I would like to be able to SSH to my secondary system over the internet to run a remote TTY sessions from college. Is there anyway to achieve this? I would like to basically run a few commands such as run scripts on the host machine.
Yes, it is possible. It’s easy if your internet provider didn’t put your behind an NAT, otherwise harder.
How would I go about this, I’m new to SSH and haven’t used it a whole lot. Do I use the public IP? How would I identify if my ISP has placed me behind a NAT
Well, you need to set up an openssh server on your machine. Then open a port for SSH on your router. And then you should be able to access the SSH server using public_ip:port.
Compare the IP shown on this site and what’s shown as the IP address of the internet facing interface (“WAN”) in your router’s settings.
1 Like
Got it, Thanks
Just small hint, when you set up the forwarding, choose another port than 22.
Like pubip:13142 --> localip:22
(13142 is just an example. Choose something in the range of 10000 to 50000)
Those standard ports like 22 are constantly scanned an checked for vulnerabilities, logon attemtps…
sshd:
Use ssh keys rather than password authentication
Do not allow root login
firewall:
If you can limit the client ip-addresses or ip range, do so.
3 Likes
I agree that you should change the port (I recommend something between 30000 and 60000), you could even use port knocking. Adding to the previous comment: look up “ssh hardening”, install fail2ban. Definitely use ssh keys, no password.
1 Like
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.