Darkcrimson Posted June 1, 2014 Share Posted June 1, 2014 (edited) Following Chris Haralson's absolutely awesome tutorial on configuring AutoSSH to access your pineapple remotely, I had no issues with setting up a sweet relay on my VPS. However, once I came back to the pineapple after a month of inactivity, I noticed I could no longer access the Pineapple interface remotely. Port 4567, Listen port 1471, and proper of root@ip.of.vps were verified, but going to ip.of.vps:4567 returned unavailable. AutoSSH shows "connected" on the Pineapple GUI. Both the VPS and Pineapple have been rebooted several times, thinking SSH on the VPS just wasn't responding properly. I figured it was an issue with my VPS, so I deleted the droplet (using DigitalOcean) and created a new one from scratch. I followed all of the procedures outlined, but I get the same results. Next, I ensured that my VPS was live. It responds to ping requests. Second, I verified the key added to authorized_keys on the server was correct. This was done by initiating an ssh tunnel from the pineapple command line and not being prompted for password and by checking the authorized_keys file itself. Both appear okay. I figured maybe it was network settings at that point, so after logging into my VPS from a different computer outside of my local network, I ran: netstat | grep ip.address.of.pineapple and see this: tcp 0 48 ip.address.of.vps:ssh ip-of-pineapple.cli:58888 ESTABLISHED I've checked the log files and don't see anything paranormal. Figuring perhaps DigitalOcean was unhappy about the relay, I submitted a ticket. Their reply was that nothing should be prohibiting the relay. So, back to square one. It should be mentioned I've taken the actual internet connection to the Pineapple into consideration; using my android, iPhone, local network, and a friend's internet (all different networks) to no avail. Is there something I'm missing here? Thanks in advance Edited June 1, 2014 by Darkcrimson Quote Link to comment Share on other sites More sharing options...
fringes Posted June 2, 2014 Share Posted June 2, 2014 Can you post the contents of /etc/config/autossh please? Also, post the ssh command line you used to connect from your pineapple to you VPS. (Redact your IP as you did above.) Also, from a shell on your pineapple, try just this: ssh -i <path-to-private-key> <user>@<ip-of-VPS> Does that give you a shell? For comparison, my autossh config file looks like the following: option ssh '-i /root/.ssh/id_rsa -N -T -R 1471:localhost:1471 -R 2223:localhost:22 <not-root>@<my-server> -p 22' This puts the pineapple's web and SSH ports on my "relay server" on ports 1471 and 2223 respectively. (This lets me create another tunnel from my laptop for the web interface, and I can putty directly for ssh.) Quote Link to comment Share on other sites More sharing options...
Darkcrimson Posted June 2, 2014 Author Share Posted June 2, 2014 (edited) Thank you for your reply. Here's the info requested. /etc/config/autossh: root@Pineapple:~# cat /etc/config/autossh config autossh option gatetime '0' option monitorport '20000' option poll '600' option ssh '-i /etc/dropbear/id_rsa -N -T -R 4567:localhost:1471 root@ ip.of.vps' Shell from pineapple: root@Pineapple:~# ssh -i /etc/ssh/id/dropbear/id_rsa root@ip.of.vps Warning: Identity file /etc/ssh/id/dropbear/id_rsa not accessible: No such file or directory. Last login: Mon Jun 2 10:02:40 2014 root@sshrelay:~$ Hopefully this exposes something obvious that I'm missing. What really strikes me is that it's worked before in the past. Flawlessly. I'm trying to think of something that might have changed, but all I did to the Pineapple was update to the latest firmware and my VPS has not been altered in any way. I'm going to try your configuration and see what I can get in return from the server. Thanks for your help! EDIT: I've noticed the configuration file has the wrong path to private key. I've amended it, but still no luck. Edited June 2, 2014 by Darkcrimson Quote Link to comment Share on other sites More sharing options...
Darkcrimson Posted June 2, 2014 Author Share Posted June 2, 2014 Okay, so this: ssh root@ip.of.vps -i /etc/dropbear/id_rsa Allows me to login with no issues. I've done this straight from the Pineapple's command line. However, root@Pineapple:~# ssh root@ip.of.vps.server -i /etc/dropbear/id_rsa -N -T -R 4567 :localhost:1471 Warning: Identity file /etc/dropbear/id_rsa not accessible: No such file or dire ctory. Warning: remote port forwarding failed for listen port 4567 When I try the /etc/config/autossh version, which puts the options before the login, it just hangs. In either instance, AutoSSH shows connected and there's a connection established in Netstat. I think I've figured it out... Quote Link to comment Share on other sites More sharing options...
Darkcrimson Posted June 2, 2014 Author Share Posted June 2, 2014 (edited) UPDATE: After looking over the options, I decided to take a bit from your initial config. Instead of the above, I went with this: ssh -i /etc/dropbear/id_rsa -R 1471:localhost:1471 root@ip.of.vps.server Then, I went onto my laptop and ran: ssh root@ip.of.vps.server -D 8080 I set up my browser to work via proxy on 127.0.0.1:8080, after entering http://localhost:1471 into my browser, I now see the Pineapple GUI. I went ahead and saved the autossh config and can enjoy a stable connection remotely. Edited June 4, 2014 by Darkcrimson Quote Link to comment Share on other sites More sharing options...
fringes Posted June 2, 2014 Share Posted June 2, 2014 (edited) Excellent. I'm glad you were able to figure it out. Go ahead and add -R 2222:localhost:22 (or similar) and you'll have SSH access from anywhere too. Hopefully, the autossh Infusion will be updated to allow multiple entries, multiple port forwards (-L & -R), etc. Is your issue completely resolved? Edited June 3, 2014 by fringes Quote Link to comment Share on other sites More sharing options...
Darkcrimson Posted June 2, 2014 Author Share Posted June 2, 2014 Yessir. I've gone ahead and added the additional parameters. Thanks a bunch for all of your help! Quote Link to comment Share on other sites More sharing options...
fringes Posted June 3, 2014 Share Posted June 3, 2014 You're very welcome. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.