How do connect to a machine behind a router with ssh
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How do connect to a machine behind a router with ssh
Just what the title says. I have a smoothwall box that serves as a router and so my machine address is 198.162.x.y. I would like to connect to my machine when I'm not at home. I have more than machine connected to the router and I can access them all from within the lan with ssh.
Also I would like to connect to another machine that is connected with a modem from sympatico that seems to act like a router because the machine's ip from ifconfig is 192.168.x.y.
I've never used smoothwall, but the general process is to go to the router config page and port forward 22 to the computer running ssh.
Here is what you should set the options to:
Source IP (if available), leave blank
Source Port (if available): 22
Dest IP: 192.168.x.y
Dest Port (or just port): 22
I've never used a modem in Linux, so I can't help you there.
Ok tanx, now I understand that part, but I'm still confused as to how do you write the ssh command. Is it something like ssh -p 22 [user]@[ip] and because I said to foward port 22 to address 192.168.x.y I will connect to my computer?
If so I would have to set one port for each computer connected to my router
if you're attempting to connect from outside your lan, and you don't have a static internet ip address, then you'll need a dynamic address (see no-ip.com)
you'll have to forward different public ports from your router to each internal pc
eg: 192.168.0.2 public port 22, private port 22
192.168.0.3 public port 9002 private port 22
192.168.0.4 public port 9004 private port 22
hence, to connect externally to 192.168.0.3:
ssh yourdynamicaddress.com 9004
as far as the slipstream modem is concerned, i'd be interested as well, as i spent a bit of time a few months ago trying to discover it's admin page (it's obviously setup as a dhcp server, but simple admin access via 192.168.0.1 didn't seem to work). i'm thinking that there may be a software access solution in the slipstream setup package. It's not important to me now, but it's something i can file for later....
First find out your external IP address. The simplest way is to go to http://www.whatismyip.com (while going through your router). Ssh into your computer at that IP address on port 22 (it's assumed).
Let's say that your external IP is 24.16.118.150. Then you would do:
ssh 24.16.118.150
If everything is correctly configured, that command will work both inside your network and outside.
Distribution: Ubuntu, Debian, Various using VMWare
Posts: 2,088
Rep:
Quote:
Originally Posted by mixtr
Won't that only connect me to the router or if I foward port 22 to my machine it will connect me to it?.
Not if port forwarding is set up correctly on the Smoothwall Box. Point a browser one one of the machines in your "Green Zone" (Trusted Zone) to https://SmoothwallBoxIP:441. Under the networking tab, select port forwarding. Forward connections on port 22 to the computer that you want to connect to. Click OK.
Now, connect to your smoothwall box using your external IP, (not 192.168.*.*). The connection will be forwarded to the internal computer, and you will actually be connecting to that computer, not the smoothwall box,
Thanks, that is really helpful!
Now can I do something like foward port 44444 to 192.168.0.XXX port 22 and forward port 44445 to 192.168.0.YYY port 22 so I can have access to 2 of my machine. Or am I just too paranoid to try to 'stealth' my port 22.
Distribution: Ubuntu, Debian, Various using VMWare
Posts: 2,088
Rep:
May I suggest from a security point of view, that simply connecting to ssh using a non-standard port is not the whole solution. Find out the IP address of your work/school/wherever, and only allow connections from those addresses. For example, I can connect to my computer from uni, but nowhere else, to prevent hackers.
To do this, you will need to modify /etc/rc.d/rc.firewall.up
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.