[TriLUG] enabling SSH into private network
Dave Sorenson
dave at logicalgeek.com
Wed Jan 2 09:40:53 EST 2008
Without a domain name you will not be able to do what you want. You could
just use the external IP and access it that way IE ssh me at xxx.xxx.xxx.xxx
-p 2222, 2223 etc..
If you register a domain, set your A record to the external IP of your
internet connection then your connect would be: ssh me at mydomain.com -p
2222, the second machine would be ssh me at mydomain.com -p 2223 lather rinse
repeat.
Dave
>
> Coupla questions about enabling SSH from the internet into a private
> network:
>
> Thanks to donations, I have both my POS boxes (running feisty USE,
> console only) behind a router/firewall. They, and my laptop, are
> stably DHCPing, and can reply to pings from each other, inside that
> network.
>
> Now I need to enable folks to SSH in from outside that network, in
> order to
>
> * enable remote data entry: we've got a lotta DB setup todo
>
> * allow remote access to the POS developers
>
> I've frequently setup SSH on boxes on other networks (not my own) so
> I'm familiar with creating/installing keys etc. My questions are about
> what I need to do to enable the several boxes to accept SSH from
> outside.
>
> I read that I hafta use separate ports in order for the several boxes
> to each be able to accept SSH connections through the firewall.
> Looking around for ports that look (relatively) unused and which are
> mnemonic for the service and the hostnames, I'm thinking of using
> port#s 222x: does that seem reasonable/feasible?
>
> In any case, whatever I use for the port#s, I'll need to open them on
> the firewall: fortunately that seems straightforward.
>
> Then from outside the private network one will need to run
>
> ssh <id>@<FQ hostname> -p <port#>
>
> where <FQ hostname> belongs to one of the boxes on the private
> network. I know how to setup IDs, and port# is discussed above. I'm
> wondering, what do I need to do to publicize the hostnames from the
> private network to the world? Or is there A Better Way to do this?
>
> TIA, Tom Roche <Tom_Roche at pobox.com>
>
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>
More information about the TriLUG
mailing list