Jump to content
Not connected, Your IP: 3.135.195.180
Guest unv

ANSWERED eddie-cli 2.21.8 Debian GNU/Linux 11 (bullseye) SSH/SSL options are not working.

Recommended Posts

Guest

Here is my command I use to execute my eddie-cli.
 

eddie-cli --login="foo" --password="bar" \
 --connect="True" \
 --netlock="True" \
 --server="Salm" \
 --mode.protocol="SSH" \
 --mode.port="22" \
 --mode.alt="3" \
 --event.vpn.up.waitend="" \
 --event.vpn.up.filename="" \
 --event.vpn.up.arguments=""

Here is the eddie-cli log.
 
. 2022.10.16 15:40:20 - Command line arguments (13): path.resources="/usr/share/eddie-cli" path.exec="/usr/bin/eddie-cli" login="" password="" connect="True" netlock="True" server="Salm" mode.protocol="SSH" mode.port="22" mode.alt="3" event.vpn.up.waitend="" event.vpn.up.filename="" event.vpn.up.arguments=""
. 2022.10.16 15:40:20 - Raise system privileges
. 2022.10.16 15:40:21 - Reading options from /usr/lib/eddie-cli/default.profile
. 2022.10.16 15:40:22 - OpenVPN - Version: 2.5.1 - OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10 (/usr/sbin/openvpn)
. 2022.10.16 15:40:22 - SSH - Version: OpenSSH_8.4p1 Debian-5+deb11u1, OpenSSL 1.1.1n  15 Mar 2022 (/usr/bin/ssh)
. 2022.10.16 15:40:22 - SSL - Version: stunnel 5.56 (/usr/bin/stunnel4)
. 2022.10.16 15:40:22 - curl - Version: 7.74.0 (/usr/bin/curl)
! 2022.10.16 15:40:23 - Activation of Network Lock - Linux nftables
I 2022.10.16 15:40:23 - Press 'X' to Cancel, 'N' to connect/reconnect to the best available server.
I 2022.10.16 15:40:23 - Ready
I 2022.10.16 15:40:23 - Checking login ...
! 2022.10.16 15:40:23 - Logged in.
. 2022.10.16 15:40:24 - Collect information about AirVPN completed
I 2022.10.16 15:40:25 - Session starting.
I 2022.10.16 15:40:25 - Checking authorization ...
! 2022.10.16 15:40:25 - Connecting to Salm (Netherlands, Alblasserdam)
. 2022.10.16 15:40:25 - Routes, add 213.152.161.22/32 for interface "enp4s0".
. 2022.10.16 15:40:25 - Routes, add 213.152.161.22/32 for interface "enp4s0", already exists.
. 2022.10.16 15:40:25 - Collect information about AirVPN completed
. 2022.10.16 15:40:26 - OpenVPN > OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021
. 2022.10.16 15:40:26 - OpenVPN > library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
. 2022.10.16 15:40:26 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2022.10.16 15:40:26 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2022.10.16 15:40:26 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2022.10.16 15:40:26 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2022.10.16 15:40:26 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]213.152.161.22:443
. 2022.10.16 15:40:26 - OpenVPN > Socket Buffers: R=[212992->212992] S=[212992->212992]
. 2022.10.16 15:40:26 - OpenVPN > UDP link local: (not bound)
. 2022.10.16 15:40:26 - OpenVPN > UDP link remote: [AF_INET]213.152.161.22:443
. 2022.10.16 15:40:26 - OpenVPN > TLS: Initial packet from [AF_INET]213.152.161.22:443, sid=bba0090e 6e401a20
. 2022.10.16 15:40:26 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2022.10.16 15:40:26 - OpenVPN > VERIFY KU OK
. 2022.10.16 15:40:26 - OpenVPN > Validating certificate extended key usage
