Here is the client machine which is running Gnome and the Network Manager.
[ClientUser@ClientHostName ~]$ lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: Fedora
Description: Fedora release 33 (Thirty Three)
Release: 33
Codename: ThirtyThree
I edited the client /etc/ssh/ssh_config:
$ grep unnel /etc/ssh/ssh_config
Tunnel yes
# TunnelDevice any:any
And edited the server /etc/ssh/sshd_config:
# grep unnel /etc/ssh/sshd_config
# To disable tunneled clear text passwords, change to no here!
PermitTunnel yes
Showing that SSH to the server works fine. The server is running Debian.
[ClientUser@ClientHostName ~]$ ssh root@<server-domain-name>
Linux <server-domain-name> 4.19.0-13-cloud-amd64 #1 SMP Debian 4.19.160-2 (2020-11-28) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Feb 28 17:04:16 2021 from 90.78.7.14
2021-02-28T17:06:09Z root@<server-hostname>§~§
# exit
logout
Connection to <server-domain-name> closed.
Bringing up the SSH-agent VPN, and getting the dreaded 'No valid secrets' error:
[ClientUser@ClientHostName ~]$ eval ssh-agent $SHELL
[ClientUser@ClientHostName ~]$ ssh-add ~/.ssh/vpn_test
Identity added: /home/ClientUser/.ssh/vpn_test (ClientUser@ClientHostName)
[ClientUser@ClientHostName ~]$ nmcli con
NAME UUID TYPE DEVICE
Wired connection 1 f5afc77e-4a39-3391-8071-eb9db2c439fb ethernet enp0s20f0u3
TLatRTVPN c46cebc0-db10-4bb8-afbf-3a4f01807110 vpn --
[ClientUser@ClientHostName ~]$ nmcli con up id TLatRTVPN
Error: Connection activation failed: No valid secrets
Hint: use 'journalctl -xe NM_CONNECTION=c46cebc0-db10-4bb8-afbf-3a4f01807110 + NM_DEVICE=enp0s20f0u3' to get more details.
The VPN configuration file. This is pretty much just the defaults. The only thing I had to add was the server name. Whenever I put in the server name the Network Manager translated that to the 4 quad IP address, as we seen in the configuration. DNS did not lie, it is the correct address.
[ClientUser@ClientHostName ~]$ sudo cat /etc/NetworkManager/system-connections/VPN\ 1.nmconnection
[sudo] password for ClientUser:
[connection]
id=TLatRTVPN
uuid=c46cebc0-db10-4bb8-afbf-3a4f01807110
type=vpn
autoconnect=false
permissions=user:ClientUser:;
[vpn]
auth-type=ssh-agent
local-ip=172.16.40.2
netmask=255.255.255.252
remote=<server-ip-quad>
remote-ip=172.16.40.1
service-type=org.freedesktop.NetworkManager.ssh
[ipv4]
dns-search=
method=auto
[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto
[proxy]
[ClientUser@ClientHostName ~]$
As promised, the log file on the client has a bit more information. I do not show the logs on the server, because I can not find that there are any messages there. It is as if the like the client never tried to contact the server.
[ClientUser@ClientHostName ~]$ journalctl -f
-- Logs begin at Sun 2021-02-28 08:10:09 EST. --
...
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <info> [1614532272.3404] audit: op="connection-activate" uuid="c46cebc0-db10-4bb8-afbf-3a4f01807110" name="TLatRTVPN" pid=14564 uid=1000 result="success"
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <info> [1614532272.3527] vpn-connection[0x56225df78700,c46cebc0-db10-4bb8-afbf-3a4f01807110,"TLatRTVPN",0]: Started the VPN service, PID 14628
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <info> [1614532272.3738] vpn-connection[0x56225df78700,c46cebc0-db10-4bb8-afbf-3a4f01807110,"TLatRTVPN",0]: Saw the service appear; activating connection
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <error> [1614532272.4822] vpn-connection[0x56225df78700,c46cebc0-db10-4bb8-afbf-3a4f01807110,"TLatRTVPN",0]: final secrets request failed to provide sufficient secrets
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <info> [1614532272.4851] vpn-connection[0x56225df78700,c46cebc0-db10-4bb8-afbf-3a4f01807110,"TLatRTVPN",0]: VPN plugin: state changed: stopped (6)
Any tips on how to get this running would very much be appreciated, I have been mucking with it for the better of two days with no luck at getting past the 'No valid secrets' error. Folks on freenode #fedora could not think of anything more to be done either.
Here is the client machine which is running Gnome and the Network Manager.
I edited the client /etc/ssh/ssh_config:
And edited the server /etc/ssh/sshd_config:
Showing that SSH to the server works fine. The server is running Debian.
Bringing up the SSH-agent VPN, and getting the dreaded 'No valid secrets' error:
The VPN configuration file. This is pretty much just the defaults. The only thing I had to add was the server name. Whenever I put in the server name the Network Manager translated that to the 4 quad IP address, as we seen in the configuration. DNS did not lie, it is the correct address.
As promised, the log file on the client has a bit more information. I do not show the logs on the server, because I can not find that there are any messages there. It is as if the like the client never tried to contact the server.
Any tips on how to get this running would very much be appreciated, I have been mucking with it for the better of two days with no luck at getting past the 'No valid secrets' error. Folks on freenode #fedora could not think of anything more to be done either.