ssh problem

der.hans PLUGd at LuftHans.com
Sat Mar 17 13:39:14 MST 2007 

Am 17. Mar, 2007 schwätzte Joey Prestia so:

> I have a linksys router a desktop computer connected that stays on at
> all times and sometimes a laptop connected wireless to my home network
> I have static IP set for my desktop which I can ssh into any time but if
> I
> get of my network I cannot ssh into my desktop by using the external IP
> I have my firewall settings off on my router and ssh -v says :
> [joey at localhost ~]$ ssh -v 68.3.73.132
> OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to 68.3.73.132 [68.3.73.132] port 22.
> debug1: connect to address 68.3.73.132 port 22: Connection timed out
> ssh: connect to host 68.3.73.132 port 22: Connection timed out
> [joey at localhost ~]$

Presuming the Linksys is connected to your Internet pipe and the desktop
is connected behind it...

Log in to the Linksys config interface[0].

Under "Applications & Gaming" add a port forward. You want to forward TCP
port 22 to your internal IP.

[0] If you don't know where that is, try the following. On your desktop in
a terminal window type 'netstat -rn'. That'll list an IP address under
Router. The destination for that router should be 0.0.0.0. That's your
gateway, which is the internal interface for your Linksys.

Let's says the IP is 192.168.1.1[1].

Point a browser a that IP, http://192.168.1.1/[2]. Linksys doesn't use the
username. Enter whatever password you've set or the default if you haven't
set one[3].

[1] I'd suggest changing the internal network to something other than the
default. For instance, 192.168.204 would be better than 192.168.1. That'll
require changing the static IP of your desktop to also be on the new
network.

[2] Linksys allows being only available via an SSL connection. Under
Administration enable HTTPS under Web Access -> Access Server. Make sure
you can connect via https, then disable the http connection. I think the
Wireless Access Web there is to allow connecting to the admin interface
via a wireless client, so suggest making sure that's off.

[3] If you haven't changed the password please do :).

ciao,

der.hans
-- 
#  https://www.LuftHans.com/        http://www.CiscoLearning.org/
#  I chose to use the kernel sources as my documentation.  ;-)
#  -- Kevin Buettner

More information about the PLUG-discuss mailing list