Hi there,
I have the following setup:
- RevPi 3 Connect -> A: Connected to local S7-CPU; B: Connected via Teltonika RUT 955 to cellular network (T-Mobile).
- Teltonika RUT 955 -> T-Mobile (LTE)
The RevPi is located "somewhere" in the field, where it is only possible to have internet access over cellular network. In order to still have SSH access to the RevPi, I set up a VPN Network, where the RevPi is connected as a VPN-Client to one of my servers. I am then connecting to the RevPi over ssh through the VPN Server.
The problem is:
When the RevPi is started/restarted, I can connect through SSH without any problem. However, once I disconnect the SSH and try to reconnect, I get "Permission denied (publickey)". It then takes several hours to sometimes days until I can reconnect again. However, during the time when I can not connect, the VPN connection is still up. Even when I restart the VPN-Server, the RevPi reconnects again, and is pingable (but no SSH connection possible -> permission denied). Erasing the hosts in the .known_hosts file on the Server does not help...
I don't really know if this is a RevPi related issue, or a general operating system thing. However, I have another regular Raspberry Pi, that has the same VPN Configuration, which I can perfectly connect to over SSH over and over again.
Right now, I do not have access to the RevPi. I am looking for ideas on where I can search on the RevPi once I get a connection again... The connection is not ultra-stable, so I usually don't get hours to debug the device...
Do you have any idea on what could cause this problem? Where can I look for why it gives me a "Permission denied"?
I am connecting over the pi user with the default password. When the device was still on my LAN, I had no issues connecting over SSH.
Any help is much appreciated!!
SSH Permission denied over OpenVPN
Re: SSH Permission denied over OpenVPN
Dear flaeshi,
those network related issues seam to be tricky to handle on the first hand. But if you have a working RaspberryPi and a not working RevPi then I think there has to be some differences that have an influence in your setup.
I.e. the RevPi Connect has two network interfaces and the RaspberryPi has one. Maybe here is the root cause of the error, i.e. routing and network interfaces.
Try to get more information on the client side and the server side.
Client side:
What is happening on the SSH server side?
Maybe you can try to setup a second ssh server on another port for debugging and configuration exeriments here.
Increase the verbosity of the logging mechanisms provided by sshd.
Have a look into the manual here - be careful not to completely lock-out yourself
This page seams to be helpful with SSH Server debugging: https://en.wikibooks.org/wiki/OpenSSH/L ... leshooting
those network related issues seam to be tricky to handle on the first hand. But if you have a working RaspberryPi and a not working RevPi then I think there has to be some differences that have an influence in your setup.
I.e. the RevPi Connect has two network interfaces and the RaspberryPi has one. Maybe here is the root cause of the error, i.e. routing and network interfaces.
Try to get more information on the client side and the server side.
Client side:
Code: Select all
logsave result.txt ssh -v user@ip
Maybe you can try to setup a second ssh server on another port for debugging and configuration exeriments here.
Increase the verbosity of the logging mechanisms provided by sshd.
Have a look into the manual here - be careful not to completely lock-out yourself
This page seams to be helpful with SSH Server debugging: https://en.wikibooks.org/wiki/OpenSSH/L ... leshooting
If the server is remote and it is important to reduce the risk of getting locked out, the experiments on the configuration file can be done with a second instance of sshd(8) using a separate configuration file and listening to a high port until the settings have been tested.
$ /usr/sbin/sshd -dd -p 22222 -f /home/fred/sshd_config.test