# This mail may have signature.asc as a PGP e-signature. # このメールのsignature.ascはPGPによる電子署名です。

こんにちは。mocke techです。

sshvpnでトンネルを張りたいのですが、うまく行かずに苦労しています。

概ね http://www.usupi.org/sysad/248.html

に従って作業したのですが、クライアント、サーバともtun0が作れない言うので、

http://blog.livedoor.jp/les_paul_sp/tag/Ubuntu

を参考にクライアント、サーバとも以下の作業をして、

sudo apt install uml-utilities tunctl -u xxxxxxxx -t tun0 ※xxxxxxxxはroot以外の実ユーザネーム

tun0をそれぞれに作成できました。しかし、まだpty0をサーバ側authorized_keysで作成禁止にしているはずにもかかわらず

----- ここから ----- no-X11-forwarding,no-agent-forwarding,no-pty,command="ifconfig tun0 10.0.0.1 pointopoint 10.0.02" ssh-rsa AAAA.... ----- ここまで -----

クライアントからサーバへの接続では

----- ここから(長くて失礼) ----- # ~/.ssh# ssh -v 192.168.2.133 OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n 7 Dec 2017 debug1: Reading configuration data /root/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to 192.168.2.133 [192.168.2.133] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_rsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Debian-10+deb9u3 debug1: match: OpenSSH_7.4p1 Debian-10+deb9u3 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 192.168.2.133:22 as 'root' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:C37ANAqIsi8K5U1CKXdJCiOoQ+v9d996am5ueNDbqzw debug1: Host '192.168.2.133' is known and matches the ECDSA host key. debug1: Found key in /root/.ssh/known_hosts:1 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 134217728 blocks debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/id_rsa debug1: Authentication succeeded (publickey). Authenticated to 192.168.2.133 ([192.168.2.133]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: pledge: network debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug1: Remote: X11 forwarding disabled. debug1: Remote: Agent forwarding disabled. debug1: Remote: PTY allocation disabled. debug1: Remote: Forced command. debug1: Sending environment. debug1: Sending env LC_MEASUREMENT = ja_JP.UTF-8 debug1: Sending env LC_PAPER = ja_JP.UTF-8 debug1: Sending env LC_MONETARY = ja_JP.UTF-8 debug1: Sending env LANG = ja_JP.UTF-8 debug1: Sending env LC_NAME = ja_JP.UTF-8 debug1: Sending env LC_ADDRESS = ja_JP.UTF-8 debug1: Sending env LC_NUMERIC = ja_JP.UTF-8 debug1: Sending env LC_TELEPHONE = ja_JP.UTF-8 debug1: Sending env LC_IDENTIFICATION = ja_JP.UTF-8 debug1: Sending env LC_TIME = ja_JP.UTF-8 PTY allocation request failed on channel 0 debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0 debug1: channel 0: free: client-session, nchannels 1 Connection to 192.168.2.133 closed. Transferred: sent 3164, received 2420 bytes, in 0.1 seconds Bytes per second: sent 35754.7, received 27347.1 debug1: Exit status 0 ----- ここまで ----- となり、ptyをアロケート失敗したといって終了してしまいます。

このあたりで、何か情報をお持ちの方がいらっしゃいましたらご教授ください。

-- Mocke Technology.