LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-04-2012, 05:06 AM   #1
madeleinepvincent
LQ Newbie
 
Registered: Nov 2012
Distribution: Debian and Ubuntu
Posts: 12

Rep: Reputation: Disabled
2 boxes, 1 router, and 1 IP address


Hi All,

I have 2 Linux boxes that I want to be able to access (mainly via ssh). I have a router and one static IP address.

I plan to hook up the incoming ethernet cable to the router, and the router to the 2 Linux boxes.

I'd like to ssh in to both of the Linux computers, but not sure how to do this, since I only have 1 IP address. I'm guessing I do this via port-forwarding from the router - for example, assign port 10 to one of the boxes and port 11 to the other.

But when I ssh to that IP address, how do I specify which port to use? Or to which box I want to connect?

Thanks,
Maddie.
 
Old 12-04-2012, 05:16 AM   #2
linosaurusroot
Member
 
Registered: Oct 2012
Distribution: OpenSuSE,RHEL,Fedora,OpenBSD
Posts: 749
Blog Entries: 2

Rep: Reputation: 194Reputation: 194
Assuming you've got sshd running on port 22 on each host you'd have two rules for forwarding in the router. e.g. traffic to router:1000->host_a:22 and traffic to router:2000->host_b:22.

The ssh client has -p for choice of port.
 
Old 12-17-2012, 01:55 PM   #3
madeleinepvincent
LQ Newbie
 
Registered: Nov 2012
Distribution: Debian and Ubuntu
Posts: 12

Original Poster
Rep: Reputation: Disabled
Hi,

so I'm really not sure I've got this correct...

I have a DLink 1005D Switch, which I was intending on using for this. After playing around a bit, I realize that this switch is not a router, and that there is no port-forwarding, etc.

So I'm wondering if I have made a mistake in the equipment I acquired.

Should I have a router, or is it possible to use the switch? And is there a significant difference in the configuration difficulty (i.e., is using a router just much, much easier)?

Regards,
Maddie.
 
Old 12-17-2012, 02:17 PM   #4
Mousepad123
LQ Newbie
 
Registered: Oct 2012
Distribution: CentOS or Debian
Posts: 23

Rep: Reputation: 3
Here's what you do.

SSH runs on Port 22. So, plug in your router, set all that stuff up. Once that's finished, go to the router set up page and for port forwarding, forward Port 22 as your first server, and port 24 (unused) as your second server. Then go to your linux box or PuTTY window. With PuTTY, just click SSH, and type in your IP address. You can change the port in PuTTY pretty easily (it's on the front page, you can't miss it). With SSH, you would type this (change to reflect your settings):
Server 1:
$ ssh root@server1
Server 2:
$ ssh -p 24 root@server2
 
Old 12-17-2012, 02:35 PM   #5
madeleinepvincent
LQ Newbie
 
Registered: Nov 2012
Distribution: Debian and Ubuntu
Posts: 12

Original Poster
Rep: Reputation: Disabled
MousePad -

I think that is the thrust of my question though:

I have a switch (specifically a DLink 1005D Switch), and not a router.

The switch does not have an admin or "set-up" page (which I am accustomed to finding at 192.168.0.1 for a router, for example).

Does this change your opinion of the situation?

Maddie.
 
Old 12-17-2012, 02:43 PM   #6
michaelk
Moderator
 
Registered: Aug 2002
Posts: 11,806

Rep: Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721
Your switch will not work. Home routers are configured via web setup pages so it isn't difficult to do what you want.

In addition I might suggest using the DHCP server on the router to assign each linux box with at static IP address (it is based on the MAC) then forward the desired port to the desired IP address.
 
Old 12-17-2012, 09:27 PM   #7
frankbell
Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, Mint
Posts: 7,416

Rep: Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404
It is not secure to have a switch facing the internet. You can't close ports and you can't mask your local IP addresses. I suggest investing in an inexpensive router.

You can set the router to forward the ssh call to one of the computers. You can then ssh into that computer and, from there, ssh into the other computer.

Remote computer--ssh-->Router, port forward to-->Computer A--ssh-->Computer B

It's not direct to computer B, but it works.
 
Old 12-18-2012, 09:25 AM   #8
stevebj.ee
LQ Newbie
 
Registered: May 2012
Location: Peoples Republic of Wisconsin
Distribution: RHEL, Debian, Ubuntu
Posts: 5

Rep: Reputation: Disabled
Just use sshd on one of the linux boxes to forward to the second one.


linuxbox1# ssh -L 8022:linuxbox2IP:22 user@linuxbox2IP


Now if you ssh into linuxbox1 port 8022, it forwards to linuxbox2IP on port 22


I suggested port 8022, but you'll need to know of a port that is open from the outside world. Lots of cable service providers block most of the ports and you end up needing to port forward.
 
Old 01-02-2013, 01:17 PM   #9
madeleinepvincent
LQ Newbie
 
Registered: Nov 2012
Distribution: Debian and Ubuntu
Posts: 12

Original Poster
Rep: Reputation: Disabled
Hi all,

thanks for your help. Here is the status of my quest:

I have set up the Router and the two Linux boxes. The Router port-forwards port 22 to the first box (192.168.0.200) and this work well.
I can ssh to my Box 1 with the standard ssh command. From here, I can also ssh to my second box by using the local IP address 192.168.0.201.

So far so good.

Now, I wanted to be able to ssh into both computers directly, rather than first to box 1 and then ssh to box 2.
So I added port-forwarding for port 24 in the router to route to the 2nd box (192.168.0.201), and I added Port 24 to the ports listened to by sshd. Restarted sshd.

Unfortunately, I can't ssh in to box 2 from the outside.

