Re: ssh tunnelling testing
On 2020-12-07 13:24, john doe wrote:
On 12/7/2020 6:38 PM, Gary Dale wrote:
I'm running Debian/Buster on various servers, including my home server.
I'm trying to set up an ssh tunnel that I can use post-pandemic in case
I need to access my home network remotely. I'm already doing this to
various remote servers so I thought this should just work, since I can
already access my home server locally using its 192.168... address
Is it a classe C private Ipv4 address?
I thought that was obvious.
Your first point is what I am complaining about. The outer router
doesn't have a log function and an ssh attempt never shows up on the
inner router. As I explained in the initial post, I've set up the port
forwarding to allow it and the sshd.conf file is identical to one that
allows access from the outside.
(actually through the /etc/hosts file using the server's name).
I've set up port forwarding on both my routers (I have an inner network
and an outer one, using the outer network for devices I don't really
control). I can access my Apache2 server on the inner network by
forwarding port 80 on the outer network to the WAN address of the inner
router and forwarding that to my server. Pointing my browser to the
external IP address of the outer router brings up the default page -
which I can change so I know it's the actual local page > However,
when I try to ssh to the same address, it just times out.
I've compared the sshd.conf file on my local server to one on a remote
server and they are identical. The only uncommented lines are:
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
Any ideas on what's going wrong?
- This looks like your port forwarding is not working...
- What are the logs saying?
- Is the SSH server allowing access from the outside?
Note that it is unclear to me how you can test outside access from the
I can test outside access from the inside by trying to connect to the
external address. As with my browser example, the request goes to the
device that has the particular IP address being sought. That is the
external port on the outer router. I can also ssh to the external port
on the inner router (which I can't think of a reason to do except for
testing). Interestingly, this works but doesn't get logged.