Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EACCES (Permission denied) with IPv6 #1273

Open
ocroquette opened this issue Jun 13, 2023 · 5 comments
Open

EACCES (Permission denied) with IPv6 #1273

ocroquette opened this issue Jun 13, 2023 · 5 comments
Labels
question

Comments

@ocroquette
Copy link

ocroquette commented Jun 13, 2023
edited

I have a new host that is available both with IPv4 and IPv6. If I use the host name in the configuration, I get the error "EACCES (Permission denied)" when trying to connect. After a bit of struggling I found out that everything works fine if I replace the host name by the IPv4 address. The host has a dynamic IP, so using the IPv4 address is not great as workaround, but unfortunately it looks like forcing IP v4 is not possible (#693)

What could be the reason IP v6 does not work from ConnectBot?

Thanks!
@ocroquette ocroquette changed the title EACCES (Permission denied) with IP v6 EACCES (Permission denied) with IPv6 Jun 13, 2023
@gittastic
Copy link

For what it's worth, I use ConnectBot 1.9.9 to SSH via IPv6 regularly.

@einhirn
Copy link

einhirn commented Sep 10, 2023
edited

I just got bitten by this just now:
Pixel 6, Android 13, Build-Number: TQ3A.230805.001
Connectbot Version 1.9.9

@kruton
Copy link
Member

kruton commented Sep 10, 2023

Hm, that's interesting. I'll try to reproduce it.

@WildPenquin
Copy link

WildPenquin commented Oct 19, 2023
edited

Just my 2 cents, but it is possible this is a misconfiguration on the host end. This is more likely if you are using some kind of dynamic DNS, and using port forwarding. It is easy to make a misconfiguration (or misexpectations) in that case, especially as a layman.

IPv6 and IPv4 are different address spaces. Most home users want to have a NAT, and the host is usually behind the NAT. So the router forwards from WWW.XXX.YYY.ZZZ to the internal IP. But, IPv6 connections to the the router will not be forwarded, depending on how the router has been configured, but all LAN hosts (typically!) have their individual IPv6 addresses.

So one needs to update the DNS host record from the target machine (not the router!), or alternatively have separate subhostnames for all hosts for IPv6 (IPv4 DNS updated from any computer on the same NAT, a master IPv6 on the router and subhostnames (host1.domain, host2.domain) for all different IPv6 addresses. I suspect IPv6 forwarding is also possible, but requires more configuration on the router - i.e. it can not forward a public prefix IPv6 addresses to the subhosts on the LAN.

NOTE: This is not a DNS issue although I make it sound like it is. It's just that the issue might be more apparent to a user with a dynDNS, but that is not the cuplrit.

But there are different configurations. This is just "my guess", but this may be a case of "need more info".

In my experience, Connectbot works just fine with IPv4 and IPv6 (but sometimes, say on someone else's network, IPv6 DNS might be present despite routing not working - but in this case the error message is different. Forcing IPv4 would still be a nice feature!

@ocroquette
Copy link
Author

@WildPenquin I indeed use a host behind a NAT and reached by port forwarding. Thanks for the hint, I will give a new spin to the problem as soon as possible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@kruton @einhirn @ocroquette @gittastic @WildPenquin