proxychains-ng doesn't work with ssh on Ubuntu 22.04
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
proxychains-ng (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
SRU Justification
=================
[ Impact ]
On Ubuntu 22.04, proxychains-ng (version 4.16) doesn't work with ssh:
$ proxychains4 ssh <email address hidden>
[proxychains] config file found: /etc/proxychain
[proxychains] preloading /usr/lib/
select2: Bad file descriptor
ssh: Could not resolve hostname github.com: Unknown error
Other commands (e.g.: wget) work with proxychains-ng correctly.
This bug does not occur on Ubuntu 22.10 or earlier releases. It should
be treated as a regression.
Upstream bug report: https:/
Upstream explanation:
> due to the new close_range syscall
> which was added in linux 5.9 and recently activated in glibc:
> https:/
> https:/
> this causes our close() hook to become ineffective and ssh closing our pipes to the dns lookup thread behind our back.
[ Test Plan ]
* Prepare pre-installed virutal machines running up-to-date Ubuntu 21.10, 22.04 and 22.10 (dev).
On each installed virtual machine:
0. Execute "sudo apt install proxychains4 ssh ; sudo systemctl start ssh".
1. Configure proxychains-ng to use socks5 connection by editing the last line of /etc/proxychain
2. Execute "ssh -D 1080 localhost".
3. In a new terminal emulator, execute "proxychains4 ssh <email address hidden>".
* On Ubuntu 21.10 (with proxychains-ng 4.14-3) and Ubuntu 22.10 (with proxychains-ng 4.16-2),
the following output is expected, indicating successful connection:
[proxychains] config file found: /etc/proxychain
[proxychains] preloading /usr/lib/
[proxychains] DLL init: proxychains-ng 4.16
[proxychains] Strict chain ... 127.0.0.1:1080 ... github.com:22 ... OK
<email address hidden>: Permission denied (publickey).
Connection to github.com closed.
* On Ubuntu 22.04 (with proxychains-ng 4.16-1), the following output is expected,
indicating broken connection and regression:
[proxychains] config file found: /etc/proxychain
[proxychains] preloading /usr/lib/
select2: Bad file descriptor
ssh: Could not resolve hostname github.com: Unknown error
4. In all systems, non-ssh proxychains connection should always success.
For example, executiong "proxychains4 wget https:/
finish successfully.
[ Fix ]
Upstream commit 000000006265577
debian/
in proxchains-
https:/
[ Where the problem could occur ]
* In the worst case, the patch provided by upstream could went wrong and
make non-ssh proxyhains connection to break as well.
* Proxychains-ng is a leaf package. No other packages will be affected
in any circumstances.
[ Other Info ]
* The fix is initially prepared by me (as Debian Developer) as Debian's
proxychains-
* The fix is also tested on the Debian side. Since current Debian Sid
has a lower glibc version (2.33), the bug does not occur with any
proxychains-ng version.
-------
On Ubuntu 22.04, proxychains-ng (version 4.16) doesn't work with ssh:
$ proxychains4 ssh <email address hidden>
[proxychains] config file found: /etc/proxychain
[proxychains] preloading /usr/lib/
select2: Bad file descriptor
ssh: Could not resolve hostname github.com: Unknown error
Other commands (e.g.: wget) work with proxychains-ng correctly.
The Ubuntu 22.04 ships the proxychains-ng v4.16
https:/
The following upstream patch fixed the bug:
https:/
This patch should be backported to v4.16 and integrated into the next version of Ubuntu 22.04 proxychains-ng package.
Let me fix it in Ubuntu 22.10 (dev) first, and we can take a look back onto Ubuntu 22.04 after that.