i DA3DFBA4C7E1D3FB4CA22FDE917E81672D71E983C0DA859496E17A42A331172C865E4BC95273 -L 2222:127.0.0.1:22
2024-05-10 21:51:52: [DEBUG] Server whitelist mode enabled
2024-05-10 21:51:52: [INFO] Tuntox built from git commit 54289f5, toxcore version 0.2.19
2024-05-10 21:51:52: [INFO] Using 49242 for TCP relay port and 65375-65385 for UDP
2024-05-10 21:51:52: [INFO] Could not find Tox bootstrap nodes. Using hardcoded.
2024-05-10 21:51:52: [INFO] Connecting to Tox...
2024-05-10 21:52:02: [INFO] Connection status changed: An UDP connection has been established
2024-05-10 21:52:02: [INFO] Connected. Sending friend request.
2024-05-10 21:52:02: [INFO] Waiting for friend to accept us...
2024-05-10 21:52:08: [INFO] Friend connection status changed to: An UDP connection has been established (2)
2024-05-10 21:52:08: [INFO] Friend request accepted (An UDP connection has been established)!
2024-05-10 21:52:34: [INFO] Accepting a new connection - requesting tunnel...
2024-05-10 21:52:34: [INFO] Sending packet to friend #0 to forward 127.0.0.1:22
2024-05-10 21:52:34: [INFO] Created a new tunnel object connid=54299 sockfd=5
2024-05-10 21:52:34: [INFO] Accepted a new connection on port 2222 sockfd 32
...
2024-05-10 21:54:34: [INFO] Deleting tunnel #54299 ptr 0x5568dbe93960

Client log (ssh-client):
denis@systemp:~$ ssh -p 2222 -D 1234 denis@localhost
(nothing)
...
Connection reset by 127.0.0.1 port 2222

Client log (sshd):
denis@systemp:~$ sudo systemctl status sshd
Unit sshd.service could not be found.
...
sudo apt install openssh-server
...
/etc/ssh/sshd_config:
Port 22
#AddressFamily any
ListenAddress 127.0.0.1

denis@systemp:~$ sudo systemctl restart sshd
sudo systemctl status sshd
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2024-05-10 22:02:13 +07; 8min ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 1580670 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 1580671 (sshd)
Tasks: 1 (limit: 1962)
Memory: 3.9M
CPU: 154ms
CGroup: /system.slice/ssh.service
└─1580671 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"

мая 10 22:02:13 systemp systemd[1]: Starting OpenBSD Secure Shell server...
мая 10 22:02:13 systemp sshd[1580671]: Server listening on 127.0.0.1 port 22.
мая 10 22:02:13 systemp systemd[1]: Started OpenBSD Secure Shell server.
мая 10 22:08:21 systemp sshd[1580919]: Connection closed by 127.0.0.1 port 50430 [preauth]
мая 10 22:10:32 systemp sshd[1581046]: Connection closed by 127.0.0.1 port 50434 [preauth]

Client ssh localhost:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:GnirMVmkHXn6HQN/ju+RNF5hAmzMRViHN8WAgzNEPNw.
Please contact your system administrator.
Add correct host key in /home/denis/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/denis/.ssh/known_hosts:8
remove with:
ssh-keygen -f "/home/denis/.ssh/known_hosts" -R "localhost"
Host key for localhost has changed and you have requested strict checking.
Host key verification failed.
(This problem was solved by deleting $HOME/.ssh folder, but still no connection)

[artenax]

I'm testing in a host (Xubuntu 22.04, systemp) and a virtual machine (ALT Linux LXQt Sisyphus, alt, NAT network). tuntox and toxcore are self-built new. The username is the same everywhere (denis). IP is of course the same, because the network is NAT (but I tried also connecting VPN in the virtual machine).

