Many advanced users are confused by Whonix's socksification of default applications such as ssh, wget, curl, etc. (For stream isolation by uwt.
When they do ssh 10.152.152.11, uwt will result in actually executing torsocks /usr/bin/ssh.anondist-orig 10.152.152.11 . Therefore traffic will flow though torsocks and go a Tor SocksPort. This will fail for local connections. It will result in the following error message:
libtorsocks(12021): connect: Connection is to a local address (10.152.152.11), may be a TCP DNS request to a local DNS server so have to reject to be safe. Please report a bug to http://code.google.com/p/torsocks/issues/entry if this is preventing a program from working properly with torsocks
Maybe in ~/.bashrc (as terminal greeting) we should output the contents of the UWT_DEV_PASSTHROUGH variable.
Users can either use export UWT_DEV_PASSTHROUGH=1 or ssh.anondist-orig to circumvent uwt. This is documented.
Example support request: 1
$ ssh -NgD 4444 root@111.222.333.444
listen: Operation not permitted listen: Operation not permitted channel_setup_fwd_listener_tcpip: cannot listen to port: 4444 Could not request local forwarding.
TODO:
- run this from .bashrc
- upgrade existing .bashrc files?