From 3878dfaada16220c4f7f9c3567eeffe395244a71 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Wed, 12 Apr 2023 14:40:44 +0200 Subject: [PATCH] Added hint for wireguard ssh bugs --- roles/application-wireguard/README.md | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/roles/application-wireguard/README.md b/roles/application-wireguard/README.md index 7e1cb3cf..5c3be34a 100644 --- a/roles/application-wireguard/README.md +++ b/roles/application-wireguard/README.md @@ -1,7 +1,7 @@ # Role Native Wireguard Manages wireguard on a client. -### Create Client Keys +## Create Client Keys ```bash wg_private_key="$(wg genkey)" wg_public_key="$(echo "$wg_private_key" | wg pubkey)" @@ -10,7 +10,20 @@ Manages wireguard on a client. echo "PresharedKey: $(wg genpsk)" ``` -## See +## Debug + +### SSH + +When the SSH connection over wireguard is buggy try: + +```bash +ip li set mtu 1400 dev eth0 +ip li set mtu 1400 dev wlo1 +``` + +This can be connected to the [MTU](https://www.imperva.com/learn/application-security/what-is-mtu-mss/) + +## Other - https://golb.hplar.ch/2019/01/expose-server-vpn.html - https://wiki.archlinux.org/index.php/WireGuard - https://wireguard.how/server/raspbian/ @@ -19,4 +32,6 @@ Manages wireguard on a client. - https://stackoverflow.com/questions/69140072/unable-to-ssh-into-wireguard-ip-until-i-ping-another-server-from-inside-the-serv - https://unix.stackexchange.com/questions/717172/why-is-ufw-blocking-acces-to-ssh-via-wireguard - https://forum.openwrt.org/t/cannot-ssh-to-clients-on-lan-when-accessing-router-via-wireguard-client/132709/3 -- https://serverfault.com/questions/1086297/wireguard-connection-dies-on-ubuntu-peer \ No newline at end of file +- https://serverfault.com/questions/1086297/wireguard-connection-dies-on-ubuntu-peer +- https://unix.stackexchange.com/questions/624987/ssh-fails-to-start-when-listenaddress-is-set-to-wireguard-vpn-ip +- https://serverfault.com/questions/210408/cannot-ssh-debug1-expecting-ssh2-msg-kex-dh-gex-reply \ No newline at end of file