Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
This is probably a stupid question, but I don't seem to find the answer:
I have a router with a static IP-address (say 123.123.123.123), which is connected to my two computers (192.168.1.60 and 192.168.1.61).
I know how to use SSH from 192.168.1.60 to 192.168.1.61, but not how to use it from a computer outside my LAN.
Also (probably more stupid): I have to open port 22 on my router, right? Are there any more settings that I need to make it work safely?
You need to set your router to forward port 22 traffic to the IP address of your ssh server. You also need to make sure that the firewall on your ssh server won't get in the way.
That should get you basic ssh connections from the outside world, however, you REALLY need to harden ssh with a few steps:
- Turn off root access via ssh. No arguing, just do it.
- Make sure you are using only Protocol 2
- Learn how to use the AllowUsers directive in your sshd_config file. This helps control what users are allowed ssh access.
- Make extremely sure that passwords are strong.
- Seriously consider turning off password access and moving to key authentication.
People ARE going to take a rip at cracking this, make sure your prepared.
What would the IP address to the SSH server be? 192.168.1.60@123.123.123.123?
I think just 192.168.1.60 should do fine. I'm not sure what you're trying to do with the @123.123.123.123 bit but I've never seen a home router need something like that. Is there something else you're trying to do?
I'm not sure what you're trying to do with the @123.123.123.123 bit but I've never seen a home router need something like that.
I know almost nothing about networking, but isn't there an outer IP (the address for people outside my local area network; my internet provider tells me it is 81.216.131.26) and an inner (that would be 192.168.1.66 for my router). Since all of my computers are connected to the Internet through the router, I reckoned other computers could not see them directly. Sorry if I was unclear.
I know almost nothing about networking, but isn't there an outer IP (the address for people outside my local area network; my internet provider tells me it is 81.216.131.26) and an inner (that would be 192.168.1.66 for my router). Since all of my computers are connected to the Internet through the router, I reckoned other computers could not see them directly. Sorry if I was unclear.
Your right about the outer (WAN) and inner (LAN) addresses. To the rest of the world, all of your computers are just your WAN address and it is up to your router to keep straight which packet goes to which LAN computer. Which is where port forwarding comes in. When an SSH packet arrives at your router, it has absolutely no idea what to do with it. Adding the @123... bit is almost certainly meaningless to your router. However, if you have port 22 forwarded to one of your machines, then the router will pass that packet on. If you need to have access to more than one machine, you'll need to set the other SSH servers up on ports other than 22, and forward those ports to the proper linux box.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.