aktos-io / link-with-server Goto Github PK

View Code? Open in Web Editor NEW

13.0 2.0 2.0 75 KB

Reverse SSH Link Tool like autossh, written in Bash

Shell 100.00%

autossh reverse-tunnel

link-with-server's People

Contributors

Stargazers

Watchers

Forkers

sincere32 masarinetwork

link-with-server's Issues

Create logs when fallback port is used

Log if default port is used more than once within the runtime of link-with-server. Related to #11

Logs causes too much CPU usage

Logs causes too much CPU usage. Those messages appear continuously (where 192.168.43.141 is local ip):

Feb 18 06:00:44 erik3 sshd[3449173]: Unable to negotiate with 192.168.43.141 port 60586: no matching host key type found. Their offer: [email protected] [preauth]
Feb 18 06:00:44 erik3 sshd[3449208]: Connection closed by 192.168.43.141 port 60600 [preauth]
Feb 18 06:00:44 erik3 sshd[3449209]: Connection closed by 192.168.43.141 port 60610 [preauth]
Feb 18 06:00:44 erik3 sshd[3449210]: Connection closed by 192.168.43.141 port 60624 [preauth]
Feb 18 06:00:44 erik3 sshd[3449211]: Unable to negotiate with 192.168.43.141 port 60626: no matching host key type found. Their offer: [email protected] [preauth]
Feb 18 06:00:44 erik3 sshd[3449212]: Unable to negotiate with 192.168.43.141 port 60642: no matching host key type found. Their offer: [email protected] [preauth]
Feb 18 06:00:50 erik3 sshd[3449310]: Connection closed by 192.168.43.141 port 50796 [preauth]
Feb 18 06:00:51 erik3 sshd[3449311]: Connection closed by 192.168.43.141 port 50812 [preauth]
Feb 18 06:00:51 erik3 sshd[3449312]: Connection closed by 192.168.43.141 port 50826 [preauth]
Feb 18 06:00:51 erik3 sshd[3449313]: Unable to negotiate with 192.168.43.141 port 50832: no matching host key type found. Their offer: [email protected] [preauth]
Feb 18 06:00:52 erik3 sshd[3449314]: Unable to negotiate with 192.168.43.141 port 50838: no matching host key type found. Their offer: [email protected] [preauth]
Feb 18 06:00:52 erik3 sshd[3449351]: Connection closed by 192.168.43.141 port 50870 [preauth]
Feb 18 06:00:52 erik3 sshd[3449349]: Connection closed by 192.168.43.141 port 50852 [preauth]
Feb 18 06:00:52 erik3 sshd[3449350]: Connection closed by 192.168.43.141 port 50858 [preauth]
Feb 18 06:00:52 erik3 sshd[3449352]: Unable to negotiate with 192.168.43.141 port 50880: no matching host key type found. Their offer: [email protected] [preauth]
Feb 18 06:00:52 erik3 sshd[3449353]: Unable to negotiate with 192.168.43.141 port 50882: no matching host key type found. Their offer: [email protected] [preauth]

is_ssh_server_alive function should be more reliable

In this function:

link-with-server/link-with-server.sh

Line 165 in f966b9b

nc -vzw 1 $hostname $port

nc output can not be "fully" trusted because there may be an SSLH server listening that port while SSH server is down.

MITM like error causes node to stuck on host verification step

If client tries to connect a different host (accidentally, or somehow), SSH normally asks for host verification and client hangs at this point.

Expected

Client should simply fail to connect if host key is not known.

Dropping connection should trigger "on" scripts

...re-established connections use the default port (7000) otherwise.

mobile machines should execute a script on connection to the rendezvous server

Sometime some changes must be done in every node in field (such as domain name change of aktos-elektronik.com to aktos.io).

Such work should be done by a connection script located in rendezvous server.

Add installer to start with systemctl service on boot

sometimes crontab not triggering link-with-server.sh

server should kill hanged connections

proposal:

create a process to watch if the mobmac_sshd_port is active or not. if not active, it should kill PID.

Prevent accidental shutdowns

link-with-server should not be shut down accidentally.

Proposal

Create a trap that will display a prompt asking if user is sure to shutdown link-with-server with a timeout.

lws hangs at "creating new tunnel" stage after server reboot

This is happened after a server reboot:

creating tunnel on Sat Nov 28 10:30:29 UTC 2015
ssh: connect to host aktos-elektronik.com port 22: No route to host
2015-11-28 10:30:30 - Getting proxy settings
2015-11-28 10:30:30 - SSH ID Key exists, continue...
2015-11-28 10:30:30 - Checking server connectivity
2015-11-28 10:30:41 - Connection Checking Disabled!
2015-11-28 10:30:41 - Connectivity to the server is OK.
2015-11-28 10:30:46 - SSH key is already registered...
2015-11-28 10:30:46 - Creating ssh socket
2015-11-28 10:30:46 - Creating new SSH socket.
2015-11-28 10:30:50 - Getting MOBMAC settings
2015-11-28 10:30:51 - MOBMAC_ID: eb:e5:c0:c5:b2:99:02:a6:82:ea:c3:e1:7c:9c:a7:ff
2015-11-28 10:30:51 - Bind localhost:22 -> server:7028
2015-11-28 10:30:51 - Checking if link is working
2015-11-28 10:30:52 - Connection is broken, creating a new tunnel.

Prevent too much traffic for mobile data when idle

According to nethog, link-with-server creates too much traffic while monitoring the tunnel operability state.