Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

How to access a time capsule via ssh

I

itarec1988

macrumors newbie
Original poster
Mar 10, 2018
5
0
Germany
Hello!
I have been trying to set up my router and my time capsule to get access over ssh connection, but I could not get it to work. The time capsule is connected to a usb hub which is also connected to other drives that I wish to access.

My set up:
Router: Hitron technologies connected via ethernet Time capsule
Time capsule: 802.11ac 3TB
USB hub: Onchoise 7 port USB 3.0 ports

How do I configure the router and the Time capsule to enable access remotely via ssh?

Thank you
 
itarec1988 said:
Hello!
I have been trying to set up my router and my time capsule to get access over ssh connection, but I could not get it to work. The time capsule is connected to a usb hub which is also connected to other drives that I wish to access.

My set up:
Router: Hitron technologies connected via ethernet Time capsule
Time capsule: 802.11ac 3TB
USB hub: Onchoise 7 port USB 3.0 ports

How do I configure the router and the Time capsule to enable access remotely via ssh?

Thank you
Click to expand...
There’s no shell on the time Capsule to ssh to.
If you have another machine that you can ssh too you can then tunnel port 548 (AFP sharing port) through the connection to the time capsule.
[doublepost=1520756730][/doublepost]
darkcompass said:
There’s no shell on the time Capsule to ssh to.
If you have another machine that you can ssh too you can then tunnel port 548 (AFP sharing port) through the connection to the time capsule.
Click to expand...
darkcompass said:
There’s no shell on the time Capsule to ssh to.
If you have another machine that you can ssh too you can then tunnel port 548 (AFP sharing port) through the connection to the time capsule.
Click to expand...
Only port you need to open is 22 on the router to your host.
[doublepost=1520758263][/doublepost]terminal command is this:

Code: 
ssh -f user@(external-ip-address) -L 11548:(ip-address-of-timecapsule):548 sleep 2

This establishes the connection

Then in finder go : connect to server

enter
Code: 
afp://localhost:11548
 
darkcompass said:
There’s no shell on the time Capsule to ssh to.
If you have another machine that you can ssh too you can then tunnel port 548 (AFP sharing port) through the connection to the time capsule.
[doublepost=1520756730][/doublepost]

Only port you need to open is 22 on the router to your host.
[doublepost=1520758263][/doublepost]terminal command is this:

Code: 
ssh -f user@(external-ip-address) -L 11548:(ip-address-of-timecapsule):548 sleep 2

This establishes the connection

Then in finder go : connect to server

enter
Code: 
afp://localhost:11548
Click to expand...

the port 22 I open it on the hitron tech router or on the time capsule? The external IP address should be the one form where I am doing the remote connection? Could you be a little bit more detailed, I am new on this.
Thank you
 
ok, lets start again.

File access is achievable via port 548 on the time capsule (afp). It does not have a port 22.

Look at it this way:

Router is at 192.168.0.1, internet IP is 80.100.100.34 (thats the address provided from your ISP)
Host Computer is at 192.168.0.10
Time Capsule is at 192.168.0.20
Your Computer is at 192.168.0.10

Local:
Within your network, you connect via SSH to the Host Computer (192.168.0.10) forwards any port 11548 traffic to time capsule (192.168.0.20) AFP Port.

ssh -f user@192.168.0.10 -L 11548:192.168.0.20:548 sleep 200

Once you have that connection, you can then use Finder to connect to afp://localhost:11548

-

From Outside (eg. an internet cafe)
You need to make your router forward traffic to the host computer, which also forwards 11548 within the ssh tunnel to the time capsule
Your router needs to forward port 22 to the host computer, you need to read your router manual to do that.

At the internet cafe your ssh command changes, you need to talk to the router.

ssh -f user@80.100.100.34 -L 11548:192.168.0.20:548 sleep 200

This is secure, and the best way.
 
darkcompass said:
ok, lets start again.

File access is achievable via port 548 on the time capsule (afp). It does not have a port 22.

Look at it this way:

Router is at 192.168.0.1, internet IP is 80.100.100.34 (thats the address provided from your ISP)
Host Computer is at 192.168.0.10
Time Capsule is at 192.168.0.20
Your Computer is at 192.168.0.10

Local:
Within your network, you connect via SSH to the Host Computer (192.168.0.10) forwards any port 11548 traffic to time capsule (192.168.0.20) AFP Port.

ssh -f user@192.168.0.10 -L 11548:192.168.0.20:548 sleep 200

Once you have that connection, you can then use Finder to connect to afp://localhost:11548

-

From Outside (eg. an internet cafe)
You need to make your router forward traffic to the host computer, which also forwards 11548 within the ssh tunnel to the time capsule
Your router needs to forward port 22 to the host computer, you need to read your router manual to do that.

At the internet cafe your ssh command changes, you need to talk to the router.

ssh -f user@80.100.100.34 -L 11548:192.168.0.20:548 sleep 200

This is secure, and the best way.
Click to expand...

Ok.. Got it.. I am most interested in the Outside mode. So, for this case, if there is no host computer this is not possible right? I thought that accessing the time capsule was possible just using its own IP address.
 
Yeah, technically it is possible to access the timecapsules IP address for file sharing

Forward port 548 on your router to your timecapsule's IP. and you can access it by afp://routerip:548

BUT It's not secure - all the traffic is unencrypted
Usernames and passwords are sent in plaintext over the connection. I wouldn't recommend it.

Going via SSH and tunnel is secure.

Some Routers these days have VPN functionality, does yours?
 
Last edited:
Ok thanks for the clarification. As far as I know, my router does not have VPN funcionality.

Coming back to the forwarding of the router to the host computer, I am now configuring the router on an option called ipv6 port forwarding rules. Is this the correct place to do that? One more thing, this will require that the host computer is always connected to the router and not to the time capsule, right? The settings asked for the port forwarding are:

Startport and endport is 22 right?
 

Attachments

  • Captura de pantalla 2018-03-11 a la(s) 7.57.06 p. m..png
    Captura de pantalla 2018-03-11 a la(s) 7.57.06 p. m..png
    24.3 KB · Views: 467
Are you using IPv6?
it's still port22 even if you are using IPv6

yes, the host computer does need to be on, and accepting ssh
 
IPv6 is the default option I get when changing the Port Forwarding settings. The MAC address would be the IP of the host computer right? I tried it like that and it did not work.
 
I need to read up more on ipv6 and ssh tunnels, but if you open terminal, and then run the command

ifconfig

it will show you the ipv6 address (called inet6 on a mac)
eg.
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::140f:4d5c:f9a0:d748%en0 prefixlen 64 secured scopeid 0x7
inet 192.168.0.5 netmask 0xffffff00 broadcast 192.168.0.255

Hope that helps.

Im not sure how thats going to effect the tunnel and the ssh.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back