Log into SSH over the internet

I would like to be able to SSH to my secondary system over the internet to run a remote TTY sessions from college. Is there anyway to achieve this? I would like to basically run a few commands such as run scripts on the host machine.

Yes, it is possible. It’s easy if your internet provider didn’t put your behind an NAT, otherwise harder.

How would I go about this, I’m new to SSH and haven’t used it a whole lot. Do I use the public IP? How would I identify if my ISP has placed me behind a NAT

Well, you need to set up an openssh server on your machine. Then open a port for SSH on your router. And then you should be able to access the SSH server using public_ip:port.

Compare the IP shown on this site and what’s shown as the IP address of the internet facing interface (“WAN”) in your router’s settings.

1 Like

Got it, Thanks

Just small hint, when you set up the forwarding, choose another port than 22.

Like pubip:13142 --> localip:22
(13142 is just an example. Choose something in the range of 10000 to 50000)

Those standard ports like 22 are constantly scanned an checked for vulnerabilities, logon attemtps…

Use ssh keys rather than password authentication
Do not allow root login

If you can limit the client ip-addresses or ip range, do so.


I agree that you should change the port (I recommend something between 30000 and 60000), you could even use port knocking. Adding to the previous comment: look up “ssh hardening”, install fail2ban. Definitely use ssh keys, no password.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.