Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Ian Zimmerman <itz@×××××××.net>
To: gentoo-user@l.g.o
Subject: [gentoo-user] Re: can not ssh over vpn
Date: Wed, 08 Feb 2017 01:00:32
Message-Id: 20170208004908.18446.0E17983E@matica.foolinux.mooo.com
In Reply to: [gentoo-user] can not ssh over vpn by thelma@sys-concept.com
1 On 2017-02-07 17:30, thelma@×××××××××××.com wrote:
2
3 > I've setup openVPN and it is working. But when I try to login to remote
4 > PC.
5 >
6 > ssh fd@192.168.140.7
7 > Password:
8 > Password:
9 > Password:
10 > fd@192.168.140.7's password:
11 > Permission denied, please try again.
12 > fd@192.168.140.7's password:
13 > Received disconnect from 192.168.140.7: 2: Too many authentication failures
14 > Disconnected from 192.168.140.7
15 >
16 > I've setup rsa keys and copy my public key to remote PC. When I connect
17 > the remote PC on my local network I can ssh to it without any password OK.
18 > But when I setup the connection over OpenVPN the remote PC is asking for
19 > password even though the remote PC sshd.conf has:
20 >
21 > PasswordAuthentication no
22 >
23 > I've tried to look at log on remote PC
24 > cat /var/log/auth.log |grep -i ssh
25 >
26 > but the are no errors.
27 > It keep saying:
28 > sshd: Accepted publickey for fd from 10.0.0.100 (this is my box)
29
30 Wait, this is odd. The server is 192.168.140.7 but the connecting
31 client is 10.0.0.100? Those are not on the same network. Do you have
32 some iptables magic in the middle that translates the addresses?
33
34 I do this all the time. I use the OpenVPN server as the remote IP.
35 In my case:
36
37 IP of the tun0 interface on my PC: 10.8.78.4
38 IP of the tun0 interface on the server: 10.8.78.1
39
40 On my PC I do: ssh 10.8.78.1
41
42 Note also that if you want to connect to another OpenVPN peer that is
43 _not_ the server, you need extra configuration (look for something like
44 client-to-client in the OpenVPN config).
45
46 I would also test the VPN with something simpler than ssh first, like
47 ping.
48
49 --
50 Please *no* private Cc: on mailing lists and newsgroups
51 Personal signed mail: please _encrypt_ and sign
52 Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html

Replies

Subject Author
Re: [gentoo-user] Re: can not ssh over vpn thelma@×××××××××××.com
Re: [gentoo-user] Re: can not ssh over vpn thelma@×××××××××××.com
Report Message
Find on MARC Find on Google Groups