Package: sslh Version: 1.16-2 Severity: normal Dear Maintainer,
Issue: sslh fails to create an SSH tunnel if the option "forceCommand internal-sftp" is used in OpenSSH's config file. The tunnel is successfully created with an OpenSSH client and Linux Putty v0.67 or in all cases when internal-sftp isn't in the config. Expectation: sslh sucessfully creates a tunnel to use as a proxy. Attatched: Logfiles from openSSH client & puTTY connecting to port 22 and 443 -- Host: OpenSSH_6.7p1 Debian-5+deb8u3 Client: OpenSSH_7.3p1 Client: puTTY: 0.67 -- System Information: Debian Release: 8.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages sslh depends on: ii adduser 3.113+nmu3 ii debconf 1.5.56 ii init-system-helpers 1.22 ii libc6 2.19-18+deb8u6 ii libcap2 1:2.24-8 ii libconfig9 1.4.9-2 ii libwrap0 7.6.q-25 ii lsb-base 4.1+Debian13+nmu1 ii update-inetd 4.43 Versions of packages sslh recommends: ii nginx-full [httpd] 1.6.2-5+deb8u2+b1 ii openssh-server [ssh-server] 1:6.7p1-5+deb8u3 Versions of packages sslh suggests: pn openbsd-inetd | inet-superserver <none> -- Configuration Files: /etc/default/sslh changed: RUN=yes DAEMON=/usr/sbin/sslh DAEMON_OPTS="--user sslh \ --listen 192.168.1.111:443 \ --tls localhost:443 \ --ssh localhost:22 \ --http localhost:80 \ --anyprot localhost:22 \ --pidfile /var/run/sslh/sslh.pid" -- Configuration Files: /etc/ssh/sshd_config: #PERMISSIONS# ChallengeResponseAuthentication no PasswordAuthentication no #SFTP# Subsystem sftp internal-sftp ChrootDirectory %h ForceCommand internal-sftp -- debconf information: * sslh/inetd_or_standalone: standalone *** ssh-22.log ssh -TND 8080 tunnel@69.131.7.195 -p 22 -i key -vvv --SNIP-- debug1: Local connections to LOCALHOST:8080 forwarded to remote address socks:0 debug3: channel_setup_fwd_listener_tcpip: type 2 wildcard 0 addr NULL debug1: Local forwarding listening on 127.0.0.1 port 8080. debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 0: new [port listener] socket: Address family not supported by protocol debug2: fd 3 setting TCP_NODELAY debug3: ssh_packet_set_tos: set IP_TOS 0x10 debug1: Requesting no-more-sessi...@openssh.com debug3: send packet: type 80 debug1: Entering interactive session. debug1: pledge: network debug1: Connection to port 8080 forwarding to socks port 0 requested. debug2: fd 5 setting TCP_NODELAY debug2: fd 5 setting O_NONBLOCK debug3: fd 5 is O_NONBLOCK debug1: channel 1: new [dynamic-tcpip] debug2: channel 1: pre_dynamic: have 0 debug2: channel 1: pre_dynamic: have 3 debug2: channel 1: decode socks5 debug2: channel 1: socks5 auth done debug2: channel 1: pre_dynamic: need more debug2: channel 1: pre_dynamic: have 0 debug2: channel 1: pre_dynamic: have 21 debug2: channel 1: decode socks5 debug2: channel 1: socks5 post auth debug2: channel 1: dynamic request: socks5 host www.debian.org port 443 command 1 debug3: send packet: type 90 debug3: receive packet: type 91 debug2: channel 1: open confirm rwindow 2097152 rmax 32768 *** ssh-443.log $ ssh -TND 8080 tunnel@69.131.7.195 -p 443 -i key -vvv --SNIP-- debug1: Local connections to LOCALHOST:8080 forwarded to remote address socks:0 debug3: channel_setup_fwd_listener_tcpip: type 2 wildcard 0 addr NULL debug1: Local forwarding listening on 127.0.0.1 port 8080. debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 0: new [port listener] socket: Address family not supported by protocol debug2: fd 3 setting TCP_NODELAY debug3: ssh_packet_set_tos: set IP_TOS 0x10 debug1: Requesting no-more-sessi...