Arch Linux

pr0m3th3us

Member

Registered: 2021-08-28

Posts: 13

mosh-server is binding to the local IP instead of the public IP.

I am running Arch Linux on a VPS server. It has two IP: a private and public one.

Since I have installed UFW I am unable to connect using mosh but ssh works fine.

> mosh s_wexler



mosh did not make a successful connection to <vps ip>:60001.
Please verify that UDP port 60001 is not firewalled and can reach the server.

Looks like mosh-server is binding to the local or private IP  address:

$ sudo netstat -nulp | grep mosh
udp        0      0 <local ip>:60001      0.0.0.0:*                           584/mosh-server     

ufw configuration

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
Anywhere                   ALLOW       10.19.0.0/24              
22                         LIMIT       Anywhere                  
mosh                       ALLOW       Anywhere                  
22 (v6)                    LIMIT       Anywhere (v6)             
60001/udp (v6)             ALLOW       Anywhere (v6)             
mosh (v6)                  ALLOW       Anywhere (v6)             

$ cat mosh
[mosh]
title=mosh
description=mosh shell
ports=60000:61000/udp

Is there a way I can keep UFW and still be able to use mosh?

Last edited by pr0m3th3us (2022-02-16 11:16:10)

-thc

Member

Registered: 2017-03-15

Posts: 1,086

Re: mosh-server is binding to the local IP instead of the public IP.

The start command for "mosh-server" binds it to the local address.

seth

Member

From: Don't DM me only for attention

Registered: 2012-09-03

Posts: 73,078

Re: mosh-server is binding to the local IP instead of the public IP.

https://man.archlinux.org/man/community … .1.en#bind
https://man.archlinux.org/man/community … ver.1.en#i

The local host does't know the WAN IP (certainly behind a NAT - nor that the fronting IP forwards the relevant port to this host)

udp        0      0 <local ip>:60001      0.0.0.0:*                           584/mosh-server

Your LAN IP doesn't need obfuscation (unlike your WAN IP)
https://karlsbakk.net/hacker/

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

pr0m3th3us

Member

Registered: 2021-08-28

Posts: 13

Re: mosh-server is binding to the local IP instead of the public IP.

The start command for "mosh-server" binds it to the local address.

How can I change that?

pr0m3th3us

Member

Registered: 2021-08-28

Posts: 13

Re: mosh-server is binding to the local IP instead of the public IP.

https://man.archlinux.org/man/community … .1.en#bind
https://man.archlinux.org/man/community … ver.1.en#i

The local host does't know the WAN IP (certainly behind a NAT - nor that the fronting IP forwards the relevant port to this host)

udp        0      0 <local ip>:60001      0.0.0.0:*                           584/mosh-server

Your LAN IP doesn't need obfuscation (unlike your WAN IP)
https://karlsbakk.net/hacker/

I tried disabling the firewall.

Same result:

> mosh s_wexler



mosh did not make a successful connection to <wan ip>:60001.
Please verify that UDP port 60001 is not firewalled and can reach the server.

(By default, mosh uses a UDP port between 60000 and 61000. The -p option
selects a specific UDP port number.)
[mosh is exiting.]

I tried specifying the IP address as in the link you posted:

> mosh s_wexler --bind-server=<wan ip>
Failed binding to <wan ip>:60999
Error binding to IP <wan ip>: bind: Cannot assign requested address



mosh did not make a successful connection to <wan ip>:60002.
Please verify that UDP port 60002 is not firewalled and can reach the server.

(By default, mosh uses a UDP port between 60000 and 61000. The -p option
selects a specific UDP port number.)
[mosh is exiting.]

Why is it failing to bind to "<wan ip>:60999"? What is stopping the mosh-server?

The funny thing is the mosh worked fine before I installed ufw. But then I replaced iptables with nftables and installed ufw. BHAM moss doesn't work anymore. Even if I disable ufw.

https://karlsbakk.net/hacker/

Funny!

Last edited by pr0m3th3us (2022-02-17 00:17:15)

seth

Member

From: Don't DM me only for attention

Registered: 2012-09-03

Posts: 73,078

Re: mosh-server is binding to the local IP instead of the public IP.

Do you forward the port?
Check "nmap <wan ip>" - and you probably wanted to obfuscate that one...

If stuff indeed used to work:
nftables comes w/ a default ruleset that iirc blocks everything but ssh/22

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

-thc

Member

Registered: 2017-03-15

Posts: 1,086

Re: mosh-server is binding to the local IP instead of the public IP.

You try to connect from a client via mosh to your VPS, correct?
Is your client also running Arch?
Where did you install ufw/nftables? Client or VPS?

Which of those 5 commands were executed on the client or on the VPS:

> mosh s_wexler
$ sudo netstat -nulp | grep mosh
$ sudo ufw status
$ cat mosh
> mosh s_wexler --bind-server=<wan ip>

This makes no sense:

But then I replaced iptables with nftables and installed ufw.

ufw is a user-friendly front-end for iptables only. Installing ufw re-installs iptables.

Did you enable nftables via

systemctl enable nftables.service

? If yes, disable it. Or remove it.

Last edited by -thc (2022-02-16 19:12:45)

pr0m3th3us

Member

Registered: 2021-08-28

Posts: 13

Re: mosh-server is binding to the local IP instead of the public IP.

You try to connect from a client via mosh to your VPS, correct?
Is your client also running Arch?
Where did you install ufw/nftables? Client or VPS?

Which of those 5 commands were executed on the client or on the VPS:

> mosh s_wexler
$ sudo netstat -nulp | grep mosh
$ sudo ufw status
$ cat mosh
> mosh s_wexler --bind-server=<wan IP>

This makes no sense:

But then I replaced iptables with nftables and installed ufw.

ufw is a user-friendly front-end for iptables only. Installing ufw re-installs iptables.

Did you enable nftables via

systemctl enable nftables.service

? If yes, disable it. Or remove it.

I ran all the commands on the VPS.

I will enable iptables and get back to you.

Please remove the wan IP in your reply. Thanks.

pr0m3th3us

Member

Registered: 2021-08-28

Posts: 13

Re: mosh-server is binding to the local IP instead of the public IP.

The issue is probably bad network configuration of the Arch Linux image by the VPS provider.

I also have issue with a web server: it only serves on the internal IP but not the public IP.

I have used a different image (debian) and both issues got resolved.  The issue is not with Arch Linux or the apps within and I have no intention of correcting the bad configuration by the VPS.

I request the mods to close this thread.

Last edited by pr0m3th3us (2022-02-20 10:01:16)