Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - shadowspire

Pages1
#1
25.7 Series / Re: sFTP Backups Public Key Failing
July 29, 2025, 04:17:16 PM
I just noticed something very odd while digging into this.  I have be doing this all from an EndeavourOS workstation.

My private key is 27 lines long, including the "Begin" and "End" text.  When I copy the key into the OPNsense GUI, the total lines increases to 37.

I did a diff between the two and there is very little in common.  The data is getting changed somehow.

Using a Windows workstation, I was able to successfully copy the correct key into the OPNsense GUI.
#2
25.7 Series / Re: sFTP Backups Public Key Failing
July 28, 2025, 06:25:15 PM
Yes, I made sure there are no line breaks.  Here is an example of what I pasted:

-----BEGIN OPENSSH PRIVATE KEY-----
<key data>
-----END OPENSSH PRIVATE KEY-----
#3
25.7 Series / sFTP Backups Public Key Failing
July 28, 2025, 12:12:55 AM
Trying to get the sFTP backups working.  From opnsense cli, I can sftp to my server using the needed private key.

From the GUI, I get this error when using the same private key:

The following input errors were detected:

    <user>@<server>: Permission denied (publickey). Connection closed

Any thoughts on what/where the issue may be?
#4
25.1, 25.4 Series / Re: DNScrypt Public Access
April 28, 2025, 06:48:11 PM
DNScrypt is running locally on my opnsense device.
#5
25.1, 25.4 Series / DNScrypt Public Access
April 27, 2025, 06:22:20 PM
I am wanting to my own secure DNS server that I can use on my Android phone from anywhere.

I have DNScrypt setup to listen on port 853 because that is what Android wants to you use by default.

Things look great when I point my Android to my LAN IP while connected to my internal network.

When I disconnect from my network to use the cellular network, I am not able to resolve anything.  Although, I can see successful connections on my WAN interface.


Am I just doing something wrong here?  Could I be trying to force a square block through a round hole?
#6
25.1, 25.4 Series / Re: IPv6 traffic blocked on WAN interface
March 04, 2025, 11:14:17 PM
Well....now it is working.  Not sure what it was though.

NPTv6 is set like this:

Interface: WAN
Internal IPv6 Prefix: <internal ipv6 addr>
External IPv6 Prefix: <external ipv6 addr>
Track interface:  None

Firewall rule is literally allowing any and all IPv6 traffic in.
#7
25.1, 25.4 Series / Re: IPv6 traffic blocked on WAN interface
March 04, 2025, 09:18:45 PM
I have a wide open "any/any" IPv6 rule on the WAN interface.

If I can get this to work, I will then look at tightening the rule.
#8
25.1, 25.4 Series / IPv6 traffic blocked on WAN interface
March 04, 2025, 05:54:42 PM
Running 25.1.2, I have IPv6 working outbound.  I am able to ping and browse to multiple IPv6 only sites on the Internet.

My trouble is with IPv6 traffic being allowed IN to my LAN.

Even with a NPTv6 entry, I keep seeing the traffic being blocked by the WAN interface Default Deny rule.

What am I missing here?
#9
24.1, 24.4 Legacy Series / Unbound DNS Records
June 14, 2024, 10:21:25 PM
I have some stale records in my DNS cache but cannot find anywhere in the GUI to edit the records.

Can someone point me in the right direction?

Cheers,
Pages1