1 |
On 2017-02-07 17:30, thelma@×××××××××××.com wrote: |
2 |
|
3 |
> I've setup openVPN and it is working. But when I try to login to remote |
4 |
> PC. |
5 |
> |
6 |
> ssh fd@192.168.140.7 |
7 |
> Password: |
8 |
> Password: |
9 |
> Password: |
10 |
> fd@192.168.140.7's password: |
11 |
> Permission denied, please try again. |
12 |
> fd@192.168.140.7's password: |
13 |
> Received disconnect from 192.168.140.7: 2: Too many authentication failures |
14 |
> Disconnected from 192.168.140.7 |
15 |
> |
16 |
> I've setup rsa keys and copy my public key to remote PC. When I connect |
17 |
> the remote PC on my local network I can ssh to it without any password OK. |
18 |
> But when I setup the connection over OpenVPN the remote PC is asking for |
19 |
> password even though the remote PC sshd.conf has: |
20 |
> |
21 |
> PasswordAuthentication no |
22 |
> |
23 |
> I've tried to look at log on remote PC |
24 |
> cat /var/log/auth.log |grep -i ssh |
25 |
> |
26 |
> but the are no errors. |
27 |
> It keep saying: |
28 |
> sshd: Accepted publickey for fd from 10.0.0.100 (this is my box) |
29 |
|
30 |
Wait, this is odd. The server is 192.168.140.7 but the connecting |
31 |
client is 10.0.0.100? Those are not on the same network. Do you have |
32 |
some iptables magic in the middle that translates the addresses? |
33 |
|
34 |
I do this all the time. I use the OpenVPN server as the remote IP. |
35 |
In my case: |
36 |
|
37 |
IP of the tun0 interface on my PC: 10.8.78.4 |
38 |
IP of the tun0 interface on the server: 10.8.78.1 |
39 |
|
40 |
On my PC I do: ssh 10.8.78.1 |
41 |
|
42 |
Note also that if you want to connect to another OpenVPN peer that is |
43 |
_not_ the server, you need extra configuration (look for something like |
44 |
client-to-client in the OpenVPN config). |
45 |
|
46 |
I would also test the VPN with something simpler than ssh first, like |
47 |
ping. |
48 |
|
49 |
-- |
50 |
Please *no* private Cc: on mailing lists and newsgroups |
51 |
Personal signed mail: please _encrypt_ and sign |
52 |
Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html |