So it seems its your client that is giving you issues. Probably Key Exchange algorithms is the culprit? Or some other misconfig.
On Tuesday, January 20, 2026 at 08:23:45 PM GMT+9, Washington Odhiambo <[email protected]> wrote: On Tue, Jan 20, 2026 at 1:48 PM Crystal Kolipe <[email protected]> wrote: > On Tue, Jan 20, 2026 at 10:43:34AM +0300, Washington Odhiambo wrote: >> On Mon, Jan 19, 2026 at 8:08???PM Crystal Kolipe <[email protected]> >> wrote: >> > The problem is probably not with PF, but something else. >> > >> >> I haven't manipulated anything at all. It's a fresh OpenBSD install. > > Have you checked the configuration on the host? > > From the information you have supplied so far, the configuration of the > OpenBSD client seems to be correct. > >> Your suggested commands show that it is running and listening on all >> interfaces for IPv4 and IPv6. > > OK, so it seems that: > > * PF is currently disabled, so this is not the source of the problem. > * SSHd is running and listening on all interfaces. > * Your ifconfig output looks correct. > * Your routing table looks correct. > * The OpenBSD vm is using 192.168.69.22 > * The host is using 192.168.69.1 > * You are able to ping the host from within the OpenBSD vm > * You are able to ping other hosts on the internet from within the OpenBSD vm > * Therefore ICMP traffic is correctly being routed out of and back to the > OpenBSD vm. > * You are assigning the IP address to the OpenBSD via DHCP, (rather than > setting a fixed address.) > > If this is all correct, I would now check: > > * Is TCP traffic being routed out of and back to the OpenBSD vm: > > openbsd# ftp -o -https://www.openbsd.org/ > > * Can you connect to an arbitrary high port that is listening on the OpenBSD > vm > from the host: > > openbsd# nc -l 192.168.69.22 2000 > host$ telnet 192.168.69.22 2000 > > As PF is currently disabled, you should be able to connect to port 2000 > without any additional configuration. > Linux pve2 6.17.4-2-pve #1 SMP PREEMPT_DYNAMIC PMX 6.17.4-2 (2025-12-19T07:49Z) x86_64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. root@pve2:~# nc -l 192.168.69.22 2000 ^C root@pve2:~# ssh [email protected] The authenticity of host '192.168.69.22 (192.168.69.22)' can't be established. ED25519 key fingerprint is SHA256:rCoWP6WVjHxsVo2UEYEjq4UWyVS4a2xp3LJcD9EvNw0. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? I can SSH to openBSD from all the other VMs. What seems to be the problem is that I cannot SSH to it from Putty/Bitvise clients from Windows 11, but I can SSH from the Windows 11 command line :-( Weird. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
