root@openziti:/home/test# ziti edge list identities
╭────────────┬───────────────┬─────────┬─────────────┬─────────────╮
│ ID │ NAME │ TYPE │ ATTRIBUTES │ AUTH-POLICY │
├────────────┼───────────────┼─────────┼─────────────┼─────────────┤
│ By99wgXG7 │ CAMER_ROUTER │ Router │ edge router │ Default │
│ Wx6OUjCG7 │ ssh_server │ Default │ host │ Default │
│ cipU8DUn76 │ ssh_client │ Default │ user │ Default │
│ zR8KD2mlg │ Default Admin │ Default │ │ Default │
╰────────────┴───────────────┴─────────┴─────────────┴─────────────╯
results: 1-4 of 4
root@openziti:/home/test# ziti edge list services
╭────────────────────────┬──────────┬────────────┬─────────────────────┬────────────╮
│ ID │ NAME │ ENCRYPTION │ TERMINATOR STRATEGY │ ATTRIBUTES │
│ │ │ REQUIRED │ │ │
├────────────────────────┼──────────┼────────────┼─────────────────────┼────────────┤
│ 3ArZCawcRx5WODiNSPTTp2 │ ssh_ziti │ true │ smartrouting │ │
╰────────────────────────┴──────────┴────────────┴─────────────────────┴────────────╯
results: 1-1 of 1
root@openziti:/home/test# ziti edge list edge-router-policies
╭────────────────────────┬──────────────────────────────┬───────────────────┬────────────────╮
│ ID │ NAME │ EDGE ROUTER ROLES │ IDENTITY ROLES │
├────────────────────────┼──────────────────────────────┼───────────────────┼────────────────┤
│ 7U27XSpipiV08rsDYRfMK9 │ ssh_client_router_policy │ @CAMER_ROUTER │ @ssh_client │
│ By99wgXG7 │ edge-router-By99wgXG7-system │ @CAMER_ROUTER │ @CAMER_ROUTER │
│ y75hShH1H2XD1YUk1oRPU │ allow-ssh-server │ @CAMER_ROUTER │ @ssh_server │
╰────────────────────────┴──────────────────────────────┴───────────────────┴────────────────╯
results: 1-3 of 3
root@openziti:/home/test# ziti edge list service-policies
╭────────────────────────┬────────────────────────┬──────────┬───────────────┬────────────────┬─────────────────────╮
│ ID │ NAME │ SEMANTIC │ SERVICE ROLES │ IDENTITY ROLES │ POSTURE CHECK ROLES │
├────────────────────────┼────────────────────────┼──────────┼───────────────┼────────────────┼─────────────────────┤
│ 1MX2Ho2gDcuJOvtF5mqTQq │ ssh_ziti_dial_identity │ AllOf │ @ssh_ziti │ @ssh_client │ │
│ 2t72wffqjW8pHTKH7gE8yb │ ssh_ziti_bind_identity │ AllOf │ @ssh_ziti │ @ssh_server │ │
╰────────────────────────┴────────────────────────┴──────────┴───────────────┴────────────────┴─────────────────────╯
results: 1-2 of 2
root@openziti:/home/test# ziti edge list configs
╭────────────────────────┬──────────────────────┬──────────────╮
│ ID │ NAME │ CONFIG TYPE │
├────────────────────────┼──────────────────────┼──────────────┤
│ 4mpluRa5Rl3pDTomgn6M9Y │ ssh_config_intercept │ intercept.v1 │
│ qi47RDOQCnrJr5FQLeoCr │ ssh_config_host │ host.v1 │
╰────────────────────────┴──────────────────────┴──────────────╯
results: 1-2 of 2
root@openziti:/home/test# ziti edge policy-advisor services |grep ssh_ziti
OKAY : ssh_server (1) -> ssh_ziti (1) Common Routers: (1/1) Dial: N Bind: Y
OKAY : ssh_client (1) -> ssh_ziti (1) Common Routers: (1/1) Dial: Y Bind: N
root@openziti:/home/test#
I installed a router and an openziti controller; the idea is to do local tests by connecting to an ssh server via the ziti network; for this I created the client and server identities, I created host and intercept configurations and I also created policies for bind and dial; for the server I used an edge tunnel and for the client a ziti desktop edge and the enrollment was successful but from the client the connection does not go through. please, could someone have an idea of what is missing? below you have the result of my tests on the client the name I gave to the service is ssh.ziti in the intercept configuration
C:\Users\Murielle>ping ssh.ziti
Envoi d’une requête 'ping' sur ssh.ziti [100.64.0.3] avec 32 octets de données :
Réponse de 100.64.0.3 : octets=32 temps<1ms TTL=255
Réponse de 100.64.0.3 : octets=32 temps<1ms TTL=255
Réponse de 100.64.0.3 : octets=32 temps<1ms TTL=255
Statistiques Ping pour 100.64.0.3:
Paquets : envoyés = 3, reçus = 3, perdus = 0 (perte 0%),
Durée approximative des boucles en millisecondes :
Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms
Ctrl+C
^C
C:\Users\Murielle>ssh user2@ssh.ziti
ssh: connect to host ssh.ziti port 22: Connection refused