Tag: sshuttle

sshuttle がエラーになる

SSH VPN がお手軽に利用できる sshuttle を久々に使おうとしたら失敗します.いくつかのremotehostを試してもうまくいかない.

Debian sid 環境でのエラー

$ sshuttle -v -r user@remotehost 0/0
Starting sshuttle proxy.
firewall manager: Starting firewall with Python version 3.7.4
firewall manager: ready method name nat.
IPv6 enabled: False
UDP enabled: False
DNS enabled: False
User enabled: False
TCP redirector listening on ('127.0.0.1', 12300).
Starting client with Python version 3.7.4
c : connecting to server...
Host key fingerprint is SHA256:kUoWT4bCu7+HiegN9R5tYqO5nnvpQPobzSk46T8WEwU
+---[ECDSA 256]---+
|   .E...o        |
|    o o= .       |
|     +o +        |
|    oo . .       |
|    oo. S        |
|   *++ o         |
|  *.+=X+o        |
| ..=+X*=.        |
| .o+%B+o         |
+----[SHA256]-----+
Enter passphrase for key '/home/matoken/.ssh/id_ed25519':
Authenticated to nnn.nnn.nnn.nnn ([nnn.nnn.nnn.nnn]:nn).
-c:3: DeprecationWarning: the imp module is deprecated in favour of importlib; see the module's documentation for alternative uses
Starting server with Python version 3.7.3
 s: latency control setting = True
c : Connected.
 s: auto-nets:False
firewall manager: setting up.
>> iptables -t nat -N sshuttle-12300
>> iptables -t nat -F sshuttle-12300
>> iptables -t nat -I OUTPUT 1 -j sshuttle-12300
>> iptables -t nat -I PREROUTING 1 -j sshuttle-12300
>> iptables -t nat -A sshuttle-12300 -j RETURN --dest 127.0.0.1/32 -p tcp
>> iptables -t nat -A sshuttle-12300 -j REDIRECT --dest 0.0.0.0/0 -p tcp --to-ports 12300 -m ttl ! --ttl 42
firewall manager: undoing changes.
>> iptables -t nat -D OUTPUT -j sshuttle-12300
>> iptables -t nat -D PREROUTING -j sshuttle-12300
>> iptables -t nat -F sshuttle-12300
>> iptables -t nat -X sshuttle-12300
c : fatal: server died with error code 255

最後の行のエラーメッセージで検索すると以下のIssue を見つけました.

参考にして -x remotehostip で使えるようになりました.-x は除外オプションで接続先のip を指定して除外するとOKのようです.

  • NG $ sshuttle -r user@remotehost 0/0

  • OK $ sshuttle -r user@remotehost 0/0 -x remotehostip

VPN 対象のサブネットと同様 -x にも複数のサブネット/ip の指定ができます.

Debian sid 環境
$ dpkg-query -W sshuttle
sshuttle        0.78.5-1
$ hostnamectl|grep -E 'Operating System|Architecture'
  Operating System: Debian GNU/Linux bullseye/sid
	  Architecture: x86-64

Raspbian Buster 環境でのエラー

ちなみに sshuttle を Raspbian Buster で試すとまた違うこんなエラーに.でもやっぱり -x で解決しました.

Raspbian Buster での error message
 :
client: Connected.
packet_write_wait: Connection to 192.168.1.102 port 22: Broken pipe
Traceback (most recent call last):
  File "/usr/bin/sshuttle", line 11, in <module>
	load_entry_point('sshuttle==0.78.5', 'console_scripts', 'sshuttle')()
  File "/usr/lib/python3/dist-packages/sshuttle/cmdline.py", line 82, in main
	opt.sudo_pythonpath)
  File "/usr/lib/python3/dist-packages/sshuttle/client.py", line 787, in main
	seed_hosts, auto_hosts, auto_nets, daemon, to_nameserver)
  File "/usr/lib/python3/dist-packages/sshuttle/client.py", line 547, in _main
	ssnet.runonce(handlers, mux)
  File "/usr/lib/python3/dist-packages/sshuttle/ssnet.py", line 598, in runonce
	h.callback(s)
  File "/usr/lib/python3/dist-packages/sshuttle/ssnet.py", line 488, in callback
	self.flush()
  File "/usr/lib/python3/dist-packages/sshuttle/ssnet.py", line 439, in flush
	wrote = _nb_clean(os.write, self.wsock.fileno(), self.outbuf[0])
  File "/usr/lib/python3/dist-packages/sshuttle/ssnet.py", line 79, in _nb_clean
	return func(*args)
BrokenPipeError: [Errno 32] Broken pipe
Raspbian Buster の環境
$ dpkg-query -W sshuttle
sshuttle        0.78.5-1
$ lsb_release -d
Description:    Raspbian GNU/Linux 10 (buster)
$ uname -m
armv6l
$ cat /proc/device-tree/model ;echo
Raspberry Pi Model B Rev 2

Ubuntu 18.04 LTS 環境(OK)

Ubuntu 18.04 LTS のsshuttle でも試してみましたがこれは -x を付けなくても問題なしでした.sshuttle 0.78.4 〜 0.78.5 の間の修正での影響でしょうか?

error の出なかった環境
$ dpkg-query -W sshuttle
sshuttle        0.78.3-1ubuntu1
$ lsb_release -d
Description:    Ubuntu 18.04.2 LTS
$ uname -m
x86_64