SSH + SFTP access to phone lost

Hi sailors,

Need help on a problem: On my Xperia 10 single SIM, since the last update to 4.1.0.24, sftp and ssh access is no more possible. On trying ssh, error message is:

andrea@andrea-TravelMate-P249-M:~$ ssh nemo@192.168.0.3
ssh: connect to host 192.168.0.3 port 22: Connection refused
andrea@andrea-TravelMate-P249-M:~$

On trying sftp:

Status: Verbinde mit 192.168.0.3…
Antwort: fzSftp started, protocol_version=9
Befehl: open nemo@192.168.0.3 22
Fehler: FATAL ERROR: Connection refused
Fehler: Herstellen der Verbindung zum Server fehlgeschlagen

A second thing is, that after a failed attempt to access the phone, the network connection of the laptop is interrupted (no internet connection) and i have to plug out and plug in again the network cable to reset the connectivity of the laptop. After doing so, internet access works again.

In the same intranet, the ssh + sftp connection to my other Xperia 10 (Dual SIM) does work perfect! Does anyone know what can be the reason for this?

Sounds more like your laptop and/or network is at fault, rather than the phone…

But for general sanity:

  • Is SSH still enabled in developer settings?
  • Is your username still nemo?
  • Can you ssh to yourself on the phone?
1 Like

yes / yes / yes

post must have at least 20 characters :sweat_smile:

And SSHing to itself is by lan IP rather than localhost or 127.0.0.1, right?
How about from the other phone?

Have you tried deactivating and re-activating developer mode?

Maybe looking at the traffic with Wireshark can shed some light on how the connection is terminated.
(i can’t tell you what to look for though)

1 Like

Yes, ssh to 192.168.0.3, that’s the WLAN address, the phone gots from the access point.

I don’t want to make experiments with the other phone, because it is my one and only internet access here. But I tried from a Raspberry Pi, result is the same: Connection refused by server.

I also switched off ssh access + dev mode, resetted the network by Hilfsprogramme, then rebooted the phone by power off, then turned on again dev mode, ssh access, WLAN and tried again from Raspi - does not work.

ssh access to the other phone from Raspi + Laptop does work fine.

Will install Wireshark on the laptop, so I can watch the network traffic while trying to access the phone from the Raspi.

Try ssh -vvvvv that should give more info abou what failed. Maybe it’s something to do with kex or ciphers. Although that would give a 'reset by peer ’ not ‘refused’ message.

1 Like

ssh -vvvvv displays in last line:

debug1: connect to address 192.168.0.3 port 22: Connection refused

the lines above seem to be OK.

Trying to connect with FileZilla from the Raspi shows:

Verbindungsversuch fehlgeschlagen mit (Connection failed with) “ECONNREFUSED - Verbindung durch Server verweigert” (Connection denied by server).

EDIT: As long as the phone is connected to the WLAN, it causes some network traffic that slows down the internet speed to unuseable… After disconnecting the phone from the local WLAN, internet speed is normal again.

Yesterday the phone did download some obscure file without any action done by me, as i unlocked the screen saver, and only wanted to look if some messages came in. This file is not listed in downloaded files. No idea what this was, and can’t find it on the phone.

I suspect that some Android app did something evil… Android support was running as this happened.

I have this Android apps installed:

Privacy browser
FOSS Browser
JRPN 16c
Droid48
Oscilloscope
Delta Chat
EchoLink
Planisphäre
Mumla
F-Droid
VLC
Jitsi Meet

Is some of them known as critical?

I give consideration to kick off all Android stuff…

EDIT: Unfortunately I failed to run Wireshark on Raspi. Program starts but does not work in a useable way because of some rights conflict. Error message is:
Couldn’t run /usr/bin/dumpcap in child process: No authorization.

Maybe you can post the output on the phone from

devel-su netstat -tulpn

An the output of your pc showing

ifconfig (or if you are on arch: ipconfig)

Have you also tried ssh-ing through an usb connection?

1 Like

Yes, output of phone is:

Active internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 4578/connmand
tcp 0 0 127.0.0.1:8553 0.0.0.0:* LISTEN 4868/systemd
tcp 0 0 ::1:53 :::* LISTEN 4578/connmand
tcp 0 0 :::22 :::* LISTEN 1/systemd
udp 0 0 127.0.0.1:53 0.0.0.0:* 4578/connmand
udp 0 0 0.0.0.0:52526 0.0.0.0:* 4578/connmand
udp 0 0 ::1:53 :::* 4578/connmand

Now I tried to find out the output of the pc and connected the phone to the WLAN. Result is a blocked and overloaded WLAN and internet access.

So I made another attempt - the Raspi’s WLAN is configured as an access point, but with no routing to the Raspi’s cable network and therefore isolated from the internet.
So I connected the phone by WLAN to the Raspi.

ssh access to the phone from the Raspi is now possible,
sftp access to the phone from the Raspi is also possible and working.

Internet access from the laptop is not affected at the same time.

Can it be that i catched a virus on the phone?

EDIT: I did not try to access the phone through USB.

Is sshd running on the phone? I’ve had a few cases where sshd was not running (despite enabling it in developer settings) - check first:
devel-su systemctl status sshd

and if it is not running
devel-su systemctl start sshd

1 Like

Everything is working fine in an isolated WLAN as long as there is no connection to the internet. But if the WLAN is also connected with the internet, there occurs a massive overload of all network connections after 1 or 2 minutes.

Obviously ssh is listening on port 22.

You said, that you may think there are some suspicious android apps on your phone. May you want to try it while stopping your android app support?
May you want to try, if ssh over usb is working quite well? If your problem is your internet connection or something related to that, it shouldn’t happen although via usb…

1 Like

Sounds weird. You don’t have anything like a torrent client or I2P or bit/lite/foocoin wallet running somewhere do you?

Something that spawns a lot of connections? Those can really easily overwhelm any low-power routing device, like a pi access point, which would result in the phenomenon you describe.

Anyway, maybe nethogs can help tracking something like that down.

1 Like

Did I understand this correctly? You have a RasPI AP to which you are connected to, both the phone and the computer. You can’t access the phone from the computer. You can access the phone from the RasPI.

If all above ia true, it’s a routing issue with the RasPI setup. Sounds like it’s isolating every WLAN client from one another.

Can you access your PC from the phone? A ssh or http server should be quick to try…

(I’m not saying I have the same issue, or I don’t, but I do. Just not with a RasPI, but this crap AP…)

1 Like

No,
I have a LAN with RasPI (cable network), Laptop, printer, hub and a D-Link N300 / DAP-1325 WLAN Range extender with also a cable net plug. All this connected together and the D-Link connected to my ‘main’ phone (Xperia 10 Dual SIM), which is the main internet access + VPN.

RasPI’s WLAN is configured as access point without bridge to the cable net interface, only to access the RasPI from another laptop and nothing else, to share some data or documents.

The problem occured on my other, ‘experimental’ phone, a Xperia 10 single SIM. So I used the RasPI’s isolated access point to check whats the matter and if the SSH + SFTP of the ‘experimental’ phone is working better if there is no way for it to connect to outside.

Result is, SSH + SFTP server on the ‘experimental’ phone works again without doing anything else, if there is no access to the internet for it. I assume that something went crazy in the ‘experimental’ phone because of some Android apps doing something evil…

In the mean time I made a factory reset and am now working on installing everything new.

…and then delete and re-enter the passwords on the SSH + SFTP clients.
Everything works now.

Thank you all very much!

1 Like