LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 08-17-2015, 06:24 PM   #1
MattFly
Member
 
Registered: Apr 2015
Posts: 98

Rep: Reputation: Disabled
Run ssh server on my notebook through wireless conection


How to setup an ssh conection via wireless(to my notebok) which can be acessed from outside my internal coneciton? I have a d-link router and my isp don't blocks ssh. Could you plz tell me a step by step way to do it without having to pay?
 
Old 08-17-2015, 08:39 PM   #2
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,272
Blog Entries: 28

Rep: Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124
The wireless doesn't matter. A network connection is a network connection.

When you say "accessed from outside my internal connection," I assume you mean "can be accessed from the internet." If my assumption is correct, here's one way that's not at all complicated:

Get some sort of DNS service (I used to use noip.com and was quite satisfied with them) to ensure that your network is discoverable from the internet.

Give the netbook a static ip address.

Open the incoming ssh port in your router, then set up port forwarding in the router to forward external calls to port 22 to the netbook's ip address.

When this is done, ssh calls coming to your router will be forwarded to the netbook.

If you are going to make ssh accessible from the big wide world, you should look into using a non-standard ssh port. This link is about CentOS, but it's a good primer: http://wiki.centos.org/HowTos/Networ...ebce74da40d8ec
 
1 members found this post helpful.
Old 08-18-2015, 09:06 AM   #3
MattFly
Member
 
Registered: Apr 2015
Posts: 98

Original Poster
Rep: Reputation: Disabled
OK I did it and I can't even acess my notebook internaly using the 192.168.0.102 ip. Look at the configuration file on my note:

Code:
 Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22

# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 1024

# Logging
SyslogFacility 
AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin without-password
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
AllowUsers sshclient
Now here's how my d-link modem is configure. It's on portuguese but i think you will get it.

This is how i've atributed the por fowarding:
http://upimage.us/server/php/files/imagem6.png

Provided that the output of ifconfig wlan0 on my notebook is:

Code:
# ifconfig wlan0

wlan0     Link encap:Ethernet  Endereo de HW 80:86:f2:f7:ff:08  
          inet end.: 192.168.0.102  Bcast:192.168.0.255  Masc:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Mtrica:1
          pacotes RX:32696 erros:0 descartados:0 excesso:0 quadro:0
          Pacotes TX:32757 erros:0 descartados:0 excesso:0 portadora:0
          colises:0 txqueuelen:1000 
          RX bytes:28906538 (28.9 MB) TX bytes:6123307 (6.1 MB)
And the first colum of the image stands for initial port and the second the final port.

And this is how I did setup my static ip to the router:


http://upimage.us/server/php/files/imagem72028129.png

No look at that:
Code:

root@ubuntu-pos-ag31ap:/# ssh sshclient@192.168.0.1
ssh: connect to host 192.168.0.1 port 22: Connection refused
This is from a lan connected computer in the same router. When I do from a wifi conected device:

Code:
ssh -l sshclient 192.168.0.102
ssh: connect to host 192.168.0.102 port 22. No route to host
And I try what I really want:

Code:
ssh sshclient@***********

ssh: conection timed out
Where ********** is the ip that I've got from ipchicken.

Another thing is that I'm able to ping my Lan connected desktop, but no able to ping my wlan notebook.It gives me "host unreachable" That might be a problem.

If is needed me to translate something for you, don't be afraid to ask me, I really need your help! Is the first time I'm doing this so every kind of help is welcome. Things are bad here.

Thanks!

edit: One more thing if it helps:

Code:
nmap -A -T4 -Pn ********

Starting Nmap 6.47 ( http://nmap.org ) at 2015-08-18 11:28 BRT
Nmap scan report for **************.xd-dynamic.ctbcnetsuper.com.br (*************)
Host is up.
All 1000 scanned ports on *************************.xd-dynamic.ctbcnetsuper.com.br (**************) are filtered

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 101.55 seconds

Last edited by MattFly; 08-18-2015 at 09:33 AM.
 
Old 08-18-2015, 10:47 AM   #4
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,592

Rep: Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880
What distribution / version is running on the laptop?
Is the ssh server actually running? (one way to check is ps ax | grep sshd)
Can you login using ssh on the laptop itself? (ssh sshclient@localhost)
If a firewall is running does it allow ssh traffic?

If all that works then it should be possible to login via another computer on your LAN. I expect ssh sshclient@192.168.0.1 to fail since I assume that 192.168.0.1 is your router's IP address. Once you can login on your LAN the we can try through the router.
 
