Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I'm sure this will be a simple syntax question for many of you, but the answer is evading my searches right now. I'd like to connect via ssh to a computer at a different location. I understand that I need to type:
but what is baffling me, is how to specify that remote IP address, since when I've done this before within a LAN the IP addresses are just one part addresses, e.g. 162.168.xxx.xxx
But with trying to access a remote machine, there's the IP to their location YYYY.YYYY.YYYY.YYYY to deal with, and then the IP on their LAN.
The question is, how do I put the X's and Y's together into one command?
ssh needs to be forwarded to the local machine on the remote site
public ip yyy.yyy.yyy.yyy => forwarded to xxx.xxx.xxx.xxx (local ip)
So you just ssh to the public ip, and you will be forwarded to the local ip.
You can not ssh to a private ip, if it is not forwarded from the public ip by the firewall.
You can not ssh to a private ip on a remote network, unless it is forwarded by the firewall on that remote server to the local IP
Repo, you've probably guessed the next question (probably I should have asked this on the newbie forum): how do I get the firewall on the remote server to forward ssh to the local IP? Is this part of the SSH setup on the machine being connected to? Or do I do something on the remote side?
Do you have access to the remote firewall?
just forward port 22 to the required local ip
Access - yes, via the phone with an elderly user who will only bear so much keying in..
Using Fedora 10 with default firewall. We have forwarded the local ethernet device on his machine, TCP port 22 to his local IP address, but still no connection. He has a cable modem that works like a router with what sounds like DHCP.
We've had to call it a day at the other end for now, but confirmed that sshd is definitely running both ends (verified through system/administration/services list on both f10 boxes).
The modem/router is a Siemens speedstream 4101 if that helps.
Seems to me you are confused
Absolutely - more so now: mrclisdue - you talk of a powerful and advanced use of ssh. But if I understand this right it means getting my 80+ yr old dad to forward his port to my port at my IP. All of this through the ports on his and my routers. 4 ports in all.. Unless you label them all A-D I don't know which is which. Both my dad and I have DCHP and probably NAT, so the last thing I want him to have to do is key in a new forwarding string every time his or my IP changes. It is enough for him to look up his IP address on a website and tell me over the phone. The theory is I then log into his machine and update it, sync photos, files etc. Your suggestion looks like a powerful solution, but I don't understand ssh well enough yet. Need to read more about it. What particularly throws me is whether 'forwarding' is something that happens on the sender or reciever of a communication, or if it refers to the setup.
$ ssh -p<your ssh port> -N -f -R <his ssh port>:localhost:<the port you wish to listen on> <your ip>
mrclisdue - can you explain when you said "my IP" in the code example, did you mean my public or local IP? And when you said 'local host' is that the two local ip's or local machine-names, or just the plain expression 'local host' in both cases?
you can run nmap from your machine ..where remote ip is the public ip from the remote machine
Starting Nmap 4.68 ( http://nmap.org ) at 2009-05-09 17:24 BST
Note: Host seems down. If it is really up, but blocking our ping probes, try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 2.026 seconds
I guess his IP had changed? Will try again another day.
Your Linux --- Router ---- Internet ---- Router --- His Linux
Your Linux will SSH to the public IP Address of his router.
You will need his Router's current IP Addr ... or see below about DynDNS.
His Router will have a Port Forwarding entry.
Port 22 ---> forward to His PC.
If his Router is smart enough it will have a table to point to his PC no matter what the IP Address is ... otherwise you may have to fix the IP Addr that his PC receives.
Use DynDNS to update a dynamic IP Addr to a specific Domain host name.
DynDNS.org has a free service and a Linux client that he can install.
His Router may already support DynDNS.
Then you can SSH using the Fully Qualified Domain Name that is setup.
Basically, my method requires that you do all the work on your end - ie., make your machine available over the internet, to your father, rather than asking your dad to open ports, firewalls, etc., on his end. He would have to issue an, ultimately, simple command, in a terminal, that you'll text, or email, or im him, so he just has to do a cut and paste.
So, let's assume that you have sshd listening on something other that the default, for security's sake, port 5555. And, your port 5555 is available from the internet, and your ip address is 65.555.555.555. Either your dad is setup on your machine as a user, or he knows your user/pass, etc, is up to you.
Dad's ssh port is default 22. You will listen on port 7777 of your machine.