SSH + SFTP access to phone lost

Hi sailors,

Need help on a problem: On my Xperia 10 single SIM, since the last update to 4.1.0.24, sftp and ssh access is no more possible. On trying ssh, error message is:

andrea@andrea-TravelMate-P249-M:~$ ssh nemo@192.168.0.3
ssh: connect to host 192.168.0.3 port 22: Connection refused
andrea@andrea-TravelMate-P249-M:~$

On trying sftp:

A second thing is, that after a failed attempt to access the phone, the network connection of the laptop is interrupted (no internet connection) and i have to plug out and plug in again the network cable to reset the connectivity of the laptop. After doing so, internet access works again.

In the same intranet, the ssh + sftp connection to my other Xperia 10 (Dual SIM) does work perfect! Does anyone know what can be the reason for this?

Sounds more like your laptop and/or network is at fault, rather than the phone…

But for general sanity:

• Is SSH still enabled in developer settings?
• Is your username still nemo?
• Can you ssh to yourself on the phone?

yes / yes / yes

post must have at least 20 characters

And SSHing to itself is by lan IP rather than localhost or 127.0.0.1, right?
How about from the other phone?

Have you tried deactivating and re-activating developer mode?

Maybe looking at the traffic with Wireshark can shed some light on how the connection is terminated.
(i can’t tell you what to look for though)

Yes, ssh to 192.168.0.3, that’s the WLAN address, the phone gots from the access point.

I don’t want to make experiments with the other phone, because it is my one and only internet access here. But I tried from a Raspberry Pi, result is the same: Connection refused by server.

I also switched off ssh access + dev mode, resetted the network by Hilfsprogramme, then rebooted the phone by power off, then turned on again dev mode, ssh access, WLAN and tried again from Raspi - does not work.

ssh access to the other phone from Raspi + Laptop does work fine.

Will install Wireshark on the laptop, so I can watch the network traffic while trying to access the phone from the Raspi.

Try ssh -vvvvv that should give more info abou what failed. Maybe it’s something to do with kex or ciphers. Although that would give a 'reset by peer ’ not ‘refused’ message.

ssh -vvvvv displays in last line:

debug1: connect to address 192.168.0.3 port 22: Connection refused

the lines above seem to be OK.

Trying to connect with FileZilla from the Raspi shows:

Verbindungsversuch fehlgeschlagen mit (Connection failed with) “ECONNREFUSED - Verbindung durch Server verweigert” (Connection denied by server).

EDIT: As long as the phone is connected to the WLAN, it causes some network traffic that slows down the internet speed to unuseable… After disconnecting the phone from the local WLAN, internet speed is normal again.

Yesterday the phone did download some obscure file without any action done by me, as i unlocked the screen saver, and only wanted to look if some messages came in. This file is not listed in downloaded files. No idea what this was, and can’t find it on the phone.

I suspect that some Android app did something evil… Android support was running as this happened.

I have this Android apps installed:

Privacy browser
FOSS Browser
JRPN 16c
Droid48
Oscilloscope
Delta Chat
EchoLink
Planisphäre
Mumla
F-Droid
VLC
Jitsi Meet

Is some of them known as critical?

I give consideration to kick off all Android stuff…

EDIT: Unfortunately I failed to run Wireshark on Raspi. Program starts but does not work in a useable way because of some rights conflict. Error message is:
Couldn’t run /usr/bin/dumpcap in child process: No authorization.

Maybe you can post the output on the phone from

devel-su netstat -tulpn

An the output of your pc showing

ifconfig (or if you are on arch: ipconfig)

Have you also tried ssh-ing through an usb connection?

Yes, output of phone is:

Active internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 4578/connmand
tcp 0 0 127.0.0.1:8553 0.0.0.0:* LISTEN 4868/systemd
tcp 0 0 ::1:53 :::* LISTEN 4578/connmand
tcp 0 0 :::22 :::* LISTEN 1/systemd
udp 0 0 127.0.0.1:53 0.0.0.0:* 4578/connmand
udp 0 0 0.0.0.0:52526 0.0.0.0:* 4578/connmand
udp 0 0 ::1:53 :::* 4578/connmand

Now I tried to find out the output of the pc and connected the phone to the WLAN. Result is a blocked and overloaded WLAN and internet access.

So I made another attempt - the Raspi’s WLAN is configured as an access point, but with no routing to the Raspi’s cable network and therefore isolated from the internet.
So I connected the phone by WLAN to the Raspi.

ssh access to the phone from the Raspi is now possible,
sftp access to the phone from the Raspi is also possible and working.

Internet access from the laptop is not affected at the same time.