Old 08-18-2015, 11:34 AM   #5
MattFly
Member
 
Registered: Apr 2015
Posts: 98

Original Poster
Rep: Reputation: Disabled
Using ubuntu 15.04, ssh is running I guess, at least the client is working.

Code:
# ps ax | grep sshd
25788 pts/3    S+     0:00 grep --color=auto sshd
I did
Code:
sudo ufw allow ssh
And it updated the rules.

192.168.0.1 is the ip of my router, And I can't login into my own laptop using itself. here's what happens:
Code:
# ssh sshclient@192.168.0.102
ssh: connect to host 192.168.0.102 port 22: Connection refused
I must be really lost
 
Old 08-18-2015, 11:43 AM   #6
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,592

Rep: Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880
ssh is not running. What happens when you run the command
sudo systemctl start ssh
 
Old 08-18-2015, 12:20 PM   #7
MattFly
Member
 
Registered: Apr 2015
Posts: 98

Original Poster
Rep: Reputation: Disabled
The first time I runned the comand as root, i didn't returned nothing. The second time I just get:

Code:
# systemctl start ssh
Job for ssh.service failed. See "systemctl status ssh.service" and "journalctl -xe" for details.

Here are the systemctl and journalctl -xe:
Code:
# systemctl status ssh.service
 ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
   Active: failed (Result: start-limit) since Ter 2015-08-18 14:16:08 BRT; 8s ago
  Process: 28790 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, status=255)
 Main PID: 28790 (code=exited, status=255)

Ago 18 14:16:07 matt-Vostro-5470 systemd[1]: Unit ssh.service entered failed state.
Ago 18 14:16:07 matt-Vostro-5470 systemd[1]: ssh.service failed.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: ssh.service holdoff time over, scheduling restart.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: start request repeated too quickly for ssh.service
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: Failed to start OpenBSD Secure Shell server.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: Unit ssh.service entered failed state.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: ssh.service failed.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: start request repeated too quickly for ssh.service
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: Failed to start OpenBSD Secure Shell server.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: ssh.service failed.
And the firsts line:
Code:
# journalctl -xe          
Ago 18 14:18:23 matt-Vostro-5470 polkitd(authority=local)[1052]: Registered Authentication Agent for unix-proc
Ago 18 14:18:23 matt-Vostro-5470 systemd[1]: start request repeated too quickly for ssh.service
Ago 18 14:18:23 matt-Vostro-5470 systemd[1]: Failed to start OpenBSD Secure Shell server.
-- Subject: A unidade ssh.service falhou
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- A unidade ssh.service falhou.
-- 
-- O resultado  failed.
Ago 18 14:18:23 matt-Vostro-5470 systemd[1]: ssh.service failed.
Ago 18 14:18:23 matt-Vostro-5470 sudo[28981]: pam_unix(sudo:session): session closed for user root
Ago 18 14:18:23 matt-Vostro-5470 polkitd(authority=local)[1052]: Unregistered Authentication Agent for unix-pr
Ago 18 14:18:43 matt-Vostro-5470 sudo[29000]: matheus : TTY=pts/1 ; PWD=/home/matheus ; USER=root ; COMMAND=/b
Ago 18 14:18:43 matt-Vostro-5470 sudo[29000]: pam_unix(sudo:session): session opened for user root by matheus(
Ago 18 14:18:43 matt-Vostro-5470 su[29001]: Successful su for root by root
Ago 18 14:18:43 matt-Vostro-5470 su[29001]: + /dev/pts/1 root:root
Ago 18 14:18:43 matt-Vostro-5470 su[29001]: pam_unix(su:session): session opened for user root by matheus(uid=

But I don't no how can it be since I can ensure you that the ssh client of the same notebook works perfectlly.

Last edited by MattFly; 08-18-2015 at 12:39 PM.
 
Old 08-18-2015, 12:41 PM   #8
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,592

Rep: Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880
Many commands do not return any status if completed successfully. The error appears to be caused by trying to start ssh again. Try starting it again only once then check its status.
 
