SSH connection via SOCKS proxy not working

[carlos-n]

Describe the bug
Once a SOCKS tunnel has been established, a new SSH connection using this tunnel doesn't work.

To Reproduce
Steps to reproduce the behavior:

1. Define a new SSH connection against a server "A" configuring a "Dynamic Socks Proxy" in "SSH Options" section. We use "127.0.0.1" as "Bind Address" and "5000" as "Local Port".
   After creating the connection, we establish the connection with server "A".
   We can see our local server is listening in port 5000.

tcp LISTEN 0 128 127.0.0.1:5000

We can open connections against servers using the SOCKS tunnel with Putty.
So, the SOCKS tunnel is correctly created and working OK.

2. Define a new SSH connection to a server "B". In "Proxy" tab of "Connection" section we configure the option "Always use next proxy /HTTP/SOCKS) for this connection". We use "127.0.0.1" in "IP/Host" field and "5000" in "Port" field. We leave empty "User" and "Password" fields.

3. When trying to establish connection with server "B", we receive an error.

connect() failed with error 'Connection timed out'
ssh_exchange_identification: read: Connection reset by peer
pac_conn: Fatal IO error 22 (Invalid argument) on X server :0.

Expected behavior
Connection with server "B" should correctly established as it happens when you try it using Putty.

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

• OS: Linux Mint 19.02 64 bits
• Version: Asbru v5.2.1

Additional context
Add any other context about the problem here.

[gfrenoy]

I tried a few times to reproduce this but got stuck at step 2. I just realized it's a bug in the gtk3 branch, see #291... I soon as I can get that working, I'll have another look.

In the meantime, did you check the SSH command line of the connection to server B ? Does it work if you run it outside Ásbrú ?

[gfrenoy]

I looked a bit more at this, here are some notes

• Ásbú uses the perl module Net::Proxy
• When configuring Ásbrú as you did, it uses the following configuration of Net::Proxy to establish the proxy:

asbru-cm/lib/pac_conn

Lines 848 to 861 in 1687e82

	$proxy = Net::Proxy -> new( {
	in => {
	type => 'tcp',
	port => $LOCAL_PORT = 60000 + int( rand( 1000 ) ),
	},
	out => {
	type => 'tcp', # 'tcp' method allows using SOCKs proxies!! :)
	host => $IP,
	port => $PORT,
	proxy_host => $proxy_ip,
	proxy_port => $proxy_port,
	proxy_user => $proxy_user,
	proxy_pass => $proxy_pass,
	proxy_agent => "Ásbrú Connection Manager (https://www.asbru-cm.net/)"

• Not sure to understand what it exactly do but, as a matter of fact, it does not connect to the proxy ...

Btw, did you look at the Jump Host option in SSH to do this, see #67 ? It might be a more straight way to achieve the same, isn't it ?

[hanspr]

Hi @carlos-n

Remove the "Always use next proxy /HTTP/SOCKS) for this connection", option in connection to "B", and move it back to "Use global options to decide"

And in "Advanced options", configure like this

This should be the correct way configure, the other option is for something else, not sure how to use it, but is not for what you want to do.

[carlos-n]

Thanks so much for the responses.
The solution proposed by hanspr works perfectly.

[gfrenoy]

As there is a workaround and that we are reviewing the way proxy is managed for the next version, I believe we can close this issue for now.