ssh tunnel does not work

I have a customized Debian (built with debootstrap) Linux debian 4.9.0-4-686 #1 SMP Debian 4.9.51-1 (2017-09-28) i686 GNU/Linux with read-only file system Here is the tunnel config (it works perfectly on a classical installation) Host * # ForwardAgent no # ForwardX11 no # ForwardX11Trusted yes # RhostsRSAAuthentication no # RSAAuthentication yes PasswordAuthentication yes # HostbasedAuthentication no # GSSAPIAuthentication no # GSSAPIDelegateCredentials no # GSSAPIKeyExchange no # GSSAPITrustDNS no # BatchMode no CheckHostIP yes # AddressFamily any # ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa # IdentityFile ~/.ssh/id_ecdsa # IdentityFile ~/.ssh/id_ed25519 # Port 22 Protocol 2 # Cipher 3des Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc # MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 # EscapeChar ~ Tunnel yes # TunnelDevice any:any # PermitLocalCommand no # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h SendEnv LANG LC_* HashKnownHosts yes I mount the tunnel: ssh -ND 1080 -vvv -p 443 user@server the output looks fine: OpenSSH_7.4p1 Debian-10+deb9u1, OpenSSL 1.0.2l 25 May 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: resolving "xxxx" port 443 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to xxxxx [xxxx] port 443. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: SELinux support disabled debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_rsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u1 debug1: Remote protocol version 2.0, remote software version dropbear_2012.55 debug1: no match: dropbear_2012.55 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to xxxxxxx:443 as 'xxxxxxx' debug3: put_host_port: [xxxxxxxx]:443 debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@openssh.com,zlib debug2: compression stoc: none,zlib@openssh.com,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1 debug2: host key algorithms: ssh-rsa,ssh-dss debug2: ciphers ctos: aes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc debug2: ciphers stoc: aes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc debug2: MACs ctos: hmac-sha1-96,hmac-sha1,hmac-md5 debug2: MACs stoc: hmac-sha1-96,hmac-sha1,hmac-md5 debug2: compression ctos: zlib,zlib@openssh.com,none debug2: compression stoc: zlib,zlib@openssh.com,none debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: diffie-hellman-group14-sha1 debug1: kex: host key algorithm: ssh-rsa debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none debug1: sending SSH2_MSG_KEXDH_INIT debug2: bits set: 1024/2048 debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEXDH_REPLY debug3: receive packet: type 31 debug1: Server host key: ssh-rsa SHA256:k5AHnNs87cyG5my8AcjKp6KY1tWUeGIH2b3ZWALCsnU debug3: put_host_port: [xxx.xxx.xx.xx]:443 debug3: put_host_port: [xxxxxxxxxxx]:443 debug1: checking without port identifier The authenticity of host '[xxxxxx]:443 ([xxx.xxx.xx.xx]:443)' can't be established. RSA key fingerprint is SHA256:k5AHnNs87cyG5my8AcjKp6KY1tWUeGIH2b3ZWALCsnU. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[xxxxxx]:443,[xxxxxx]:443' (RSA) to the list of known hosts. debug2: bits set: 999/2048 debug3: send packet: type 21 debug2: set_newkeys: mode 1 debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey after 4294967296 blocks debug2: key: /root/.ssh/id_rsa ((nil)) debug2: key: /root/.ssh/id_dsa ((nil)) debug2: key: /root/.ssh/id_ecdsa ((nil)) debug2: key: /root/.ssh/id_ed25519 ((nil)) debug3: send packet: type 5 debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 53 debug3: input_userauth_banner +++++++++xxxxxxxxx+++++++++ * No Reupload and Repost Your Account * No DDOS * No Hacking * No Torrent * No Fraud * No Spam etc. You are allowed a maximum of 3 Bitvise for using SSH account!! Don't forget to support us!! xxxxxxxx +++++++++XXXXXXXXXX+++++++++ debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/id_rsa debug3: no such identity: /root/.ssh/id_rsa: No such file or directory debug1: Trying private key: /root/.ssh/id_dsa debug3: no such identity: /root/.ssh/id_dsa: No such file or directory debug1: Trying private key: /root/.ssh/id_ecdsa debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory debug1: Trying private key: /root/.ssh/id_ed25519 debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password xxxxxxxxx password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 52 debug1: Authentication succeeded (password). Authenticated to xxxxx ([xxxxx]:443). debug1: Local connections to LOCALHOST:1080 forwarded to remote address socks:0 debug3: channel_setup_fwd_listener_tcpip: type 2 wildcard 0 addr NULL debug1: Local forwarding listening on 127.0.0.1 port 1080. debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 0: new [port listener] debug3: sock_set_v6only: set socket 5 IPV6_V6ONLY debug1: Local forwarding listening on ::1 port 1080. bind: Cannot assign requested address debug1: Requesting tun unit 2147483647 in mode 1 debug1: sys_tun_open: tunnel mode 1 fd 5 debug2: fd 5 setting O_NONBLOCK debug3: fd 5 is O_NONBLOCK debug1: channel 1: new [tun] debug3: send packet: type 90 debug2: fd 3 setting TCP_NODELAY debug3: ssh_packet_set_tos: set IP_TOS 0x10 debug1: Entering interactive session. debug1: pledge: network debug3: receive packet: type 92 channel 1: open failed: unknown channel type: debug2: channel 1: zombie debug2: channel 1: garbage collecting debug1: channel 1: free: tun, nchannels 2 debug3: channel 1: status: The following connections are open: # lsof -i :1080 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ssh 3937 root 4u IPv4 60066 0t0 TCP localhost:socks (LISTEN) #netstat -ltpe tcp 0 0 127.0.0.1:1080 0.0.0.0:* LISTEN 3937/ssh tcp 0 0 192.168.1.29:40112 xxx.xxx.xx.xx:443 ESTABLISHED 3937/ssh then I configured firefox-esr (the new name for iceweasel in Debian) to use the newly created proxy: Manual proxy configuration http proxy,ssl proxy,ftp proxy = cleared 'use this proxy for all protocols' = cleared. socks host 127.0.0.1 port 1080 No proxy for localhost, 127.0.0.1 Then when doing http request nothing happens (the browser just hangs). I try tor (configured with Socks5Proxy 127.0.0.1:1080), it does the same thing the ssh tunnel does not say anything (no output in verbose mode) tcpdump -i wlp2s0 port 1080 -> no traffic at all then I try: nc 127.0.0.1 1080 -> nothing happens last test, but I am not sure it is relevant: I kill the tunnel and do: nc -l -p 1080 netstat says: Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 0.0.0.0:socks 0.0.0.0:* LISTEN root 65776 3985/nc nc 127.0.0.1 1080 -> nothing happens iptables is empty: # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination conclusion: it looks like the issue is not due to ssh or the Browser, but maybe the socket (?). I am stuck from there. Thanks for your help folks! I do need this to be working!