@openssh.com debug3: send packet: type 80 debug1: Entering interactive session. debug1: pledge: network debug1: Connection to port 8080 forwarding to socks port 0 requested. debug2: fd 5 setting TCP_NODELAY debug2: fd 5 setting O_NONBLOCK debug3: fd 5 is O_NONBLOCK debug1: channel 1: new [dynamic-tcpip] debug2: channel 1: pre_dynamic: have 0 debug2: channel 1: pre_dynamic: have 3 debug2: channel 1: decode socks5 debug2: channel 1: socks5 auth done debug2: channel 1: pre_dynamic: need more debug2: channel 1: pre_dynamic: have 0 debug2: channel 1: pre_dynamic: have 21 debug2: channel 1: decode socks5 debug2: channel 1: socks5 post auth debug2: channel 1: dynamic request: socks5 host www.debian.org port 443 command 1 debug3: send packet: type 90 debug3: receive packet: type 92 channel 1: open failed: administratively prohibited: open failed debug2: channel 1: zombie debug2: channel 1: garbage collecting debug1: channel 1: free: direct-tcpip: listening port 8080 for www.debian.org port 443, connect from 127.0.0.1 port 58664 to 127.0.0.1 port 8080, nchannels 2 debug3: channel 1: status: The following connections are open: *** putty-22.log =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2016.09.28 14:31:37 =~=~=~=~=~=~=~=~=~=~=~= Event Log: Writing new session log (SSH packets mode) to file: /home/user/downloads/putty.log Event Log: Connecting to 69.131.7.195 port 22 Event Log: We claim version: SSH-2.0-PuTTY_Release_0.67 Event Log: Server version: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 Event Log: Using SSH protocol version 2 Outgoing packet #0x0, type 20 / 0x14 (SSH2_MSG_KEXINIT) --SNIP-- Event Log: Opening connection to www.putty.org:80 for forwarding from 127.0.0.1:57934 Outgoing packet #0x8, type 90 / 0x5a (SSH2_MSG_CHANNEL_OPEN) 00000000 00 00 00 0c 64 69 72 65 63 74 2d 74 63 70 69 70 ....direct-tcpip 00000010 00 00 01 00 00 00 40 00 00 00 40 00 00 00 00 0d ......@...@..... 00000020 77 77 77 2e 70 75 74 74 79 2e 6f 72 67 00 00 00 www.putty.org... 00000030 50 00 00 00 07 30 2e 30 2e 30 2e 30 00 00 00 00 P....0.0.0.0.... Incoming packet #0x8, type 91 / 0x5b (SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) 00000000 00 00 01 00 00 00 00 00 00 20 00 00 00 00 80 00 ......... ...... *** putty-443.log =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2016.09.28 08:14:56 =~=~=~=~=~=~=~=~=~=~=~= Event Log: Writing new session log (SSH packets mode) to file: putty.log Event Log: Connecting to 69.131.7.195 port 443 Event Log: We claim version: SSH-2.0-PuTTY_Snapshot_2016_09_20.24da181 Event Log: Server version: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 Event Log: Using SSH protocol version 2 Outgoing packet #0x0, type 20 / 0x14 (SSH2_MSG_KEXINIT) --SNIP-- Event Log: Opening connection to www.chiark.greenend.org.uk:80 for forwarding from [::1]:56627 Outgoing packet #0xa, type 90 / 0x5a (SSH2_MSG_CHANNEL_OPEN) 00000000 00 00 00 0c 64 69 72 65 63 74 2d 74 63 70 69 70 ....direct-tcpip 00000010 00 00 01 00 00 00 40 00 00 00 40 00 00 00 00 1a ......@...@..... 00000020 77 77 77 2e 63 68 69 61 72 6b 2e 67 72 65 65 6e www.chiark.green 00000030 65 6e 64 2e 6f 72 67 2e 75 6b 00 00 00 50 00 00 end.org.uk...P.. 00000040 00 07 30 2e 30 2e 30 2e 30 00 00 00 00 ..0.0.0.0.... Incoming packet #0xa, type 92 / 0x5c (SSH2_MSG_CHANNEL_OPEN_FAILURE) 00000000 00 00 01 00 00 00 00 01 00 00 00 0b 6f 70 65 6e ............open 00000010 20 66 61 69 6c 65 64 00 00 00 00 failed.... Event Log: Forwarded connection refused by server: Administratively prohibited [open failed] ection refused by server: Administratively prohibited [open failed]