I wonder what happened to HaaS - even though HaaS is running (as checked each time when I connect to TO router via SSH - HaaS proxy PID found, task is running) - last entry in HaaS sessions on haas.nic.cz site for my device is more than month old, e.g.:
Time IP Address Commands Username Password Success Actions
2025-04-09 23:50:39 45.135.193.100 0 admin admin no
2025-04-09 23:50:37 45.135.193.100 0 admin admin no
2025-04-09 23:50:35 45.135.193.100 0 admin admin no
2025-04-09 23:16:18 84.217.17.218 1 root root yes
I didnât find any message regarding HaaS (except those of HaaS check while connecting via SSH) in syslog. Is there any problem?
TO 2016, HBS branch, 2 GB, SSD 256 GB (logs etc.), 2x WiFi, HaaS, RIPE Atlas, Sentinel, lxc (test), simple config, all seems OK.
/etc/init.d/haas-proxy status is not enough.
I already had situation, when this command returned ârunningâ, but process was not running.
Check ps -ef | grep haas, you should see something like this:
I used /etc/init.d/haas-proxy status only to display more information⌠in reality Iâm checking whether there exist HaaS PID by testing if there exist file /var/run/haas-proxy.pid (and if it doesnât exist, Iâm restarting haas-proxy), and, moreover, Iâm checking whether there exist HaaS process (and if it doesnât exist, Iâm restarting haas-proxy)âŚ
Got an idea that Sentinel (and/or HaaaS) could be somehow damaged. Thus I removed Sentinel from installed packages, run update, rebooted, added back Sentinel to packages, run update, rebootedâŚ
Waited 2 hours to see if anything was catched in HaaS and Sentinel sessions. Unfortunately, there was no change - no new data.
Note - both Sentinel and HaaS ID (token) are the same before and after this excersize (probably they are produced from TO serial number).
I have no HaaS data since 2025-05-15. Iâve updated to 7.2.0 today (I was waiting to see if there were some critical issues).
I see this in logs; I donât know since when it this like this.
root@turris:~# cat /var/log/messages
Jun 20 15:40:02 turris haas-proxy-start[10959]: 2025-06-20T17:40:02 CRITICAL twisted 'channel open failed, direct-tcpip is not allowed'
This message is normal.
Do you have the same âtokenâ in /etc/config/haas and in Honeypot as a Service - Login to HaaS?
Is âhaasâ process running?
ps -ef | grep âhaasâ
Or you can check to connect to WAN address of your router at https://sshcheck.com/.
SSH Honeypot is reported like âSSH-2.0-Twistedâ (normal SSH is âSSH-2.0-OpenSSH")
But it seems that HaaS really stopped working even on my Turris OS 7.1.4:.
Connection to WAN port 22 is refused everytime.
Connection to my router from LAN on port 2525 sometimes refused:
login as: root
root@192.168.2.1's password:
ssh: connect to host haas-app.nic.cz port 10003: Connection refused
but sometime accepted:
login as: root
root@192.168.2.1's password:
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
root@svr04:~# Connection to haas-app.nic.cz closed by remote host.
When âiptablesâ was used for firewall I was able to see forwarding port 22 from WAN to port 2525 on LAN.
But I cannot see anything like this in ânftablesâ - in nft list ruleset or in http://<LAN_address>/cgi-bin/luci/admin/status/nftables..
Thanks for reporting. Iâve tested haas on clean omnia with hbs branch, and confirming the issue. Itâs on serverâs side and we are investigating it.
I did not changed anything and HaaS is working again since today afternoon.
rule for port 2525 is visble in nftables
root@turris:~# nft list ruleset | grep 2525
meta nfproto { ipv4, ipv6 } tcp dport 22 meta mark set 0x00000072 redirect to :2525 comment â!sentinel: HaaS proxy port redirectâ
)