Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Connect my comp behind router with ssh

cluthz

cluthz

macrumors 68040
Original poster
Jun 15, 2004
3,118
4
Norway
I want to connect to my home computer from our universitys lab.
My computer at home is behind a router w/firewall.
How can i connect this computer with ssh from the lab?

Lets say the router has ip 127.0.0.1 and the computer i want to connect has ip 192.168.0.2
i have already allowed the firewall to accept connections thru port 22 to ip 192.168.0.2
i can connect to 192.168.0.2 from inside the LAN

i've tried:
G3-300:~] tsb% ssh -v -l USER 127.0.0.1
OpenSSH_3.4p1+CAN-2003-0693, SSH protocols 1.5/2.0, OpenSSL 0x0090609f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
ssh: connect to address 127.0.0.1 port 22: Connection refused

-tb

PB 12" on my way :)
 
127.0.0.1 is the localhost -- it always refers to the local machine. so if you SSH to 127.0.0.1, you're just SSHing to the computer you're sitting at. not very useful, huh?

you need to find the WAN IP of your home computer. if it's behind a firewall, you'll actually be looking for the IP of the router. (which will then pass on the request to your machine.) when you're at home, go to checkip.dyndns.org. this will tell you the IP address of your router as the rest of the world sees it, and that's what you want to SSH into.

of course, if your ISP is like most, you've got a dynamic IP address that's subject to change. you can either check your external IP obsessively, or you can look at DynDNS's dynamic DNS service (or any one of several similar websites) that will alias your dynamic IP address to a static pointer.
 
sonofslim said:
127.0.0.1 is the localhost -- it always refers to the local machine. so if you SSH to 127.0.0.1, you're just SSHing to the computer you're sitting at. not very useful, huh?

you need to find the WAN IP of your home computer. if it's behind a firewall, you'll actually be looking for the IP of the router. (which will then pass on the request to your machine.) when you're at home, go to checkip.dyndns.org. this will tell you the IP address of your router as the rest of the world sees it, and that's what you want to SSH into.

of course, if your ISP is like most, you've got a dynamic IP address that's subject to change. you can either check your external IP obsessively, or you can look at DynDNS's dynamic DNS service (or any one of several similar websites) that will alias your dynamic IP address to a static pointer.
Click to expand...


I'm not trying to ssh my localhost.. i only used that ip as an example, i woldn't reveal my own ip.. id agree that it was stupid to use localhost as a example...

all the machines behind my router has the same ip (not 127.0.0.1),
it's 129.x.x.x
yeah im ssh'ing the router, but i can't get past it..


-tb
 
the router at your house need to be able to 'map' a data it recives on its ports to a computer on you home network.

Some routers can do this others can not. In mine its called virtual server.
 
What does your /etc/ssh_config file look like (on the home machine)? Have you messed with it? And if I understand your posts correctly, you can connect via SSH from a system on the LAN your home systems on (i.e., on the "home" side of the router)?
 
cluthz said:
I'm not trying to ssh my localhost.. i only used that ip as an example
Click to expand...

sorry, misunderstood. i should have figured anyone savvy enough to set up a SSH tunnel wouldn't be trying to connect to their localhost. the only thing i had to do to successfully SSH from work to home was 1) forward port 22 from my router to my designated machine, and 2) turn on Remote Login under System Preferences -> Sharing.

did you say you were connecting from school? it may be possible that they're blocking traffic on certain ports at a level above what you're able to control.
 
sonofslim said:
sorry, misunderstood. i should have figured anyone savvy enough to set up a SSH tunnel wouldn't be trying to connect to their localhost. the only thing i had to do to successfully SSH from work to home was 1) forward port 22 from my router to my designated machine, and 2) turn on Remote Login under System Preferences -> Sharing.

did you say you were connecting from school? it may be possible that they're blocking traffic on certain ports at a level above what you're able to control.
Click to expand...

the router is actually a win xp box (yeah, it sounds stupid!!!),
but i have to run a crappy ms chap vpn (tunneling) to connect to my isp,
(macosx IS NOT, whatever apple says, working with this connection, i had to use digitunnel on os x.3 (can't spare a mac either) and i've tried varius linux routers, but they having trouble reconnection after dropouts..)

on the firewall on the connection (wan-miniport) i have chosen that services running on port 22 on 192.168.0.2 will be accessible by "internet users" (expect this to be ms explanation for anyoner outside the lan..)

btw, ssh isn't blocked by the university.. i'm even ssh'ing from home to get the files which is stored there..

-tb
 
Some how winxp needs to be set up to forward all traffic it recives on port 22 to you home mac.

I don't know how to do this.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back