SSH Proxy Troubles with Core Tunnel A Cry for Help

Core Tunnel
1

Hi :raised_hand:,

I'm encountering persistent challenges with my SSH proxy setup using Core Tunnel and could really use your expertise. As a cybersecurity analyst with a strong background in SSH configurations, I'm puzzled by these ongoing issues.

My Setup:

  • macOS Monterey (Version 12.4)
  • Core Tunnel Version 3.5.2
  • Ubuntu 20.04 LTS SSH server on AWS EC2
  • SOCKS5 Proxy

The Problems:

  1. Unreliable Connections: My SSH connection frequently drops after brief periods of inactivity. Despite a stable network, I suspect a timeout issue. Are there advanced Core Tunnel settings to prevent premature disconnections?
  2. Authentication Headaches: I'm occasionally locked out, even with correct credentials. I use key-based authentication with a macOS keychain-stored private key. Could keychain integration or other factors be causing these authentication failures?
  3. Proxy Traffic Stumbles: My SOCKS5 proxy intermittently fails to forward traffic, leading to application connection errors. I've reviewed Core Tunnel logs but haven't found any clear culprits.

What I have Tried- Restarted Core Tunnel and the SSH server, Verified and re-added my SSH key to the keychain, Scrutinized Core Tunnel logs for clues.Tweaked SSH server settings for improved connection persistence.

I've already scoured resources/article like the Trouble SSH Tunneling to remote server | StackOverflow Data analytics tutorial,While it offered valuable initial guidance, I'm confident this community's expertise can provide even deeper insights to help me resolve these issues.

I'm hoping the collective wisdom of this community can shed light on these issues. Any insights, troubleshooting tips, or shared experiences would be greatly appreciated.

Thank you for your time and assistance. :pray:

2

Never seen those issues. I configure all my settings in $HOME/.ssh/config and then reference the aliases in Core Tunnel. See my settings below.

# chmod 700 $HOME/.ssh
# chmod 600 $HOME/.ssh/config
# chmod 644 $HOME/.ssh/authorized_keys
# 
# KexAlgorithms ecdh-sha2-nistp521

Host *
	IdentityFile /Users/user/.ssh/id_rsa
	IdentityFile /Users/user/.ssh/personal/id_rsa
	IdentitiesOnly yes
	AddKeysToAgent yes
	ServerAliveInterval 240
	ServerAliveCountMax 2
	TCPKeepAlive yes
	UseKeychain yes
	PubkeyAcceptedKeyTypes +ssh-rsa
	HostKeyAlgorithms +ssh-rsa
	KexAlgorithms curve25519-sha256,ecdh-sha2-nistp521

Host bastion
	User opc
	HostName x.x.x.x
	Port 22
	IdentityFile /Users/user/.ssh/id_rsa
	LocalForward 1522 x.x.x.x:1522
3

Could you please enable verbose log, and send me a copy of desensitized log?

It's very likely caused by server setup, please check following directives in your server config file:

  1. ChannelTimeout
  2. ClientAliveCountMax and ClientAliveInterval
  3. UnusedConnectionTimeout

The Codinn Store version supports ssh-agent, let me know if you need assitance for setup.

Please set log level to DEBUG3, and send me a copy of desensitized log when applications run into connection errors.

And, I'm sorry for the late reply.

Kindly Regards,

Yang