Just what the title says. I have a smoothwall box that serves as a router and so my machine address is 198.162.x.y. I would like to connect to my machine when I'm not at home. I have more than machine connected to the router and I can access them all from within the lan with ssh.

Also I would like to connect to another machine that is connected with a modem from sympatico that seems to act like a router because the machine's ip from ifconfig is 192.168.x.y.

oops, typo in the title...

I've never used smoothwall, but the general process is to go to the router config page and port forward 22 to the computer running ssh.

Here is what you should set the options to:
Source IP (if available), leave blank
Source Port (if available): 22
Dest IP: 192.168.x.y
Dest Port (or just port): 22

I've never used a modem in Linux, so I can't help you there.

Ok tanx, now I understand that part, but I'm still confused as to how do you write the ssh command. Is it something like ssh -p 22 [user]@[ip] and because I said to foward port 22 to address 192.168.x.y I will connect to my computer?
If so I would have to set one port for each computer connected to my router

And last how do you set a Speedstream modem?

the ssh syntax:

ssh <destination or host ip address> <port>

eg ssh 192.168.0.2 22

however, ssh assumes port 22, so:

ssh 192.168.0.2

will suffice.

there are many other options

man ssh

if you're attempting to connect from outside your lan, and you don't have a static internet ip address, then you'll need a dynamic address (see no-ip.com)

you'll have to forward different public ports from your router to each internal pc

eg: 192.168.0.2 public port 22, private port 22
192.168.0.3 public port 9002 private port 22
192.168.0.4 public port 9004 private port 22

hence, to connect externally to 192.168.0.3:

ssh yourdynamicaddress.com 9004

as far as the slipstream modem is concerned, i'd be interested as well, as i spent a bit of time a few months ago trying to discover it's admin page (it's obviously setup as a dhcp server, but simple admin access via 192.168.0.1 didn't seem to work). i'm thinking that there may be a software access solution in the slipstream setup package. It's not important to me now, but it's something i can file for later....


cheers,

I'm good with connecting to my machines from inside the lan, what I want is to connect to a specific machine on my lan from OUTSIDE the lan:

[me not at home] -> Internet -> Router -> [my box at home]

First find out your external IP address. The simplest way is to go to http://www.whatismyip.com (while going through your router). Ssh into your computer at that IP address on port 22 (it's assumed).

Let's say that your external IP is 24.16.118.150. Then you would do:
ssh 24.16.118.150

If everything is correctly configured, that command will work both inside your network and outside.

Won't that only connect me to the router or if I foward port 22 to my machine it will connect me to it?.

Not if port forwarding is set up correctly on the Smoothwall Box. Point a browser one one of the machines in your "Green Zone" (Trusted Zone) to https://SmoothwallBoxIP:441. Under the networking tab, select port forwarding. Forward connections on port 22 to the computer that you want to connect to. Click OK.

Now, connect to your smoothwall box using your external IP, (not 192.168.*.*). The connection will be forwarded to the internal computer, and you will actually be connecting to that computer, not the smoothwall box,

I hope this helps
--Ian

Thanks, that is really helpful!
Now can I do something like foward port 44444 to 192.168.0.XXX port 22 and forward port 44445 to 192.168.0.YYY port 22 so I can have access to 2 of my machine. Or am I just too paranoid to try to 'stealth' my port 22.

May I suggest from a security point of view, that simply connecting to ssh using a non-standard port is not the whole solution. Find out the IP address of your work/school/wherever, and only allow connections from those addresses. For example, I can connect to my computer from uni, but nowhere else, to prevent hackers.

To do this, you will need to modify /etc/rc.d/rc.firewall.up
Also, monitor your logs on the computer that you are connecting to for unauthorized access.

--Ian