Xubuntu 22.04 (host) - client
ALT (vm) - server

The client browser (Basilisk, socks5 proxy 127.0.0.1:1234, dns through socks) immediately shows an error:
"The proxy server is refusing connections"

[artenax]

Here's how I compiled toxcore and tuntox:
Installed: gcc g++ make cmake ninja-build git pkgconf libconfig-dev libsodium-dev libcap-dev nlohmann-json3-dev libjsoncpp-dev libopus-dev libvpx-dev libevent-dev libssl-dev

git clone https://github.com/TokTok/c-toxcore
cd c-toxcore
git submodule update --init
rm -rdf 1 && mkdir 1 && cd 1
cmake .. -G Ninja -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=/usr/local -DENABLE_SHARED=ON -DENABLE_STATIC=OFF -DFULLY_STATIC=OFF -DBOOTSTRAP_DAEMON=ON -DDHT_BOOTSTRAP=ON -DAUTOTEST=OFF -DUNITTEST=OFF -DBUILD_TESTING=OFF -DBUILD_TOXAV=ON -DMUST_BUILD_TOXAV=OFF -DUSE_IPV6=ON
ninja -j1
sudo ninja install
sudo ldconfig

git clone https://github.com/gjedeer/tuntox
cd tuntox
# PREFIX changed to /usr/local in Makefile 
export PKG_CONFIG_PATH=/usr/local/lib64/pkgconfig:$PKG_CONFIG_PATH
make tuntox_nostatic
sudo PKG_CONFIG_PATH=/usr/local/lib64/pkgconfig make tuntox_nostatic install

I see that the command -L 2222:127.0.0.1:22 redirects 2222 client port to 22 server port.
So using ssh is not necessary, right?
I tried replacing ssh with the gost proxy running on the server on port 5555:
Server:
gost -L=0.0.0.0.0:5555

Client:
tuntox -C /etc/tuntox -i ID -L 5556:127.0.0.1:5555
Client browser: socks5 127.0.0.1:5556

but still no connection. And this is even worse than ssh, which at least tried, judging by the logs.

I see that the ssh connection terminates with a timeout. But why?

I'm not sure tuntox is the best tool to use other computer's internet

Why? It works with toxvpn. It connects two computers via Tox and provides local IPs through which you can run any services. However, I don't see local IPs in tuntox. But the connection in toxvpn sometimes breaks (a friend goes offline, even though it is not).

[artenax]

Instead of my new build, I used your build (with toxcore 0.2.13) and it worked. There must be some incompatibility with the new toxcore. I also added TUNTOX_SHARED_SECRET=hello

ssh allows you to control another computer. I think it can be replaced by a proxy like gost.
I think you should also specify in the documentation about the necessity to activate openssh-server and about the risks of default settings.

[artenax]

https://github.com/ginuerzh/gost/releases/download/v2.11.5/gost-linux-amd64-2.11.5.gz

Server (Terminal 1):
gost -L=127.0.0.1:5555

Server (Terminal 2):

sudo mkdir -p /etc/tuntox
sudo TUNTOX_SHARED_SECRET=hello LD_LIBRARY_PATH=/usr/local/lib64 tuntox-old -C /etc/tuntox

Client:

sudo mkdir -p /etc/tuntox
sudo TUNTOX_SHARED_SECRET=hello tuntox-old -C /etc/tuntox -i DA3DFBA4C7E1D3... -L 5556:127.0.0.1:5555

Browser proxy: socks5 127.0.0.1:5556

ssh isn't necessary. gost is safer for internet sharing. You can use another utility instead of gost. Remember about port redirection (5556 > 5555). Below 1024 requires root.
tuntox-old = tuntox
LD_LIBRARY_PATH with official tuntox is not needed either.

[gjedeer]

From your logs, it looks like you get a lot of timeouts in the SSH session, so the link Tox formed between computers is probably very slow.

My build vs yours -> I don't know, maybe you had a different version of c-toxcore or tuntox on one of the machines? I don't get it.

The version in master branch of tuntox is a development one right now, I omited an important field in initial protocol design and am fixing it now. So anything built with master will not work with 0.0.x versions - the fix is not backwards comptabile.

[artenax]

tuntox/toxcore is the same on both systems, but new.

I have seen warning when they were different only once.