Andrei - I'm making good progress on your suggestion but I've hit a snag getting the socket for port 22. Since I'm not starting dropbear through systemd but in the up script, how do I get the system to define port 22?
If I tell systemctl to start dropbear.socket - it starts up the dropbear service without my special configs (as it starts dropbear.service). If I don't start dropbear.socket - my script errors out because port22 isn't a socket. On Mon, Jun 1, 2015 at 11:37 PM, Andrei Borzenkov <[email protected]> wrote: > В Mon, 1 Jun 2015 16:36:38 -0400 > Matthew Karas <[email protected]> пишет: > >> I am trying to start a dropbear service after my openvpn service starts up. >> >> ----------------------------------- >> [Unit] >> Description=SSH Per-Connection Server >> Wants=dropbearkey.service >> After=syslog.target dropbearkey.service >> [email protected] >> [email protected] >> ----------------------------------- >> >> >> But I would like to start up the service after "tun0" interface is >> available (made by openvpn). >> >> How do I find out what to put in "Wants" and "After" for tun0? I >> can't seem to find anything related >> >> Also if there is a better way to get dropbear to start after tun0 has >> appeared I'm open to doing that as well. My goal is to have my ssh >> server only look at my openvpn address and ignore ssh requests that >> are not from the vpn iface. I'm thinking I can do this with a script >> setting up drop bear with the -p option (and looking for my tun0 ip4 >> address and using it). >> > > What about using OpenVPN hooks to start service after connection is > established? You can pass it (service) interface name and bind it to > interface so it is automatically stopped when interface is teared down. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
