I've got a headless server that I only want to access on my tailscale VPN.
thus I've changed listenaddress in sshd_config to be my server's tailscale IP.
This all works fine if I do it while I'm already logged in and everything is running.
However, if I reboot then SSH doesn't start.
sudo systemctl status ssh.service returns that it failed to start because it couldn't assign the tailscale IP.
No matter. I add a condition for
into /etc/systemd/system/ssh.service.d/override.conf
to get the system to wait for tailscale. No dice. Still doesn't work. Still fails because it can't assign the IP address.
Am I missing something? Is there a better way to do this?
thus I've changed listenaddress in sshd_config to be my server's tailscale IP.
This all works fine if I do it while I'm already logged in and everything is running.
However, if I reboot then SSH doesn't start.
sudo systemctl status ssh.service returns that it failed to start because it couldn't assign the tailscale IP.
No matter. I add a condition for
[Unit]
After=network-online.target tailscaled.service
Wants=network-online.target
into /etc/systemd/system/ssh.service.d/override.conf
to get the system to wait for tailscale. No dice. Still doesn't work. Still fails because it can't assign the IP address.
Am I missing something? Is there a better way to do this?