SSH over Wireguard

[cardinalfan1]

I am unable to access the netmaker node SSH over the network. I am able to ping the netmaker node by IP and by hostname. The PORT_FORWARD_SERVICES setting is set to mq,dns,ssh. I can ssh in thru the public IP. Any tips to get this working?

[schmorrison]

I had to do two things to get SSH to work.

1. Create a Egress Gateway on the node you would like to SSH into, define the local address of the node (this is reported in the node configuration). In my case this address was 172.16.1.78/32

2. Modify the /etc/ssh/sshd_config on the node you would like to SSH into to listen on a non-privileged port, in my case I elected to run ssh server on both 22 and 2022.

/etc/ssh/sshd_config

....
Port 22
Port 2022
....

Now you should be able to SSH into your node using the local address defined in the Egress Gateway parameters, and the non-privileged port SSH server is listening on.

I only happened to notice this because I was able to access VNC (port 5900) without any problems, but I can access VNC over the tunnel IP of the node (ie. 10.50.60.3).

Not sure why this is the case, hopefully it will be addressed by the devs.

[afeiszli]

fixed in v0.11.0

[cardinalfan1]

I tried doing this on v0.11.0.

ping 10.200.200.254 is able to ping the netmaker server.

SSH gets the following:

ssh <user>@10.200.200.254
ssh: connect to host 10.200.200.254 port 22: No route to host