. 2022.10.16 15:40:26 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2022.10.16 15:40:26 - OpenVPN > VERIFY EKU OK
. 2022.10.16 15:40:26 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Salm, emailAddress=info@airvpn.org
. 2022.10.16 15:40:26 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA
. 2022.10.16 15:40:26 - OpenVPN > [Salm] Peer Connection Initiated with [AF_INET]213.152.161.22:443
. 2022.10.16 15:40:26 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.29.10.1,dhcp-option DNS6 fde6:7a:7d20:190a::1,tun-ipv6,route-gateway 10.29.10.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:190a::1015/64 fde6:7a:7d20:190a::1,ifconfig 10.29.10.23 255.255.255.0,peer-id 2,cipher AES-256-GCM'
. 2022.10.16 15:40:26 - OpenVPN > Pushed option removed by filter: 'redirect-gateway ipv6 def1 bypass-dhcp'
. 2022.10.16 15:40:26 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS 10.29.10.1'
. 2022.10.16 15:40:26 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS6 fde6:7a:7d20:190a::1'
. 2022.10.16 15:40:26 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2022.10.16 15:40:26 - OpenVPN > OPTIONS IMPORT: compression parms modified
. 2022.10.16 15:40:26 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2022.10.16 15:40:26 - OpenVPN > OPTIONS IMPORT: route-related options modified
. 2022.10.16 15:40:26 - OpenVPN > OPTIONS IMPORT: peer-id set
. 2022.10.16 15:40:26 - OpenVPN > OPTIONS IMPORT: adjusting link_mtu to 1625
. 2022.10.16 15:40:26 - OpenVPN > OPTIONS IMPORT: data channel crypto options modified
. 2022.10.16 15:40:26 - OpenVPN > Data Channel: using negotiated cipher 'AES-256-GCM'
. 2022.10.16 15:40:26 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
. 2022.10.16 15:40:26 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
. 2022.10.16 15:40:26 - OpenVPN > TUN/TAP device tun0 opened
. 2022.10.16 15:40:26 - OpenVPN > net_iface_mtu_set: mtu 1500 for tun0
. 2022.10.16 15:40:26 - OpenVPN > net_iface_up: set tun0 up
. 2022.10.16 15:40:26 - OpenVPN > net_addr_v4_add: 10.29.10.23/24 dev tun0
. 2022.10.16 15:40:26 - OpenVPN > net_iface_mtu_set: mtu 1500 for tun0
. 2022.10.16 15:40:26 - OpenVPN > net_iface_up: set tun0 up
. 2022.10.16 15:40:26 - OpenVPN > net_addr_v6_add: fde6:7a:7d20:190a::1015/64 dev tun0
. 2022.10.16 15:40:31 - OpenVPN > Initialization Sequence Completed
. 2022.10.16 15:40:31 - DNS of the system updated to VPN DNS (Rename method: /etc/resolv.conf generated)
. 2022.10.16 15:40:31 - Routes, add 0.0.0.0/1 for interface "tun0".
. 2022.10.16 15:40:31 - Routes, add 128.0.0.0/1 for interface "tun0".
. 2022.10.16 15:40:31 - Routes, add ::/1 for interface "tun0".
. 2022.10.16 15:40:32 - Routes, add 8000::/1 for interface "tun0".
. 2022.10.16 15:40:32 - Routes, add 213.152.161.20/32 for interface "tun0".
. 2022.10.16 15:40:32 - Routes, add 2a00:1678:2470:4a:5908:1fce:a15f:5c5a/128 for interface "tun0".
. 2022.10.16 15:40:32 - Flushing DNS
I 2022.10.16 15:40:32 - Checking route IPv4
I 2022.10.16 15:40:32 - Checking route IPv6
I 2022.10.16 15:40:32 - Checking DNS
! 2022.10.16 15:40:33 - Connected.
As you can see the eddie-cli has connected to Salm however its by the default TCP/UDP and not using the SSH protocol, I have also tried this with SSL I need to use alternative protocols due to ISP throttling.
 
