I followed the getting started guide to build an openBalena server at aws using an “off the shelf” Ubuntu image. I successfully managed to setup proxytunnel on my machine to get ssh access to my devices both for development and production balenaOS images. Happy Dayz!
Given this success I thought I’d have a crack at setting up a service that was a bit more robust and in line with my estate policies so I pulled the test environment down and started again with my own Centos7 image. With a bit of trial and error I’ve got to a point where the service is up and running, this time using the ACME cert provider service. I can connect and query devices using the CLI so this is all good.
The only thing I can’t get working is the ssh tunnelling (either to a dev or a prod balenaOS image). Specifically, when I try “ssh root@.balena” I get the standard “Via vpn.<mydomain.com>:3128 -> .balena:22222” message and then it throws:
“HTTP return code: 407 Proxy Authorization Required”
Looking in the vpn service logs on the openBalena server side it’s saying the device is unreachable but I can see earlier in the log the device connected and authenticated successfully. I’ve tried turning off firewalls opening up security groups to no avail.
Can anyone give me any pointers for where to look next?