Setting up server to connect using SSH over the internet (Ubuntu 14.04)

6

3

I am trying to set up a local server to be accessible from outside of the local network. I am new to this concept and a little unsure as to what to do.

At the moment I access the computer using: ssh user@192.168.X.X.

I would like to set this server up to be accessible from outside of the local network.

I have been reading about networking including TCP/IP and IP addresses etc however I find myself unsure how to actually make it happen.

I am using Ubuntu 14.04 LTS and have a public IP. Behind the router there is a LAN network of 4 windows computers and a linux server which runs MySQL server.

Sofia

Posted 2015-09-05T09:27:18.990

Reputation: 61

you should describe something more about your network infrastructure, if you have public IP, what is behind your router and so on. In this form, the question is impossible to answer. – Jakuje – 2015-09-05T10:07:58.043

@Jakuje, thanks for the comment. This concept is new to me and I was not sure what details are necessary. – Sofia – 2015-09-05T12:51:26.320

This means that you will need to set up port forwarding (SSH port, probably 22) on your router to your Linux server. I believe there will be some guides and hints for your model. – Jakuje – 2015-09-05T15:06:14.793

I could give a 100% working solution if you give me your router model. I have done this before after an extensive research. – Baroudi Safwen – 2016-06-05T19:40:09.350

Answers

7

To use SSH to your server via the internet :

  1. On your computer : You need to open port 22 in the firewall.
  2. On the router : You need to forward port 22 to you at 192.168.X.X. Note that you can open a non-standard port on the router, for example 500, then forward it to port 22 on your computer, for safety reasons. You will then connect SSH to port 500 while your computer will be listening on the standard port 22.
  3. Find out the external IP address of the router by, for example, visiting http://whatismyipaddress.com/
  4. If your external IP address is not static (that depends on your ISP), you will need to give your router a DNS name. You will need to get an account with some Dynamic DNS supplier that is supported by your router, so that the router will automatically update its IP address with the supplier every time it boots. You will then connect to your computer using the DNS name, whose format depends on the supplier, for example your-name.ddns.net. If the DNS supplier is not supported by the router, you will need to either manually update it yourself every time it boots or setup ddclient.

Much more information can be found via Google. For example the article :
Dynamic Dns and Remote ssh and VNC.

harrymc

Posted 2015-09-05T09:27:18.990

Reputation: 306 093

1

For more specific answers, we need to know your router model. As you can access the ssh-server on your local lan you can access it over the internet if you configure your router the right way.

The feature is named different on different router, but basically you need to configure the firewall to allow connections on port 22 from your public ip, an then forward the traffic to your local server. This could be named DNAT or Port Forwarding, and on some router the firewall rule is created automatically.

As a side node consider installing fail2ban for your ssh-deamon. Your server will be probed for access, and with fail2ban you limit this activity.

Fabian

Posted 2015-09-05T09:27:18.990

Reputation: 61

Asked: 2015-09-05T09:27:18.990

Viewed: 16 323 times

Active: 2016-06-05T19:35:57.807