this post was submitted on 16 Jun 2023
8 points (100.0% liked)

Selfhosted

39251 readers
405 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
8
I can't seem to SSH into my server over VPN and can't figure out why. (kbin.social)
submitted 1 year ago* (last edited 1 year ago) by Bdking158@kbin.social to c/selfhosted@lemmy.world
20 comments fedilink hide all child comments
 

Using JuiceSSH on my phone, I'm able to connect to my device without any problems when I'm on my home Wi-Fi. However, when off WiFi and connected to my VPN, the server doesn't connect. I'm still able to access the services it's running, but can't SSH into the server itself.

Edit: I thought I answered everyone's questions but I'm not seeing the answers so I'm posting the info here.

I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.

ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work

I'm using the built in VPN service in my router. It uses the OpenVPN protocol.

Edit 2: Using the same VPN config file, I'm able to access the server using Putty on my laptop. So I'm wondering if it is a Juice specific issue.

top 19 comments
sorted by: hot top controversial new old
[–] saint@group.lt 5 points 1 year ago (2 children)

any errors you could show us?

[–] Bdking158@kbin.social 2 points 1 year ago

I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.

ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work

[–] Bdking158@kbin.social 2 points 1 year ago

I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.

ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work

[–] dotslashme@infosec.pub 5 points 1 year ago

Off the top of my head, here are a few things to check.

  • is your ssh server configured to only use a specific network interface? If it is, is that network interface reachable from the internet?
  • is the correct port open in your firewall?
  • is it possible you are doing port redirect in your firewall? Meaning the wan port redirects to a different land port.
[–] chungus@thechurchofmemes.com 4 points 1 year ago

Can you share your firewall config? It could be that the firewall isn't allowing packets to be forwarded from the tun/tap interface on the router to the LAN interface or vice versa.

Can you ping the ssh server from the phone?

[–] eneff@discuss.tchncs.de 3 points 1 year ago* (last edited 1 year ago)

What address is sshd listening on?

It would need to be able to listen to incoming connections via the VPN's tunnel device. So either 0.0.0.0 (so all addresses) or explicitly on whatever the tunnel's assigned address is, I think.

This could also be a firewall issue, can you share your routing tables?

[–] aski3252@lemmy.world 2 points 1 year ago (2 children)

Are you trying to connect via IP or via hostname/DNS? Try IP if you haven't yet.

Perhaps you have only allowed connections from specific clients or from local IP's only?

Are there any error messages or do you get a timeout?

[–] Bdking158@kbin.social 1 points 1 year ago

I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.

ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work

[–] Bdking158@kbin.social 1 points 1 year ago (1 children)

Connecting via IP.

[–] saint@group.lt 1 points 1 year ago (1 children)

how does the ip start? 192.x or 10.x maybe?

[–] Notorious@lemm.ee 2 points 1 year ago (1 children)

It's been a while since I've used OpenVPN, but if I remember correctly when I had this issue I had to change "dev tun" to "dev tap". Ultimately the problem was that OpenVPN was assigning an ip on an unrouted subnet. I could access the internet, but not local devices.

Personally I switched to Wireguard. It's just so much easier to configure and add/manage devices. OpenVPN is way more powerful and configurable than I need.

[–] Bdking158@kbin.social 2 points 1 year ago

I'm not especially attached to OpenVPN, it's just always worked for me to this point and is built into the router firmware. So I haven't needed to change

[–] DiagnosedADHD@kbin.social 2 points 1 year ago (2 children)

Is your VPN running on the same host as ssh? If so it could be a firewall issue. What VPN are you using?

[–] Bdking158@kbin.social 1 points 1 year ago (1 children)

I'm using the OpenVPN protocol built into my router

[–] LachlanUnchained@lemmyunchained.net 1 points 1 year ago (1 children)

What’s your router ?

[–] Bdking158@kbin.social 1 points 1 year ago (1 children)

Asus RT-AC66U

[–] LachlanUnchained@lemmyunchained.net 1 points 1 year ago

Really strange. Probably done all this, but just run through it again make sure you haven’t got a typo somewhere or something.

1.	Check Connection Settings: Ensure the IP, port, and authentication details are correct in JuiceSSH.
2.	Firewall Rules: Confirm the SSH port (usually 22) isn’t blocked by any firewalls on your network or server.
3.	Try another SSH App: To see if it’s a JuiceSSH-specific issue, download another SSH client like Termius and test the connection.

(I’d probably start with 3, might narrow it down to a juice config problem, I’m not very familiar with juice)

[–] Bdking158@kbin.social 1 points 1 year ago

VPN is running on the router. OpenVPN

load more comments
view more: next ›