Connect my comp behind router with ssh

Discussion in 'General Mac Discussion' started by cluthz, Aug 19, 2004.

  1. cluthz macrumors 68040

    cluthz

    Joined:
    Jun 15, 2004
    Location:
    Norway
    #1
    I want to connect to my home computer from our universitys lab.
    My computer at home is behind a router w/firewall.
    How can i connect this computer with ssh from the lab?

    Lets say the router has ip 127.0.0.1 and the computer i want to connect has ip 192.168.0.2
    i have already allowed the firewall to accept connections thru port 22 to ip 192.168.0.2
    i can connect to 192.168.0.2 from inside the LAN

    i've tried:
    G3-300:~] tsb% ssh -v -l USER 127.0.0.1
    OpenSSH_3.4p1+CAN-2003-0693, SSH protocols 1.5/2.0, OpenSSL 0x0090609f
    debug1: Reading configuration data /etc/ssh_config
    debug1: Rhosts Authentication disabled, originating port will not be trusted.
    debug1: ssh_connect: needpriv 0
    debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
    ssh: connect to address 127.0.0.1 port 22: Connection refused

    -tb

    PB 12" on my way :)
     
  2. sonofslim macrumors 6502a

    sonofslim

    Joined:
    Jun 6, 2003
    #2
    127.0.0.1 is the localhost -- it always refers to the local machine. so if you SSH to 127.0.0.1, you're just SSHing to the computer you're sitting at. not very useful, huh?

    you need to find the WAN IP of your home computer. if it's behind a firewall, you'll actually be looking for the IP of the router. (which will then pass on the request to your machine.) when you're at home, go to checkip.dyndns.org. this will tell you the IP address of your router as the rest of the world sees it, and that's what you want to SSH into.

    of course, if your ISP is like most, you've got a dynamic IP address that's subject to change. you can either check your external IP obsessively, or you can look at DynDNS's dynamic DNS service (or any one of several similar websites) that will alias your dynamic IP address to a static pointer.
     
  3. cluthz thread starter macrumors 68040

    cluthz

    Joined:
    Jun 15, 2004
    Location:
    Norway
    #3

    I'm not trying to ssh my localhost.. i only used that ip as an example, i woldn't reveal my own ip.. id agree that it was stupid to use localhost as a example...

    all the machines behind my router has the same ip (not 127.0.0.1),
    it's 129.x.x.x
    yeah im ssh'ing the router, but i can't get past it..


    -tb
     
  4. csubear macrumors 6502a

    csubear

    Joined:
    Aug 22, 2003
    #4
    the router at your house need to be able to 'map' a data it recives on its ports to a computer on you home network.

    Some routers can do this others can not. In mine its called virtual server.
     
  5. jsw Moderator emeritus

    jsw

    Joined:
    Mar 16, 2004
    Location:
    Andover, MA
    #5
    What does your /etc/ssh_config file look like (on the home machine)? Have you messed with it? And if I understand your posts correctly, you can connect via SSH from a system on the LAN your home systems on (i.e., on the "home" side of the router)?
     
  6. sonofslim macrumors 6502a

    sonofslim

    Joined:
    Jun 6, 2003
    #6
    sorry, misunderstood. i should have figured anyone savvy enough to set up a SSH tunnel wouldn't be trying to connect to their localhost. the only thing i had to do to successfully SSH from work to home was 1) forward port 22 from my router to my designated machine, and 2) turn on Remote Login under System Preferences -> Sharing.

    did you say you were connecting from school? it may be possible that they're blocking traffic on certain ports at a level above what you're able to control.
     
  7. cluthz thread starter macrumors 68040

    cluthz

    Joined:
    Jun 15, 2004
    Location:
    Norway
    #7
    the router is actually a win xp box (yeah, it sounds stupid!!!),
    but i have to run a crappy ms chap vpn (tunneling) to connect to my isp,
    (macosx IS NOT, whatever apple says, working with this connection, i had to use digitunnel on os x.3 (can't spare a mac either) and i've tried varius linux routers, but they having trouble reconnection after dropouts..)

    on the firewall on the connection (wan-miniport) i have chosen that services running on port 22 on 192.168.0.2 will be accessible by "internet users" (expect this to be ms explanation for anyoner outside the lan..)

    btw, ssh isn't blocked by the university.. i'm even ssh'ing from home to get the files which is stored there..

    -tb
     
  8. csubear macrumors 6502a

    csubear

    Joined:
    Aug 22, 2003
    #8
    Some how winxp needs to be set up to forward all traffic it recives on port 22 to you home mac.

    I don't know how to do this.
     

Share This Page