Can it be that i catched a virus on the phone?

EDIT: I did not try to access the phone through USB.

Is sshd running on the phone? I’ve had a few cases where sshd was not running (despite enabling it in developer settings) - check first:
devel-su systemctl status sshd

and if it is not running
devel-su systemctl start sshd

Everything is working fine in an isolated WLAN as long as there is no connection to the internet. But if the WLAN is also connected with the internet, there occurs a massive overload of all network connections after 1 or 2 minutes.

Obviously ssh is listening on port 22.

You said, that you may think there are some suspicious android apps on your phone. May you want to try it while stopping your android app support?
May you want to try, if ssh over usb is working quite well? If your problem is your internet connection or something related to that, it shouldn’t happen although via usb…

Sounds weird. You don’t have anything like a torrent client or I2P or bit/lite/foocoin wallet running somewhere do you?

Something that spawns a lot of connections? Those can really easily overwhelm any low-power routing device, like a pi access point, which would result in the phenomenon you describe.

Anyway, maybe nethogs can help tracking something like that down.

Did I understand this correctly? You have a RasPI AP to which you are connected to, both the phone and the computer. You can’t access the phone from the computer. You can access the phone from the RasPI.

If all above ia true, it’s a routing issue with the RasPI setup. Sounds like it’s isolating every WLAN client from one another.

Can you access your PC from the phone? A ssh or http server should be quick to try…

(I’m not saying I have the same issue, or I don’t, but I do. Just not with a RasPI, but this crap AP…)

No,
I have a LAN with RasPI (cable network), Laptop, printer, hub and a D-Link N300 / DAP-1325 WLAN Range extender with also a cable net plug. All this connected together and the D-Link connected to my ‘main’ phone (Xperia 10 Dual SIM), which is the main internet access + VPN.

RasPI’s WLAN is configured as access point without bridge to the cable net interface, only to access the RasPI from another laptop and nothing else, to share some data or documents.

The problem occured on my other, ‘experimental’ phone, a Xperia 10 single SIM. So I used the RasPI’s isolated access point to check whats the matter and if the SSH + SFTP of the ‘experimental’ phone is working better if there is no way for it to connect to outside.

Result is, SSH + SFTP server on the ‘experimental’ phone works again without doing anything else, if there is no access to the internet for it. I assume that something went crazy in the ‘experimental’ phone because of some Android apps doing something evil…

In the mean time I made a factory reset and am now working on installing everything new.

…and then delete and re-enter the passwords on the SSH + SFTP clients.
Everything works now.

Thank you all very much!

Have again the same problem on Volla! I tried everything from above, but it didn’t help.
I can successfullt ssh 192.168.0.3 from the built in CLI, but not from laptop via WLAN.

andrea@andrea-Voom-Laptop-Max:~$ ssh volla
ssh: connect to host 192.168.0.3 port 22: Connection refused
andrea@andrea-Voom-Laptop-Max:~$ ssh volla
ssh: connect to host 192.168.0.3 port 22: Connection refused
andrea@andrea-Voom-Laptop-Max:~$ ssh -vvvvv
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
           [-b bind_address] [-c cipher_spec] [-D [bind_address:]port]
           [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]
           [-i identity_file] [-J [user@]host[:port]] [-L address]
           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
           [-Q query_option] [-R address] [-S ctl_path] [-W host:port]
           [-w local_tun[:remote_tun]] destination [command [argument ...]]
andrea@andrea-Voom-Laptop-Max:~$ ssh volla
ssh: connect to host 192.168.0.3 port 22: Connection refused
andrea@andrea-Voom-Laptop-Max:~$ ssh volla
ssh: connect to host 192.168.0.3 port 22: Connection refused
andrea@andrea-Voom-Laptop-Max:~$ 

What shall i try? What can I do to fix it?

• ssh with one “v”, so that it actually works
• Rebooting

ssh -v: command not known by my Linux (Ubuntu 22.04).
Reboot didn’t help, neither before not now again.

To check if maybe the laptop has a bug, I also tried to reach the Volla from another Xperia 10, and that also failed.
Other ssh connections in the LAN do work, coming from laptop and the other Xperia 10.

edit: adding an address did help:

andrea@andrea-Voom-Laptop-Max:~$ ssh -v 192.168.0.3
OpenSSH_8.9p1 Ubuntu-3ubuntu0.1, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /home/andrea/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.0.3 [192.168.0.3] port 22.
debug1: connect to address 192.168.0.3 port 22: Connection refused
ssh: connect to host 192.168.0.3 port 22: Connection refused
andrea@andrea-Voom-Laptop-Max:~$