Andrei - I'm making good progress on your suggestion but I've hit a snag getting the socket for port 22. Since I'm not starting dropbear through systemd but in the up script, how do I get the system to define port 22?
If I tell systemctl to start dropbear.socket - it starts up the dropbear service without my special configs (as it starts dropbear.service). If I don't start dropbear.socket - my script errors out because port22 isn't a socket. On Mon, Jun 1, 2015 at 11:37 PM, Andrei Borzenkov <arvidj...@gmail.com> wrote: > В Mon, 1 Jun 2015 16:36:38 -0400 > Matthew Karas <mkarasc...@gmail.com> пишет: > >> I am trying to start a dropbear service after my openvpn service starts up. >> >> ----------------------------------- >> [Unit] >> Description=SSH Per-Connection Server >> Wants=dropbearkey.service >> After=syslog.target dropbearkey.service >> Wants=openvpn@equipment.service >> After=openvpn@equipment.service >> ----------------------------------- >> >> >> But I would like to start up the service after "tun0" interface is >> available (made by openvpn). >> >> How do I find out what to put in "Wants" and "After" for tun0? I >> can't seem to find anything related >> >> Also if there is a better way to get dropbear to start after tun0 has >> appeared I'm open to doing that as well. My goal is to have my ssh >> server only look at my openvpn address and ignore ssh requests that >> are not from the vpn iface. I'm thinking I can do this with a script >> setting up drop bear with the -p option (and looking for my tun0 ip4 >> address and using it). >> > > What about using OpenVPN hooks to start service after connection is > established? You can pass it (service) interface name and bind it to > interface so it is automatically stopped when interface is teared down. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel