sshwifty icon indicating copy to clipboard operation
sshwifty copied to clipboard

Published 20 hours ago verified publisher icon nirui

MacOS : safari cannot find server

Open ghost opened this issue 1 year ago • 16 comments

Hello,

I have a issue with the macOS on safari, While the phone (iOS) works very well, including the reverse proxy with httpS.

I wonder if you know some issue like me and how to fixe ?

Best regards,

ghost avatar Dec 14 '23 23:12 ghost

Hi,

Can you provide a bit more information about your setup? I don't have any Apple device as this moment, but maybe I can figure something out if more information is available.

Thanks!

nirui avatar Dec 15 '23 03:12 nirui

Hallo, thank you for your reply,

I used with

$ docker run --detach \ --restart always \ --publish 8182:8182 \ --name sshwifty \ niruix/sshwifty:latest

On my Synology nas by running on the terminal, it worked and I tried with the https of my Synology domain on macOS and it doesn't work (in French)

Capture d’écran 2023-12-16 à 00 40 05

but on my iOS do work

image

I tried without AdGuard, still same… I’m confuse

Best regards,

ghost avatar Dec 15 '23 23:12 ghost

Have you tried adding the port number (:8182) after the host name (i.e https://yourdomain.synology.me:8182)?

You can also try to do a ping on the macOS device against the host name sshXXXX.synology.me, see which IP address it resolves to.

nirui avatar Dec 16 '23 04:12 nirui

For what it's worth, I have had no problem accessing my sshwifty instance on my phone and my mac, so it's definitely not something particular to safari.

unbeatable-101 avatar Dec 17 '23 22:12 unbeatable-101

Hello, I’m sorry if I took a time.

I tried to adding the port 8182, success on macOS, but it say connection is not secure.

Capture d’écran 2023-12-17 à 23 46 41 Capture d’écran 2023-12-17 à 23 46 47 Capture d’écran 2023-12-17 à 23 51 08

ghost avatar Dec 17 '23 22:12 ghost

For what it's worth, I have had no problem accessing my sshwifty instance on my phone and my mac, so it's definitely not something particular to safari.

It's weird, do you use the Synology domain or else? what do you use the broswer internet? So that I understand why. Thank you

ghost avatar Dec 17 '23 23:12 ghost

I'm guessing you do not have much networking experience. I do not have any Synology NAS experience (as I prefer chaos >:3) so I need you to explain to me how the whole Synology domain thing works, and how you're getting HTTPS in the first place in order to further help you troubleshoot.

CJendantix avatar Dec 17 '23 23:12 CJendantix

For what it's worth, I have had no problem accessing my sshwifty instance on my phone and my mac, so it's definitely not something particular to safari.

It's weird, do you use the Synology domain or else? what do you use the broswer internet? So that I understand why. Thank you

I host it using my own personal domain and server, and behind a caddy reverse proxy in order to enable HTTPS. The reason you are getting that error saying it is not secure is because you are not using an HTTPS connection (see here https://github.com/nirui/sshwifty/issues/101#issuecomment-1193151825). I'm pretty sure it is possible to configure sshwifty to use HTTPS directly, but it in my opinion is just easier to use caddy as a reverse proxy since it'll do it for you.

Though you did say you use docker, so I'm not quite sure how that would work (I'm sure it could, I just don't use docker so I don't know how it would).

unbeatable-101 avatar Dec 18 '23 02:12 unbeatable-101

Hi @Topasty,

If you can access the instance via host+port (i.e ssh.XXX.synology.me:8182), it means the DNS resolver was likely setup correctly. But it still remained a mystery why directly accessing the host name (i.e. https://ssh.XXX.synology.me) is failing.

Can you run curl -v https://<your-hostname>.synology.me on your macOS device, and see what result it gives? (notice the https:// prefix and no port suffix) (please mask the last few segments of the IP address if the result contains any)

Also, I would like to point out that --publish 8182:8182 is not actually a good idea if you run Sshwifty behind a reverse proxy. But we will get into that after we got your Safari access working :)

nirui avatar Dec 18 '23 04:12 nirui

Good afternoon,

Thank you all for your support, after running on ( curl -v https://.synology.me ), SOLVED, its port 443 !

But I do not understand why it port 443 and not 8182, here the picture :

Capture d’écran 2023-12-18 à 17 25 39

ghost avatar Dec 18 '23 16:12 ghost

Based on information on Synology website, which mentioned:

Source (the device sending requests from the Internet)

I think that (the screenshot above) should be how the proxy rule is configured.

However, now that we figured it out, maybe consider to run the docker container via --publish 127.0.0.1:8182:8182 instead of just --publish 8182:8182, as the later one publishes the port 8182 to the public network around the reverse proxy.

nirui avatar Dec 19 '23 05:12 nirui

Hello, im sorry to not reply for a long time,

You mean :

docker run --detach
--restart always
--publish 127.0.0.1:8182:8182
--name sshwifty
niruix/sshwifty:latest ?

ghost avatar Dec 28 '23 15:12 ghost

Hi. Based on your configuration, yes. --publish 127.0.0.1:8182:8182 will only open port 8182 on your server's local interface.

Since you are hosting Sshwifty and your reverse proxy on the same server, it might be unnecessary to use --publish 8182:8182 which will open the port on all network interfaces (including the ones that are interfacing with external networks).

But that's just a nitpick, I'm glad that the main problem is resolved :)

nirui avatar Dec 28 '23 15:12 nirui

Hello,

Yes at least it worked. Thank you so much for your support !

ghost avatar Dec 28 '23 19:12 ghost

This issue appears to be resolved, can it be closed?

CJendantix avatar Oct 17 '24 19:10 CJendantix

@CJendantix Relax, I'll clean it up after I got time to review each one for suggestion and inspiration :)

nirui avatar Oct 18 '24 14:10 nirui