LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   cannot ssh to home linux box from work (https://www.linuxquestions.org/questions/linux-networking-3/cannot-ssh-to-home-linux-box-from-work-257115/)

gene_albin 11-20-2004 01:11 AM
cannot ssh to home linux box from work
 
Ok, This is kind of difficult to describe so it might be a bit long winded. The initial problem:
I need to connect via SSH (and eventually via VPN) from my computer at work to my linux server at home. I have successfully configured my server at home and have established a SSH connection between my laptop (XP) and my linux server, all of which was on my local home lan (behind the router).

Here is my best guess as to how my internet connection is setup. Best guess because I'm not too sure how my isp sets up the connection to the intenet.

Home (Gentoo linux computer)
192.168.x.x
|
192.168.x.x
DI 514 Router
42.161.x.x
|
42.161.x.x
ISP (proxy server? router?)
202.33.x.x (reported by whatismyip.com)
|
Internet
|
132.20.x.x
Work (proxy)
122.20.x.x
|
122.20.x.x
Work Computer (XP)
All of the addresses listed are on private networks, i.e. I can't ping them from the internet, except the 132.20.x.x address and the 202.33.x.x address. Both ends have connectivity to the internet. Port 22 is open for outbount traffic becuase I can establish a SSH connection from each end to a third party server on the internet. The problem is that I can't establish a connection from my work computer to my home computer. I have configured the DI-514 to route port 20 through to my linux box and have configured the firewall to pass the traffic. Yet I still cannot connect. Unfortunately I can't configure my ISP's proxy server.

One more thing. Every 24 hours my ISP requires that I log into his web based authentication server to establish my connection. If 24 hours lapses then when I type in an address in my web browser (from home) then I'm redirected to the login server and have to login. Then I'm directed to the target website. This seems like it is a proxy server although I don't have to put any proxy settings in my web browser or my network setup.

Does anyone out there have any idea how I can establish this SSH connection?

Sorry for the long post, but I'm quite confused and frustrated! TIA

-gene

win32sux 11-20-2004 03:25 AM
if your ISP is giving you only private IPs, you need to have the ISP do port-forwarding from the first public ip (202.33.x.x) to your router...

=(

gene_albin 11-20-2004 04:19 AM
So that is the only option, huh? It it possible to establish a connection from my home computer to a server on the internet, then from my work computer connect to that same computer on the internet and somehow pass through that connection that is already established from home to get to my home computer... (are you as confused as I am...;) )

Darin 11-20-2004 06:56 AM
It's possible that they don't port block incoming connections and the second private address is just a 2 system hop they added for whatever dumb reason, in which case you just need to configure your DI router to port forward port 22 to your linux box's internal IP address. If they block some inbound ports then a possiblity is to change to port that ssh listens on to a higher number like 8000 and then set up your router to forward port 8000 to Linux instead. If they really are using a proxy, or a second NAT then you probably can't get any inbound connections to work, unless you ask them to and they will probably say no if you ask. The other solution I could think of to the second NAT/proxy problem would be to change ISPs :)

kyiydnlm 11-20-2004 07:26 AM
No matter what they did, you can do this.

You should code two programs: SSHServer and SSHClient

SSHClient running on your server on the internet listens to port 12345 (you can use any unoccupied port)

SSHServer running on your home computer makes a connection to SSHClient on port 12345

Then transfer commands and reply between SSHServer and SSHClient

The programs are not hard to code and won't need much work.

They look should like these (They are your own SSH system :)

SSHClient:
main()
{
/* listen to port 12345 */
/* user and password code goes here */
/* pack command package */
/* package send */
/* listen for reply package */
}

SSHServer:
main()
{
/* connect to SSHServer on port 12345 */
/* you can also write some codes to verify the privilege of the connection, and execute command with the user's privilege. but if you run SSHServer on root, the SSHServer can completely access your home computer */
/* listen for command */
/* receive package */
/* unpack command */
/* execute the command */
/* pack reply package */
/* package send */
}


All times are GMT -5. The time now is 11:40 PM.