Dropbox 21 – Errata

I’ll post changes I’ve made to the original pages here based on lessons learned from real-world deployments and your generous feedback.

20161021: Previously I’d taken a standard Kali image and migrated to LXDE. With the new 2016.2 LXDE ISO that’s no longer necessary, but it is now necessary to install network manager for some of the scripts to work (needs nmcli). Therefore added apt-get install network-manager to the Dropbox Server (Install Kali) section.

Also, fixed a bad path on Dropbox Server (Boot Parameters) under “Configure the Network”.

vi/vim/nano /root/scripts/netset.sh

#!/bin/bash
CONF=$(gpg --decrypt --passphrase=<PASSPHRASE> -q /media/root/USB/configs/network.conf.gpg)

Previously documented as /media/root/LOGS/config/network.conf.gpg, which followed a previous naming convention.

20160924: If after launching your tunnels you try SSHing into your Dropbox Server and just get a blank screen then it’s likely there was some sort of ungraceful exit by the Dropbox Server and the Dropbox Relay is keeping the old remote port forwards open. I’ve pulled the power dozens of times on my Dropbox Servers and not had this happen, but of course once deployed at a client site it does. The good thing is that the problem exists on the Dropbox Relay side not at the Dropbox Server. Once power/connectivity is restored to the Dropbox Server it will continue to try and establish the tunnels, so from the Dropbox Client all you have to do is establish a shell on the Dropbox Relay, su to root, and then kill the processes associated with the zombie tunnels. In my case that was the PIDs associated with the processes for ports 11095, 11096, 11097, and 11098.

20160923: I’ve changed a number of the pages to reflect a new naming scheme for the Dropbox Client. Previously I’d been using locally forwarded ports 2222 for SSH, 55901 for VNC, 31280 for Squid, and 9999 for SOCKS because they were easy to remember and I was only dealing with a single Dropbox Server at a time. I just deployed two devices at a time, though, and that became a mess. So now the Dropbox Client local port forwards match the Dropbox Server remote port forwards.

It now looks something like the following:

Dropbox Server 01 Dropbox Relay Dropbox Client 01
SSH 22 11095 11095
VNC 5901 11096 11096
HTTP Proxy (Squid) 3128 11097 11097
SOCKS Proxy 9999 11098 11098

 

Dropbox Server 02 Dropbox Relay Dropbox Client 02
SSH 22 12095 12095
VNC 5901 12096 12096
HTTP Proxy (Squid) 3128 12097 12097
SOCKS Proxy 9999 12098 12098

Leave a Reply

Your email address will not be published. Required fields are marked *