Home > Software design >  Linux: who is listening on tcp port 22?
Linux: who is listening on tcp port 22?

Time:02-10

I have a AST2600 evb board. After power on (w/ RJ45 connected), it boots into a OpenBMC kernel. From serial port, using ip command I can obtain its IP address. From my laptop, I can ssh into the board using account root/0penBmc:

bruin@gen81:/$ ssh [email protected]
[email protected]'s password:

Then I want to find out which tcp ports are open. As there is no ss/lsof/netstat utilities, I cat /proc/net/tcp:

root@AMIfa7ba648f62e:/proc/net# cat /proc/net/tcp
  sl  local_address rem_address   st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout inode        
   0: 00000000:14EB 00000000:0000 0A 00000000:00000000 00:00000000 00000000   997        0 9565 1 0c202562 100 0 0 10 0
   1: 3500007F:0035 00000000:0000 0A 00000000:00000000 00:00000000 00000000   997        0 9571 1 963c8114 100 0 0 10 0

The strange thing puzzled me is that that tcp port 22 is not listed in /proc/net/tcp, which suggests that no process is listening on tcp port 22. If this is true, how the ssh connection is established?

Btw, as tested using ps, it's the dropbear process who is handling the ssh connection, and the dropbear is spawned dynamically (i.e., if no ssh connection, no such process exist; if I made two ssh connection, two dropbear processes were spawned).

PS: as suggested by John in his reply, I added the ss utilities into the image, and it shows what I expected:

root@AMI8287361b9c6f:~# ss -antp
State            Recv-Q            Send-Q                                  Local Address:Port                                  Peer Address:Port
LISTEN           0                 0                                             0.0.0.0:5355                                       0.0.0.0:*                 users:(("systemd-resolve",pid=239,fd=12))
LISTEN           0                 0                                           127.0.0.1:5900                                       0.0.0.0:*                 users:(("obmc-ikvm",pid=314,fd=5))
LISTEN           0                 0                                          127.0.0.53:53                                         0.0.0.0:*                 users:(("systemd-resolve",pid=239,fd=17))
LISTEN           0                 0                                                   *:443                                              *:*                 users:(("bmcweb",pid=325,fd=3),("systemd",pid=1,fd=41))
LISTEN           0                 0                                                   *:5355                                             *:*                 users:(("systemd-resolve",pid=239,fd=14))
LISTEN           0                 0                                                   *:5900                                             *:*                 users:(("obmc-ikvm",pid=314,fd=6))
LISTEN           0                 0                                                   *:22                                               *:*                 users:(("systemd",pid=1,fd=49))
LISTEN           0                 0                                                   *:2200                                             *:*                 users:(("systemd",pid=1,fd=50))
ESTAB            0                 0                               [::ffff:192.168.6.89]:22                           [::ffff:192.168.6.98]:34906             users:(("dropbear",pid=485,fd=2),("dropbear",pid=485,fd=1),("dropbear",pid=485,fd=0),("systemd",pid=1,fd=20))

CodePudding user response:

Good question.

First, it is pretty straigt forward to add common tools/utitlies to an image. It could be added (for local testing only) by adding a line

OBMC_IMAGE_EXTRA_INSTALL:append = " iproute2 iproute2-ss" 

to the https://github.com/openbmc/openbmc/blob/master/meta-aspeed/conf/machine/evb-ast2600.conf file (or to your own testing/deveopment layer). Adding useful tools is often worth it.

Second, if you are using ipv6 you will need to check /proc/net/tcp6

Third, you can also look for a port by looking up the pid of your application ps | grep <application name>. Then reading the port used by that pid cat /proc/<pid>/net/tcp

Last, if you have any more question or these steps don't work. Please reach out to us on discord https://discord.com/invite/69Km47zH98 or Email https://lists.ozlabs.org/listinfo/openbmc (they are the preferred place to ask questions)

  • Related