Tuesday, January 20, 2026

Re: Granting access to OpenBSD

Can you show what is the error when you ssh?

try ssh -vvv whatever
Did you run tcpdump and saw traffic on port 22?
On Tuesday, January 20, 2026 at 06:21:32 PM GMT+9, Washington Odhiambo <odhiambo@gmail.com> wrote:




On Tue, Jan 20, 2026 at 12:09 PM All <olp_76@yahoo.ca> wrote:
Show us your *NEW* pf.conf.
As many other noted your original was blocking everything 
(you put block at the END of your pf.conf).

I added pf=NO to /etc/rc.conf.local so I believe the pf.conf is irrelevant, no?
And I actually don't need PF. The VM is only accessible from outside my LAN. 

I re-read your original mail, but can't see what IP address is assigned to interface.
ifconfig <interface_name> should help.

openbsd# ifconfig
lo0: flags=2008049<UP,LOOPBACK,RUNNING,MULTICAST,LRO> mtu 32768
        index 3 priority 0 llprio 3
        groups: lo
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
vio0: flags=2808843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,AUTOCONF4,LRO> mtu 1500
        lladdr bc:24:11:bc:a1:99
        index 1 priority 0 llprio 3
        groups: egress
        media: Ethernet autoselect
        status: active
        inet 192.168.69.22 netmask 0xffffff00 broadcast 192.168.69.255
enc0: flags=0<>
        index 2 priority 0 llprio 3
        groups: enc
        status: active

openbsd# netstat -rn | head -n 5
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
default            192.168.69.1       UGS        5      198     -     8 vio0

openbsd# /etc/rc.d/sshd check
sshd(ok)

openbsd# egrep -v '^$|^.*#' /etc/ssh/sshd_config
PermitRootLogin yes
AuthorizedKeysFile      .ssh/authorized_keys
Subsystem       sftp    /usr/libexec/sftp-server
openbsd#
 
Can you ping that IP? From outside of VM?
 
Yes, I can ping it from across the LAN. 




--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
 In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)

No comments:

Post a Comment