LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-26-2009, 11:05 AM   #1
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430

Rep: Reputation: 55
What is the easiest way to allow remote SSH access to a private IP behind my dsl rter


What is the easiest way to allow remote SSH access to a box on a private IP behind my dsl router?

TIA
 
Old 03-26-2009, 11:13 AM   #2
jim_fields
Member
 
Registered: Nov 2006
Distribution: Slackware 11.0, Debian Lenny, testing
Posts: 32

Rep: Reputation: 16
What you are looking for is dynamic dns. I've used this service in the past and it has worked quite well. The page is informative and gives step by step instructions for set up.

http://www.dyndns.com/services/dns/dyndns/
 
Old 03-26-2009, 11:14 AM   #3
tizzef
Member
 
Registered: Jan 2005
Location: Nice, France
Distribution: Ubuntu,RHES, Mandriva, RHAS, AIX 4.3.3, 5.2 & 5.3, Debian,Solaris8/10
Posts: 119

Rep: Reputation: 20
Hi

- You have to do NAT in your router, (ig: redirect port 22 to your @IP in your private network)
- You have to open the port for SSH on your box.

that's all folks
 
Old 03-26-2009, 11:14 AM   #4
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430

Original Poster
Rep: Reputation: 55
Quote:
Originally Posted by jim_fields View Post
What you are looking for is dynamic dns. I've used this service in the past and it has worked quite well. The page is informative and gives step by step instructions for set up.

http://www.dyndns.com/services/dns/dyndns/
Thanks an that will point to a private IP? Like 192.168.0.100?
 
Old 03-26-2009, 11:16 AM   #5
jim_fields
Member
 
Registered: Nov 2006
Distribution: Slackware 11.0, Debian Lenny, testing
Posts: 32

Rep: Reputation: 16
Yes, but you need to configure your dsl router for port forwarding
 
Old 03-26-2009, 11:21 AM   #6
camorri
LQ Veteran
 
Registered: Nov 2002
Location: Somewhere inside 9.9 million sq. km. Canada
Distribution: Slackware 14.1, 14.2, current, slackware-arm-currnet
Posts: 5,458

Rep: Reputation: 628Reputation: 628Reputation: 628Reputation: 628Reputation: 628Reputation: 628
The easy way is to set up a DMZ to the target machine. The bad part is the entire machine is open to external attacks. You should run a firewall on the target box, if you set up a DMZ in the router.

The safer way would be to use port forwarding in the router to forward port 22 to the IP address of the target machine. This only opens one port to one IP address.

Either way you have to do it with the router configuration.
 
Old 03-26-2009, 11:34 AM   #7
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430

Original Poster
Rep: Reputation: 55
Quote:
Originally Posted by camorri View Post
The easy way is to set up a DMZ to the target machine. The bad part is the entire machine is open to external attacks. You should run a firewall on the target box, if you set up a DMZ in the router.

The safer way would be to use port forwarding in the router to forward port 22 to the IP address of the target machine. This only opens one port to one IP address.

Either way you have to do it with the router configuration.
Thanks, that worked and I will do the firewall now.
 
Old 03-26-2009, 11:36 AM   #8
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Northeast Ohio
Distribution: linuxdebian
Posts: 7,247
Blog Entries: 5

Rep: Reputation: 191Reputation: 191
Quote:
Originally Posted by abefroman View Post
Thanks an that will point to a private IP? Like 192.168.0.100?
Not directly..
That will provide a friendly name that will point to the Public IP of your Router.

You must configure your router to forward port 22 to the private IP of the machine you wish to SSH to..

Do NOT use the DMZ option in your router, as stated above that is insecure and exposes your PC to the Internet.. Only forward a single port from your router to the PC in question.

if you said what router you have I would bet someone could point you to directions for forwarding a port.
 
Old 03-26-2009, 11:41 AM   #9
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430

Original Poster
Rep: Reputation: 55
Quote:
Originally Posted by farslayer View Post
Not directly..
That will provide a friendly name that will point to the Public IP of your Router.

You must configure your router to forward port 22 to the private IP of the machine you wish to SSH to..

Do NOT use the DMZ option in your router, as stated above that is insecure and exposes your PC to the Internet.. Only forward a single port from your router to the PC in question.

if you said what router you have I would bet someone could point you to directions for forwarding a port.
Linksys, I figured it out thanks for the help!
 
Old 03-26-2009, 11:13 PM   #10
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Northeast Ohio
Distribution: linuxdebian
Posts: 7,247
Blog Entries: 5

Rep: Reputation: 191Reputation: 191
if you are opening a port for ssh, and wanted to further secure it, you could look into fail2ban which can be used to automatically block connections from people that make multiple failed login attempts to your machine. prevent them from trying to brute force the password. Depends on how secure you want to be, or how paranoid you feel

Other than that, glad to hear you have it working
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Secure Access To Your DSL Modemís Telnet through ssh LXer Syndicated Linux News 0 03-11-2009 09:00 AM
Using DSL and ssh / ssh-server to access the Windoze desktop GUI On2ndThought Linux - Server 4 11-16-2008 03:17 PM
How can I Access remote FTP servers on Private IPs dablew Linux - Networking 3 12-03-2007 02:14 AM
Remote access question. (ssh) JohnStormrider Linux - Networking 8 09-20-2005 05:32 PM
Easiest Remote Access King Henrik Linux - Security 2 10-12-2003 09:08 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 11:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration