Hello:

I've recently turned an older PC into a linux box for the purpose of creating an online server with ftp and ssh capability and file sharing. I've installed Kubuntu 9.10 and I'm trying to ssh to the computer from outside the network.

I've install the openssh-client and openssh-server and I've created a static ip address, which works fine. I cannot ssh to the machine from outside the isp using either the direct ip address or hostname. The machine is connected to the internet via a Linksys Wireless G router, and I've edited the configuration settings to keep port 22 open for connect in the port server utility.

I've checked the ssh_config and sshd_config settings and port 22 is the default connection port, which is supposed to be open. I've run ifconfig and everything looks fine. I can connect to the computer using a machine connected to the same router, but other computers cannot access it. I want it to be visible to everyone.

Thanks in advance for your help,
Mistro116

Just to be sure, you are using the ip address assigned to you by the ISP, right? If so how are you testing? You need to test from another system not connected to your router, like the next door neighbor's system or a system at the library. Also are you sure the system that you are using to connect doesn't have port 22 blocked? Often public computers will block most ports including port 22. Is this a DSL or cable connection? Is the modem bridged? Or is it doing the PPPoE? If the modem is doing the PPPoE, do you have it configured to route traffic from your public IP address to the router IP address?

Probably other questions will become obvious once you answer those.

Jim.

1 members found this post helpful.

No, I'm using the ip address that I assigned to my server connected to my router. It works because I can connect to it using another computer linked to my router. Obviously I've used computers not connected to my router or using another ISP, and that doesn't work; hence, this is my problem that I'm trying to solve.

I'm using PuTTY to try to ssh to my server on my router using the computer NOT connected to my router and it fails. The default port is 22 using PuTTY and I'm able to connect to other machines using this port. I'm fairly certain that port 22 is open for my server (I added it in the port exclusion using my router) and it is set up this way in my ssh_config and sshd_config.

The connection is cable. I don't know if its bridged or PPPoE (I don't need to enter a password to access my connections).

Q: If the modem is doing the PPPoE, do you have it configured to route traffic from your public IP address to the router IP address?
A: I'm not sure... Is there a way to check this? I'll dig around and see what's up. My gut is that it has something to do with the router settings because I can connect to the machine doing ssh username@localhost or username@ipaddress with my computer on the same router. Do you agree? The issue is narrowing down the cause and finding a fix for it =[ Easier said then done.

Do you have any more suggestions? I would greatly appreciate them!

Mistro116

I was able to connect to my server using my router's ip address, but not the static ip address created in /etc/network/interfaces. I registered the router ip address with a hostname through dyndns, and wrote a perl script which updates the dynamic ip address hourly.

Now I have a new problem... it seems that since the hostname is linked to my router ip address, my other computer on my router cannot connect to it. The problem is that my static ip address on my server in /etc/network/interfaces is not visible outside the network, and the only way for others to connect to it is to use the router ip address, but this causes the computers on the router to be unable to connect to the server because it is already on the router.

Does anyone have a work around for this?

P.S. I'm running a gateway, not pppoe.

Thanks in advance,
Mistro116

You cannot get to the public IP address from inside your network, most likely. I've never understood this but that's the way it works. If you want to connect to your server from inside the network use the lan address.

For instance on my server, I have the local address as 192.168.2.50 and the public IP address is 208.65.90.2. So from a system on the 192.168.2 network I have to use 192.168.2.50, however if I'm on the internet from outside of this network I have to use 208.65.90.2.

If you want to avoid using the numbers you could always add an entry to your hosts table, for instance

192.168.2.50 myserver.com

That way you could ssh myserver.com. Otherwise you could set up a bind server locally.

Jim.

1 members found this post helpful.

Excellent! This is very helpful.

This raises another question though: Suppose you have two servers connected to the same router that you want visible outside of your network. If you connect to the router ip address, how does it know which server to connect to? Furthermore, how would you go about setting this up so each server can be found outside of the network since the internal static ips are not visible?

Thanks in advance,
Mistro116

It depends on how the router is configured. On my Linksys router I have port 80 assigned to port 80 on 192.168.2.50 and port 8180 assigned to .90. There is no way to have a second machine on the same port since it wouldn't know which one you wanted to connect to, as you suggested. If you want to run two servers you must put them on different ports. Since different services, ssh, http, https, ftp, etc. run on different ports, it's not uncommon to see a separate system for different services. If you want to run ssh to another system on your lan, change the port to something else like 9234 in /etc/ssh/sshd.conf on the other system. Of course you could always get to the second system by first ssh'ing to the routed system and ssh to the other one from there. If you're going to be doing a lot of working within your lan from the outside consider using VPN.

Jim.