0
My friend has a ssh server in a private network (ip address is 10.9.11.*), can this ssh server be accessed in public network? if it's possible, please tell me how to get it. thanks
Cosmore
Posted 2012-05-28T06:50:09.263
Reputation: 115
Can ssh service be accessed in private network?
Answers
0
There's a few approaches i can think of to do it. In addition to Ignacio's solution of using nat, you could use reverse ssh tunneling - connecting out from your friend's server to your system, or a third one, or set up an ipv6 tunnel provider on the server as well as the client systems - i've done this with gogo6, and use the ipv6 address and tunnel for ipv6
Journeyman Geek
Posted 2012-05-28T06:50:09.263
Reputation: 119 122
2
This has nothing to do with SSH. Private addresses such as 10/24 cannot be routed on the Internet, so some form of NAT must be used to make it available on a public address. Normally this is done with the "port forwarding" capabilities of a router or similar device.
Ignacio Vazquez-Abrams
Posted 2012-05-28T06:50:09.263
Reputation: 100 516
thanks Ignacio, i have little knowledge of NAT, is that means there must be a public host which can be accessed publicly to provide NAT function, so I can use the host address in the ssh client? – Cosmore – 2012-05-28T07:21:10.103
Not a public host, but a host with both public and private addresses, which can be used to forward the SSH connection to the final private address. – Ignacio Vazquez-Abrams – 2012-05-28T07:27:26.217
I got it, that's precisely what I want to say, thanks again, NAT means a second host is needed to build the connection. I use the forward host ip and port 10000 (for instance) in ssh client, the forward host maps port 10000 to the private destination A (with port B opened), is that right? – Cosmore – 2012-05-28T07:53:37.570
Sounds about right. – Ignacio Vazquez-Abrams – 2012-05-28T07:55:49.440
The link you provided really helps, reverse ssh tunneling must follow 2 constraints: 1) source is public address, 2) source and destination both have ssh servers, right? Is it possible source is Windows with some kind of ssh server? – Cosmore – 2012-05-28T07:31:51.660
only the target would need it in a two system scenario, and the target and middle server in a 3 system scenario. It should work with windows and a ssh server - most windows ssh servers are simple openssh ports. – Journeyman Geek – 2012-05-28T07:39:39.027
Thanks, i think reverse ssh tunneling is the best solution in my scenario. – Cosmore – 2012-05-28T08:34:29.843