On 2020-12-07 13:24, john doe wrote:
On 12/7/2020 6:38 PM, Gary Dale wrote:I'm running Debian/Buster on various servers, including my home server. I'm trying to set up an ssh tunnel that I can use post-pandemic in case I need to access my home network remotely. I'm already doing this to various remote servers so I thought this should just work, since I can already access my home server locally using its 192.168... addressIs it a classe C private Ipv4 address?
I thought that was obvious.
Your first point is what I am complaining about. The outer router doesn't have a log function and an ssh attempt never shows up on the inner router. As I explained in the initial post, I've set up the port forwarding to allow it and the sshd.conf file is identical to one that allows access from the outside.(actually through the /etc/hosts file using the server's name). I've set up port forwarding on both my routers (I have an inner network and an outer one, using the outer network for devices I don't really control). I can access my Apache2 server on the inner network by forwarding port 80 on the outer network to the WAN address of the inner router and forwarding that to my server. Pointing my browser to the external IP address of the outer router brings up the default page -which I can change so I know it's the actual local page > However, when I try to ssh to the same address, it just times out.I've compared the sshd.conf file on my local server to one on a remote server and they are identical. The only uncommented lines are: PasswordAuthentication no ChallengeResponseAuthentication no UsePAM yes X11Forwarding yes PrintMotd no AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server Any ideas on what's going wrong?- This looks like your port forwarding is not working... - What are the logs saying? - Is the SSH server allowing access from the outside? Note that it is unclear to me how you can test outside access from the inside.
I can test outside access from the inside by trying to connect to the external address. As with my browser example, the request goes to the device that has the particular IP address being sought. That is the external port on the outer router. I can also ssh to the external port on the inner router (which I can't think of a reason to do except for testing). Interestingly, this works but doesn't get logged.