I'm not sure if it is a router / port-forwarding issue or ssh config issue. I can see that sshd is listening on both ports 22 and 24 within /var/log/auth.log.
I can also connect on port 24 via localhost, ie:

ssh -p24 me@localhost

does work.

However, within the network, from box 1 to box 2 on port 24 doesn't work:

ssh -p24 me@192.168.0.201

Nor does from outside the network:

ssh -p24 me@mybox.com

So I'm nearly there. Any help on the remaining configuration?

Thanks,
Maddie.
 
Old 01-02-2013, 01:21 PM   #10
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 1,919

Rep: Reputation: Disabled
How about forwarding port 24 on the router to port 22 on the second Linux box?

The external and internal port numbers don't have to match. That way, you don't have to reconfigure sshd.
 
Old 01-02-2013, 02:15 PM   #11
amlife
Member
 
Registered: Sep 2007
Location: Canada
Distribution: RHEL, Debian, SUSE
Posts: 34

Rep: Reputation: 1
Just to note that there is another way to get this done, if you failed to get the first (recommended) option working.

You can change ssh port on the server1 and set it to "say" 50 and set ssh port on server2 to port 51 and then configure port forwarding on the router, then you may access your servers using any ssh client (putty or shell terminal)

To do this you can edit /etc/ssh/sshd_config and look for Port 22 and change it accordingly.

save and restart ssh server use netstat -ntlp to confirm that ssh service is listing on port 50 or 51 depending on your settings.

Good luck
 
Old 01-02-2013, 03:26 PM   #12
madeleinepvincent
LQ Newbie
 
Registered: Nov 2012
Distribution: Debian and Ubuntu
Posts: 12

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Ser Olmy View Post
How about forwarding port 24 on the router to port 22 on the second Linux box?

The external and internal port numbers don't have to match. That way, you don't have to reconfigure sshd.
------

Ser Olmy,

this would be my preferred method of doing it. However, I don't see how that is possible on my router.

I only have the option of forwarding a port, and I assume that it forwards the incoming port number directly.
I'm using a DLink 652. The only option on the Port Forwarding screen that I see is to choose a port number, not an "incoming" port number mapped to an "outgoing" port number.

I tried using the IP address of the 2nd (destination) server by using:

192.168.0.201:24

but this wasn't accepted as an input for the IP address.

Is there something I am missing?

Thanks,
Maddie.
 
Old 01-02-2013, 03:35 PM   #13
madeleinepvincent
LQ Newbie
 
Registered: Nov 2012
Distribution: Debian and Ubuntu
Posts: 12

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by amlife View Post
Just to note that there is another way to get this done, if you failed to get the first (recommended) option working.

You can change ssh port on the server1 and set it to "say" 50 and set ssh port on server2 to port 51 and then configure port forwarding on the router, then you may access your servers using any ssh client (putty or shell terminal)

To do this you can edit /etc/ssh/sshd_config and look for Port 22 and change it accordingly.

save and restart ssh server use netstat -ntlp to confirm that ssh service is listing on port 50 or 51 depending on your settings.

Good luck
amlife,

I think this is what I am doing on server2 -- I am setting it to listen on Port 24 (by editing /etc/ssh/sshd_config as you indicated, and adding Port 24 to the listened-to ports), and then I have configured the router to port forward port 24 to server 2. And in my client, I am (attempting to) connect using:

ssh -p24 me@mybox.com

Using netstat -ntlp seems to indicate that I am listening on 22 and 24. Here are the appropriate lines that I see:


tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:24 0.0.0.0:* LISTEN -


So, is this what you had recommended, or what am I missing?

Thanks,
Maddie.
 
Old 01-02-2013, 04:40 PM   #14
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 1,919

Rep: Reputation: Disabled
Quote:
Originally Posted by madeleinepvincent View Post
this would be my preferred method of doing it. However, I don't see how that is possible on my router.

I only have the option of forwarding a port, and I assume that it forwards the incoming port number directly.
I'm using a DLink 652. The only option on the Port Forwarding screen that I see is to choose a port number, not an "incoming" port number mapped to an "outgoing" port number.
According to page 27 in the manual, you can select different values for the "public" (outside) and "private" (inside) port.

If the management page on your router does not match the screenshot on page 28 in the above manual, you may want to check if your router is using an outdated firmware version.
 
Old 01-02-2013, 05:02 PM   #15
madeleinepvincent
LQ Newbie
 
Registered: Nov 2012
Distribution: Debian and Ubuntu
Posts: 12

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Ser Olmy View Post
According to page 27 in the manual, you can select different values for the "public" (outside) and "private" (inside) port.

If the management page on your router does not match the screenshot on page 28 in the above manual, you may want to check if your router is using an outdated firmware version.
Ser Olmy,

Yes, on the Virtual Server tab I see what you are talking about. I was only looking at the Port Forwarding tab.

I will try this on Friday when I am next in the office. It looks like it should work.

A big thank you for your help.

Maddie.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux boxes in an AD domain; address w/o FQDN itzfritz Linux - Networking 3 10-01-2008 03:59 PM
public IP address and boxes behind router? mac1234mac Linux - Networking 5 01-25-2007 12:27 PM
How to fix IP address for 2 Linux boxes at the router level RT31P2 rajeshsfo Linux - Hardware 1 08-08-2006 09:36 PM
Can see router and other boxes, alas no internet mrkstapleton Suse/Novell 6 07-19-2006 11:08 AM
Cannot connect to router from boxes bluesman2333 Linux - Networking 7 06-03-2005 09:57 PM


All times are GMT -5. The time now is 06:47 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration