Hi Hayk, I wonder if a service running from init.rc has different restrictions on what a process is allowed to do. Maybe a syscall that usually succeeds is blocked by the system, and Dropbear doesn't handle it well. When you run it manually you are running it under adb?
Can you make your myScript launcher redirect dropbear output to a file dropbear -E -R > /data/logfile1.txt 2>&1 and see if anything gets logged there? If you run ssh -i ssh_rsa_key root@localhost -p 50216 df instead does it work? That won't try to allocate a terminal to run commands. Cheers, Matt > On Wed 21/3/2018, at 2:48 pm, Hayk Beglaryan <hayk.beglary...@gmail.com> > wrote: > > Hello, > > I'm an android developer and we are trying to make a ssh tunneling between > Android device and Linux Host. I'm using dropbear for this solution. > > Here is my steps: > > 1) I'm connecting to my host via dbclient with 0 port > > dbclient -i "$RSA_KEY" -f -N -R 0:localhost:22 "$HOST" -y &> /sdcard/out > > 2) Then I'm running dropbear > > dropbear -E -R > > 3) And now I'm able to connect to device via ssh from my host using public > key and port in /sdcard/out > > ssh -i ssh_rsa_key root@localhost -p 50216 > > Here is it, and it's works perfectly. > For my solution I need to make tunneling automatically. > > I have created bash script under /system/bin/ (build android image with > script in it). Added corresponding service in init.rc to run my script > automatically. > > service myScript /system/bin/myScript > class core > user root > group root > disabled > > The script actually runs by system every 5 sec. but when I'm trying to > connect to device I receive following error message: > > "Aiee, segfault! You should probably report this as a bug to the developer" > > The strangest thing is that when I'm running my script manually it works fine > but when system runs the **same** script I receive upper described error > message. > > "dmesg", "logcat", even "ssh ... -vvv" don't give any error message. > > I think problem is in "dropbear" itself, because when system runs "dbclient" > and then I run "dropbear -E -R" manually , tunneling works correctly. > > This is my output of "ssh ... -v" > > > OpenSSH_7.6p1, LibreSSL 2.6.2 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 48: Applying options for * > debug1: Connecting to localhost port 50643. > debug1: Connection established. > debug1: key_load_public: No such file or directory > debug1: identity file ssh_rsa_key_to_box type -1 > debug1: key_load_public: No such file or directory > debug1: identity file ssh_rsa_key_to_box-cert type -1 > debug1: Local version string SSH-2.0-OpenSSH_7.6 > debug1: Remote protocol version 2.0, remote software version > dropbear_2017.75 > debug1: no match: dropbear_2017.75 > debug1: Authenticating to localhost:50643 as 'root' > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: algorithm: curve25519-sha...@libssh.org > debug1: kex: host key algorithm: ssh-rsa > debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 > compression: none > debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 > compression: none > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY > debug1: Server host key: ssh-rsa > SHA256:M1PmvueMNfm4q47UlzVWZMdB6YzxyYBy4I5hden9ctU > debug1: Host '[localhost]:50643' is known and matches the RSA host key. > debug1: Found key in /Users/haykbeglaryan/.ssh/known_hosts:23 > debug1: rekey after 4294967296 blocks > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: rekey after 4294967296 blocks > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug1: Authentications that can continue: publickey > debug1: Next authentication method: publickey > debug1: Trying private key: ssh_rsa_key_to_box > debug1: Authentication succeeded (publickey). > Authenticated to localhost ([::1]:50643). > debug1: channel 0: new [client-session] > debug1: Entering interactive session. > debug1: pledge: network > debug1: Sending environment. > debug1: Sending env LC_CTYPE = UTF-8 > debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 > Aiee, segfault! You should probably report this as a bug to the developer > debug1: channel 0: free: client-session, nchannels 1 > debug1: fd 1 clearing O_NONBLOCK > Connection to localhost closed. > Transferred: sent 2640, received 1816 bytes, in 0.0 seconds > Bytes per second: sent 312354.4, received 214861.9 > debug1: Exit status 1 > > > Best regards: > — > Hayk Beglaryan, Software developer > Mobile: +374 (41) 550 309 >
