Run ssh server on my notebook through wireless conection
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Run ssh server on my notebook through wireless conection
How to setup an ssh conection via wireless(to my notebok) which can be acessed from outside my internal coneciton? I have a d-link router and my isp don't blocks ssh. Could you plz tell me a step by step way to do it without having to pay?
The wireless doesn't matter. A network connection is a network connection.
When you say "accessed from outside my internal connection," I assume you mean "can be accessed from the internet." If my assumption is correct, here's one way that's not at all complicated:
Get some sort of DNS service (I used to use noip.com and was quite satisfied with them) to ensure that your network is discoverable from the internet.
Give the netbook a static ip address.
Open the incoming ssh port in your router, then set up port forwarding in the router to forward external calls to port 22 to the netbook's ip address.
When this is done, ssh calls coming to your router will be forwarded to the netbook.
If you are going to make ssh accessible from the big wide world, you should look into using a non-standard ssh port. This link is about CentOS, but it's a good primer: http://wiki.centos.org/HowTos/Networ...ebce74da40d8ec
OK I did it and I can't even acess my notebook internaly using the 192.168.0.102 ip. Look at the configuration file on my note:
Code:
Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 1024
# Logging
SyslogFacility
AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin without-password
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
AllowUsers sshclient
Now here's how my d-link modem is configure. It's on portuguese but i think you will get it.
root@ubuntu-pos-ag31ap:/# ssh sshclient@192.168.0.1
ssh: connect to host 192.168.0.1 port 22: Connection refused
This is from a lan connected computer in the same router. When I do from a wifi conected device:
Code:
ssh -l sshclient 192.168.0.102
ssh: connect to host 192.168.0.102 port 22. No route to host
And I try what I really want:
Code:
ssh sshclient@***********
ssh: conection timed out
Where ********** is the ip that I've got from ipchicken.
Another thing is that I'm able to ping my Lan connected desktop, but no able to ping my wlan notebook.It gives me "host unreachable" That might be a problem.
If is needed me to translate something for you, don't be afraid to ask me, I really need your help! Is the first time I'm doing this so every kind of help is welcome. Things are bad here.
Thanks!
edit: One more thing if it helps:
Code:
nmap -A -T4 -Pn ********
Starting Nmap 6.47 ( http://nmap.org ) at 2015-08-18 11:28 BRT
Nmap scan report for **************.xd-dynamic.ctbcnetsuper.com.br (*************)
Host is up.
All 1000 scanned ports on *************************.xd-dynamic.ctbcnetsuper.com.br (**************) are filtered
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 101.55 seconds
What distribution / version is running on the laptop?
Is the ssh server actually running? (one way to check is ps ax | grep sshd)
Can you login using ssh on the laptop itself? (ssh sshclient@localhost)
If a firewall is running does it allow ssh traffic?
If all that works then it should be possible to login via another computer on your LAN. I expect ssh sshclient@192.168.0.1 to fail since I assume that 192.168.0.1 is your router's IP address. Once you can login on your LAN the we can try through the router.
The first time I runned the comand as root, i didn't returned nothing. The second time I just get:
Code:
# systemctl start ssh
Job for ssh.service failed. See "systemctl status ssh.service" and "journalctl -xe" for details.
Here are the systemctl and journalctl -xe:
Code:
# systemctl status ssh.service
ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit) since Ter 2015-08-18 14:16:08 BRT; 8s ago
Process: 28790 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, status=255)
Main PID: 28790 (code=exited, status=255)
Ago 18 14:16:07 matt-Vostro-5470 systemd[1]: Unit ssh.service entered failed state.
Ago 18 14:16:07 matt-Vostro-5470 systemd[1]: ssh.service failed.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: ssh.service holdoff time over, scheduling restart.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: start request repeated too quickly for ssh.service
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: Failed to start OpenBSD Secure Shell server.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: Unit ssh.service entered failed state.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: ssh.service failed.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: start request repeated too quickly for ssh.service
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: Failed to start OpenBSD Secure Shell server.
Ago 18 14:16:08 matt-Vostro-5470 systemd[1]: ssh.service failed.
And the firsts line:
Code:
# journalctl -xe
Ago 18 14:18:23 matt-Vostro-5470 polkitd(authority=local)[1052]: Registered Authentication Agent for unix-proc
Ago 18 14:18:23 matt-Vostro-5470 systemd[1]: start request repeated too quickly for ssh.service
Ago 18 14:18:23 matt-Vostro-5470 systemd[1]: Failed to start OpenBSD Secure Shell server.
-- Subject: A unidade ssh.service falhou
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- A unidade ssh.service falhou.
--
-- O resultado failed.
Ago 18 14:18:23 matt-Vostro-5470 systemd[1]: ssh.service failed.
Ago 18 14:18:23 matt-Vostro-5470 sudo[28981]: pam_unix(sudo:session): session closed for user root
Ago 18 14:18:23 matt-Vostro-5470 polkitd(authority=local)[1052]: Unregistered Authentication Agent for unix-pr
Ago 18 14:18:43 matt-Vostro-5470 sudo[29000]: matheus : TTY=pts/1 ; PWD=/home/matheus ; USER=root ; COMMAND=/b
Ago 18 14:18:43 matt-Vostro-5470 sudo[29000]: pam_unix(sudo:session): session opened for user root by matheus(
Ago 18 14:18:43 matt-Vostro-5470 su[29001]: Successful su for root by root
Ago 18 14:18:43 matt-Vostro-5470 su[29001]: + /dev/pts/1 root:root
Ago 18 14:18:43 matt-Vostro-5470 su[29001]: pam_unix(su:session): session opened for user root by matheus(uid=
But I don't no how can it be since I can ensure you that the ssh client of the same notebook works perfectlly.
Many commands do not return any status if completed successfully. The error appears to be caused by trying to start ssh again. Try starting it again only once then check its status.
Just for grins lets try to start sshd from the command line i.e.
/usr/sbin/sshd -D
Post any error messages. The terminal will sort of look like it has hanged and you should not see a new command line prompt. In an new terminal window try logging in as
ssh sshclient@localhost
To stop ssh press ctrl-c (the terminal window that ssh is running should be selected first)
# cat /etc/ssh/sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 1024
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin without-password
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
AllowUsers sshclient
But I still can't connect from my own laptop even if I restart ssh:
Code:
# ssh sshclient@192.168.0.1
ssh: connect to host 192.168.0.1 port 22: Connection refused
Use ssh sshclient@192.168.0.102 or ssh sshclient@localhost
LOL. That was really lack of attetion. Thanks for being patient. Now I guess that I'm with the right port configuration on my router, but i still can't stablish a external conection. When I try "ssh sshclient@my.external.ip.atthemoment", after a long time waiting I get "conection timed out". I already look up to my isp and i can esure you that it allows ssh. My router configuration reallly seens to take as initial port 22 and redirect to 22 for the 192.168.0.102 ip. You can check it on the reply that i did gave above.
I don't want to try dns server now since I want to do it setp by step, so how to check what is going wrong now?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.