Old 08-18-2015, 12:51 PM   #9
MattFly
Member
 
Registered: Apr 2015
Posts: 98

Original Poster
Rep: Reputation: Disabled
Ok! I'll post here a sequence of terminal commands to answer everything you asked michaelk. All was done in the sequence that is putted:

Code:
root@matt-Vostro-5470:/home/matheus# ps ax | grep sshd
30501 pts/1    S+     0:00 grep --color=auto sshd
root@matt-Vostro-5470:/home/matheus# sudo systemctl start ssh
root@matt-Vostro-5470:/home/matheus# ps ax | grep sshd
30548 pts/1    S+     0:00 grep --color=auto sshd
root@matt-Vostro-5470:/home/matheus# sudo systemctl start ssh
root@matt-Vostro-5470:/home/matheus# ps ax | grep sshd
30573 pts/1    S+     0:00 grep --color=auto sshd
root@matt-Vostro-5470:/home/matheus# sudo systemctl start ssh
Job for ssh.service failed. See "systemctl status ssh.service" and "journalctl -xe" for details.
root@matt-Vostro-5470:/home/matheus# ps ax | grep sshd
30587 pts/1    S+     0:00 grep --color=auto sshd
root@matt-Vostro-5470:/home/matheus# sudo systemctl start ssh
root@matt-Vostro-5470:/home/matheus# ps ax | grep sshd
30608 pts/1    S+     0:00 grep --color=auto sshd
root@matt-Vostro-5470:/home/matheus# sudo systemctl start ssh
Job for ssh.service failed. See "systemctl status ssh.service" and "journalctl -xe" for details.
 
Old 08-18-2015, 01:14 PM   #10
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,592

Rep: Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880
Just for grins lets try to start sshd from the command line i.e.
/usr/sbin/sshd -D

Post any error messages. The terminal will sort of look like it has hanged and you should not see a new command line prompt. In an new terminal window try logging in as
ssh sshclient@localhost

To stop ssh press ctrl-c (the terminal window that ssh is running should be selected first)
 
Old 08-18-2015, 01:18 PM   #11
MattFly
Member
 
Registered: Apr 2015
Posts: 98

Original Poster
Rep: Reputation: Disabled
here it is:

Code:
# /usr/sbin/sshd -D
/etc/ssh/sshd_config line 24: unsupported log facility ''
Nothing more happened
 
Old 08-18-2015, 01:24 PM   #12
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,592

Rep: Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880
Your sshd_config file appears to have a syntax problem. Make sure it looks like the following.

Code:
# Logging
SyslogFacility AUTH
LogLevel INFO
 
Old 08-18-2015, 01:32 PM   #13
MattFly
Member
 
Registered: Apr 2015
Posts: 98

Original Poster
Rep: Reputation: Disabled
That worked man! Now "sudo systemctl start ssh" doesn't reply any error. I think we have it now:
Code:
# ps ax | grep sshd
  430 ?        Ss     0:00 /usr/sbin/sshd -D
  498 pts/1    S+     0:00 grep --color=auto sshd

Here's my config file now:

Code:
# cat /etc/ssh/sshd_config 
# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22

# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 1024

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin without-password
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
AllowUsers sshclient
But I still can't connect from my own laptop even if I restart ssh:

Code:
# ssh sshclient@192.168.0.1
ssh: connect to host 192.168.0.1 port 22: Connection refused
 
Old 08-18-2015, 01:35 PM   #14
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,592

Rep: Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880Reputation: 5880
192.168.0.1 is the IP address or your router.

Use ssh sshclient@192.168.0.102 or ssh sshclient@localhost
 
Old 08-18-2015, 04:39 PM   #15
MattFly
Member
 
Registered: Apr 2015
Posts: 98

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by michaelk View Post
192.168.0.1 is the IP address or your router.

Use ssh sshclient@192.168.0.102 or ssh sshclient@localhost
LOL. That was really lack of attetion. Thanks for being patient. Now I guess that I'm with the right port configuration on my router, but i still can't stablish a external conection. When I try "ssh sshclient@my.external.ip.atthemoment", after a long time waiting I get "conection timed out". I already look up to my isp and i can esure you that it allows ssh. My router configuration reallly seens to take as initial port 22 and redirect to 22 for the 192.168.0.102 ip. You can check it on the reply that i did gave above.

I don't want to try dns server now since I want to do it setp by step, so how to check what is going wrong now?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How do you run graphical programs on the server, displayed on the server, with ssh? yellowbounder Linux - Newbie 4 10-13-2008 04:04 PM
Wireless Conection CaptainPugwash Linux - Newbie 1 07-27-2007 08:34 PM
ssh setting up port 22 conection refused TheBrick Linux - Networking 3 02-22-2007 08:57 AM
Fedora Core 6 doesn't detect the wireless conection as a wireless conection...? santiagosilva Linux - Wireless Networking 33 02-04-2007 08:07 AM
Slow wireless g conection sniff Linux - Wireless Networking 7 01-04-2005 10:50 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 02:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration