Tuesday, January 20, 2026

Re: Granting access to OpenBSD

So it seems its your client that is giving you issues. Probably Key Exchange algorithms is the culprit?
Or some other misconfig.






On Tuesday, January 20, 2026 at 08:23:45 PM GMT+9, Washington Odhiambo <odhiambo@gmail.com> wrote:







On Tue, Jan 20, 2026 at 1:48 PM Crystal Kolipe <kolipe.c@exoticsilicon.com> wrote:
> On Tue, Jan 20, 2026 at 10:43:34AM +0300, Washington Odhiambo wrote:
>> On Mon, Jan 19, 2026 at 8:08???PM Crystal Kolipe <kolipe.c@exoticsilicon.com>
>> wrote:
>> > The problem is probably not with PF, but something else.
>> >
>>
>> I haven't manipulated anything at all. It's a fresh OpenBSD install.
>
> Have you checked the configuration on the host?
>
> From the information you have supplied so far, the configuration of the
> OpenBSD client seems to be correct.
>
>> Your suggested commands show that it is running and listening on all
>> interfaces for IPv4 and IPv6.
>
> OK, so it seems that:
>
> * PF is currently disabled, so this is not the source of the problem.
> * SSHd is running and listening on all interfaces.
> * Your ifconfig output looks correct.
> * Your routing table looks correct.
> * The OpenBSD vm is using 192.168.69.22
> * The host is using 192.168.69.1
> * You are able to ping the host from within the OpenBSD vm
> * You are able to ping other hosts on the internet from within the OpenBSD vm
> * Therefore ICMP traffic is correctly being routed out of and back to the
>   OpenBSD vm.
> * You are assigning the IP address to the OpenBSD via DHCP, (rather than
>   setting a fixed address.)
>
> If this is all correct, I would now check:
>
> * Is TCP traffic being routed out of and back to the OpenBSD vm:
>
> openbsd# ftp -o -https://www.openbsd.org/
>
> * Can you connect to an arbitrary high port that is listening on the OpenBSD vm
>   from the host:
>
> openbsd# nc -l 192.168.69.22 2000
> host$ telnet 192.168.69.22 2000
>
> As PF is currently disabled, you should be able to connect to port 2000
> without any additional configuration.
>

Linux pve2 6.17.4-2-pve #1 SMP PREEMPT_DYNAMIC PMX 6.17.4-2 (2025-12-19T07:49Z) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
root@pve2:~# nc -l 192.168.69.22 2000
^C
root@pve2:~# ssh wash@192.168.69.22
The authenticity of host '192.168.69.22 (192.168.69.22)' can't be established.
ED25519 key fingerprint is SHA256:rCoWP6WVjHxsVo2UEYEjq4UWyVS4a2xp3LJcD9EvNw0.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])?

I can SSH to openBSD from all the other VMs.
What seems to be the problem is that I cannot SSH to it from Putty/Bitvise clients from Windows 11, but I can SSH from the Windows 11 command line :-(
Weird.


--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
 In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]

No comments:

Post a Comment