. 2022.10.16 15:40:26 - OpenVPN > [Salm] Peer Connection Initiated with [AF_INET]213.152.161.22:443

Can anyone please advise?
 

Share this post


Link to post

Can confirm that eddie-cli does not honor the --mode.protocol argument. Looks like a bug to me here.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
Guest

Thank you for the reply OpenSourcerer, should I open a request via Github to get this issue fixed?

Share this post


Link to post
15 hours ago, unv said:

Thank you for the reply OpenSourcerer, should I open a request via Github to get this issue fixed?


not need, it's under investigation, thanks for the report.

Share this post


Link to post

Please try

eddie-cli --login="foo" --password="bar" \
 --connect="True" \
 --netlock="True" \
 --server="Salm" \
 --mode.type="openvpn" \
 --mode.protocol="tcp" \
 --mode.port="22" \
 --mode.alt="3"

I added the mode.type="openvpn" only for coherence, it's the default.
I changed "mode.protocol" from "SSH" to "TCP".  (case doesn't matter).

This is a changed behavior some Eddie version ago about "mode.protocol" meaning, that now is UDP or TCP, nothing else. Eddie automatically detects that requested entry-ip and port are supported over SSH transport, and uses SSH.

A tip: run Eddie UI, change options with the UI (like choose the SSH) and after use Logs->Lifebelt and look "Important options not at defaults", here you can find the right options that can be used as parameters of eddie-cli:
mode.type: openvpn
mode.protocol: TCP
mode.port: 22
mode.alt: 3

Share this post


Link to post
1 hour ago, Clodo said:

mode.type: openvpn mode.protocol: TCP mode.port: 22 mode.alt: 3


Can confirm that these settings work, but only if --mode.type is set explicitly. Otherwise, UDP 443 is used.

Eddie v2.22.1, by the way.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
Guest
2 hours ago, Clodo said:

Please try


eddie-cli --login="foo" --password="bar" \
 --connect="True" \
 --netlock="True" \
 --server="Salm" \
 --mode.type="openvpn" \
 --mode.protocol="tcp" \
 --mode.port="22" \
 --mode.alt="3"

I added the mode.type="openvpn" only for coherence, it's the default.
I changed "mode.protocol" from "SSH" to "TCP".  (case doesn't matter).

This is a changed behiavour some Eddie version ago about "mode.protocol" meaning, that now is UDP or TCP, nothing else. Eddie automatically detect that requested entry-ip and port are supported over SSH transport, and use SSH.

A tip: run Eddie UI, change options with the UI (like choose the SSH) and after use Logs->Lifebelt and look "Important options not at defaults", here you can find the right options that can be used as parameters of eddie-cli:

mode.type: openvpn
mode.protocol: TCP
mode.port: 22
mode.alt: 3

Thanks got it working! :)

Share this post


Link to post
On 10/18/2022 at 9:31 PM, Clodo said:

Please try


eddie-cli --login="foo" --password="bar" \
 --connect="True" \
 --netlock="True" \
 --server="Salm" \
 --mode.type="openvpn" \
 --mode.protocol="tcp" \
 --mode.port="22" \
 --mode.alt="3"

I added the mode.type="openvpn" only for coherence, it's the default.
I changed "mode.protocol" from "SSH" to "TCP".  (case doesn't matter).

This is a changed behavior some Eddie version ago about "mode.protocol" meaning, that now is UDP or TCP, nothing else. Eddie automatically detects that requested entry-ip and port are supported over SSH transport, and uses SSH.

A tip: run Eddie UI, change options with the UI (like choose the SSH) and after use Logs->Lifebelt and look "Important options not at defaults", here you can find the right options that can be used as parameters of eddie-cli:

mode.type: openvpn
mode.protocol: TCP
mode.port: 22
mode.alt: 3
 

Share this post


Link to post

My message - "W 2022.11.09 07:30:33 - OpenVPN > Options error: Unrecognized option or missing or extra parameter(s) in C:\Users\first\AppData\Local\Eddie\fc7fcf01147babae86e2c6d13988adb13ba8ec6b4831bce3a3029c29ac2a79c6.tmp.ovpn:7: mode.port (2.5.7)".

I got made all above additions at OpenVPN directives, doesn't helping, but I am on Win11.

Share this post


Link to post
8 hours ago, bnrrteterstnjrsj45 said:

My message - "W 2022.11.09 07:30:33 - OpenVPN > Options error: Unrecognized option or missing or extra parameter(s) in C:\Users\first\AppData\Local\Eddie\fc7fcf01147babae86e2c6d13988adb13ba8ec6b4831bce3a3029c29ac2a79c6.tmp.ovpn:7: mode.port (2.5.7)".

I got made all above additions at OpenVPN directives, doesn't helping, but I am on Win11.


Are not "openvpn directives", are argument for eddie-cli/eddie-ui.
What is your issue exactly? Thx

Share this post


Link to post
1 hour ago, Clodo said:

Are not "openvpn directives", are argument for eddie-cli/eddie-ui.
What is your issue exactly? Thx

Just like friend trying connecting via SSH and SSL too, both not available. Win11. Might be ONT-terminal are blocking or similar. Wireguard are working.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...