7
2
I've got an ubuntu desktop at home and a mac laptop. I'm trying to set this up so that I can ssh into my ubuntu machine from outside my local network.
Here is what I have done so far:
(1) I've enabled ssh on port 22 on my ubuntu machine. The file /etc/ssh/sshd_config says it is listening on Port 22.
(2) If I look at my firewall status (ufw status
), it says:
Status: active
To Action From
-- ------ ----
22 ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
(3) On my Netgear C3700-100NAS router, I reserved the ip address to my ubuntu machine so that it won't change.
(4) I set up port forwarding, with service type TCP/UDP, external and internal ports set to 22, and it points to my internal IP address.
(5) I found my public ip address using http://www.myipaddress.com/
I can successfully ssh into my ubuntu machine from home, on the local network, using the local ip address.
But remote ssh times out. I also tried an online port forwarding tester (https://www.yougetsignal.com/tools/open-ports/), and when I point it to my public ip address and port 22, it tells me the port is closed.
When I attempt to remotely ssh, I get the following:
~ $ ssh -vvv myusername@xx.xxx.xxx.xx
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "xx.xxx.xxx.xx" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to xx.xxx.xxx.xx [xx.xxx.xxx.xx] port 22.
debug1: connect to address xx.xxx.xxx.xx port 22: Operation timed out
ssh: connect to host xx.xxx.xxx.xx port 22: Operation timed out
UPDATES
Following some advice listed below, I've made a few changes. I changed port forwarding so that it now uses port 8022 as the external port, but still port 22 as the internal port. I've also turned on an option in my router settings that it responds to pings.
Now, if I ping my public IP, it does respond. However, if I test whether or not port 8022 is open via the yougetsignal website listed above, it still says it's closed.
If I attempt to SSH:
> ssh -vvv username@xx.xxx.xxx.xx -p 8022
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "xx.xxx.xxx.xx" port 8022
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to xx.xxx.xxx.xx [xx.xxx.xxx.xx] port 8022.
debug1: connect to address xx.xxx.xxx.xx port 8022: Operation timed out
ssh: connect to host xx.xxx.xxx.xx port 8022: Operation timed out
I also called my ISP, and although it was a confusing conversation, it didn't seem like they were blocking the ports I was trying to use...
Following a suggestion below, I ran sudo nmap --packet-trace --traceroute --reason xx.xxx.xxx.xx
. Here is a subset of the output. Port 8022 is not listed, but I imagine it should be:
Host is up, received reset ttl 253 (0.0028s latency).
Not shown: 996 filtered ports
Reason: 996 no-responses
PORT STATE SERVICE REASON
135/tcp closed msrpc reset ttl 253
139/tcp closed netbios-ssn reset ttl 253
445/tcp closed microsoft-ds reset ttl 253
1025/tcp closed NFS-or-IIS reset ttl 253
I'm not sure where the problem is... the ubuntu machine? the router? Any ideas how to figure this out?
Thanks!
You just want port-forwarding on port 22. – xenoid – 2017-09-20T18:18:01.197
Behind ISP's modem I have my own router. So static IP and full modem bypass is needed. – pbies – 2018-06-11T08:29:54.197