search

PurpleI2P / i2pd

🛡 I2P: End-to-End encrypted and anonymous Internet
https://i2pd.website
BSD 3-Clause "New" or "Revised" License
3.26k stars 423 forks source link

ssh tunnel via i2pd is infuriatingly unstable and i don't know why #2111

Open i2pbanana opened 1 week ago

i2pbanana commented 1 week ago

i use ssh to create a socks proxy to a remote server via i2pd. sometimes it works, sometimes not. when it works, it will stop working after some minutes. sometimes i can manually reset it and go another round, sometimes it stops responding completely as if the server had gone offline, and i cannot access the ssh server at all through i2p, either tunnel or simple user login.

moreover, it has gotten worse the past two or three days. i was able to at least do what i needed to do even if inconvenient, but now it has become unusable to me. i see other user posted about a doss attack so maybe that explains this part.

i can access the ssh server with a tor hidden service instead, and with tor it can stay online and responsive for several hours. on the client side, i can browse i2p sites without issues. this is either a problem with i2pd on the server side, or maybe bad tunnel settings. can somebody please help me figure out? both client and server show "Network Status: OK" on the web interface.

client tunnel config:

[ssh] type = client address = 127.0.0.1 port = 700 inbound.length = 3 outbound.length = 3 inbound.quantity = 8 outbound.quantity = 8 inbound.backupQuantity = 2 outbound.backupQuantity = 2 destination = [redacted for security].b32.i2p keys = ssh.dat

server tunnel config:

[ssh] type = server host = 127.0.0.1 port = 700 inbound.length = 3 outbound.length = 3 inbound.quantity = 8 outbound.quantity = 8 inbound.backupQuantity = 2 outbound.backupQuantity = 2 keys = ssh.dat

ssh error message on failure to connect:

key_exchange_identification: read: Connection reset by peer Connection reset by 127.0.0.1 port 700

alternate error, less commonly:

key_exchange_identification: Connection closed by remote host Connection reset by 127.0.0.1 port 700

Vort commented 1 week ago

Do you use latest version of i2pd, 2.54.0, for client and server?

i see other user posted about a doss attack so maybe that explains this part

Right, attack made network less stable.

i2pbanana commented 1 week ago

Do you use latest version of i2pd, 2.54.0, for client and server?

2.54.0?! What the... Huh. No, both are on 2.45.1. What is the correct way to update? It seems my distro's package manager is lagging behind.

Vort commented 1 week ago

You may try looking at files in Assets section here: https://github.com/PurpleI2P/i2pd/releases/tag/2.54.0

i2pbanana commented 1 week ago

Ah, it's right there. Thank you! I'll report back in a few once I've updated both machines and tested.

orignal commented 1 week ago

inbound.backupQuantity = 2 outbound.backupQuantity = 2

What is backupQuantity? There is no such params in i2pd.

r4sas commented 1 week ago

What is the correct way to update?

https://i2pd.readthedocs.io/en/latest/user-guide/install/