How to access a time capsule via ssh

Discussion in 'Mac OS X Server, Xserve, and Networking' started by itarec1988, Mar 10, 2018.

  1. itarec1988 macrumors newbie

    Joined:
    Mar 10, 2018
    Location:
    Germany
    #1
    Hello!
    I have been trying to set up my router and my time capsule to get access over ssh connection, but I could not get it to work. The time capsule is connected to a usb hub which is also connected to other drives that I wish to access.

    My set up:
    Router: Hitron technologies connected via ethernet Time capsule
    Time capsule: 802.11ac 3TB
    USB hub: Onchoise 7 port USB 3.0 ports

    How do I configure the router and the Time capsule to enable access remotely via ssh?

    Thank you
     
  2. 0826825 Suspended

    Joined:
    Oct 1, 2015
    Location:
    d
    #2
    There’s no shell on the time Capsule to ssh to.
    If you have another machine that you can ssh too you can then tunnel port 548 (AFP sharing port) through the connection to the time capsule.
    --- Post Merged, Mar 11, 2018 ---
    Only port you need to open is 22 on the router to your host.
    --- Post Merged, Mar 11, 2018 ---
    terminal command is this:

    Code:
    ssh -f user@(external-ip-address) -L 11548:(ip-address-of-timecapsule):548 sleep 2
    This establishes the connection

    Then in finder go : connect to server

    enter
    Code:
    afp://localhost:11548
     
  3. itarec1988 thread starter macrumors newbie

    Joined:
    Mar 10, 2018
    Location:
    Germany
    #3
    the port 22 I open it on the hitron tech router or on the time capsule? The external IP address should be the one form where I am doing the remote connection? Could you be a little bit more detailed, I am new on this.
    Thank you
     
  4. 0826825 Suspended

    Joined:
    Oct 1, 2015
    Location:
    d
    #4
    ok, lets start again.

    File access is achievable via port 548 on the time capsule (afp). It does not have a port 22.

    Look at it this way:

    Router is at 192.168.0.1, internet IP is 80.100.100.34 (thats the address provided from your ISP)
    Host Computer is at 192.168.0.10
    Time Capsule is at 192.168.0.20
    Your Computer is at 192.168.0.10

    Local:
    Within your network, you connect via SSH to the Host Computer (192.168.0.10) forwards any port 11548 traffic to time capsule (192.168.0.20) AFP Port.

    ssh -f user@192.168.0.10 -L 11548:192.168.0.20:548 sleep 200

    Once you have that connection, you can then use Finder to connect to afp://localhost:11548

    -

    From Outside (eg. an internet cafe)
    You need to make your router forward traffic to the host computer, which also forwards 11548 within the ssh tunnel to the time capsule
    Your router needs to forward port 22 to the host computer, you need to read your router manual to do that.

    At the internet cafe your ssh command changes, you need to talk to the router.

    ssh -f user@80.100.100.34 -L 11548:192.168.0.20:548 sleep 200

    This is secure, and the best way.
     
  5. itarec1988 thread starter macrumors newbie

    Joined:
    Mar 10, 2018
    Location:
    Germany
    #5
    Ok.. Got it.. I am most interested in the Outside mode. So, for this case, if there is no host computer this is not possible right? I thought that accessing the time capsule was possible just using its own IP address.
     
  6. 0826825, Mar 11, 2018
    Last edited: Mar 11, 2018

    0826825 Suspended

    Joined:
    Oct 1, 2015
    Location:
    d
    #6
    Yeah, technically it is possible to access the timecapsules IP address for file sharing

    Forward port 548 on your router to your timecapsule's IP. and you can access it by afp://routerip:548

    BUT It's not secure - all the traffic is unencrypted
    Usernames and passwords are sent in plaintext over the connection. I wouldn't recommend it.

    Going via SSH and tunnel is secure.

    Some Routers these days have VPN functionality, does yours?
     
  7. itarec1988 thread starter macrumors newbie

    Joined:
    Mar 10, 2018
    Location:
    Germany
    #7
    Ok thanks for the clarification. As far as I know, my router does not have VPN funcionality.

    Coming back to the forwarding of the router to the host computer, I am now configuring the router on an option called ipv6 port forwarding rules. Is this the correct place to do that? One more thing, this will require that the host computer is always connected to the router and not to the time capsule, right? The settings asked for the port forwarding are:

    Startport and endport is 22 right?
     

    Attached Files:

  8. 0826825 Suspended

    Joined:
    Oct 1, 2015
    Location:
    d
    #8
    Are you using IPv6?
    it's still port22 even if you are using IPv6

    yes, the host computer does need to be on, and accepting ssh
     
  9. itarec1988 thread starter macrumors newbie

    Joined:
    Mar 10, 2018
    Location:
    Germany
    #9
    IPv6 is the default option I get when changing the Port Forwarding settings. The MAC address would be the IP of the host computer right? I tried it like that and it did not work.
     
  10. 0826825 Suspended

    Joined:
    Oct 1, 2015
    Location:
    d
    #10
    I need to read up more on ipv6 and ssh tunnels, but if you open terminal, and then run the command

    ifconfig

    it will show you the ipv6 address (called inet6 on a mac)
    eg.
    en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    inet6 fe80::140f:4d5c:f9a0:d748%en0 prefixlen 64 secured scopeid 0x7
    inet 192.168.0.5 netmask 0xffffff00 broadcast 192.168.0.255

    Hope that helps.

    Im not sure how thats going to effect the tunnel and the ssh.
     

Share This Page

9 March 10, 2018