Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 11
Hi folks, Server public IP - 220.232.xxx.xxx Server internal IP (router IP) 192.168.0.52 Server hostname - satimis.com domain - satimis.com port 2222 already forward to 192.168.0.52 On Intranet $ ssh ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Guru
    Join Date
    Sep 2004
    Posts
    1,802

    How to remote ssh connect the server via Internet


    Hi folks,


    Server public IP - 220.232.xxx.xxx
    Server internal IP (router IP) 192.168.0.52
    Server hostname - satimis.com
    domain - satimis.com
    port 2222 already forward to 192.168.0.52


    On Intranet
    $ ssh -p2222 192.168.0.52

    can ssh connect the server


    What will be the correct command on Xterm to ssh connect the server on local machine via Internet ?


    Tried follows without result;

    # ssh -p2222 satimis.com
    $ ssh -p2222 220.232.xxx.xxx

    just hanging without connected. Please advise. TIA


    B.R.
    satimis

  2. #2
    Just Joined!
    Join Date
    Jul 2008
    Location
    Sweden, Earth, Milky way
    Posts
    10
    Your syntax is correct.
    Make sure you don't have ALL:ALL in /etc/hosts.deny (if you have one at all). However that would more likely generate an access denied-message.

    Are you sure you can SSH out from the computer you are trying from?
    A simple test is to SSH to localhost from your server. If that work you know it's not the servers fault.

  3. #3
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    682
    Quote Originally Posted by satimis View Post
    port 2222 already forward to 192.168.0.52
    If your server has an publicly routable IP address then no ip forwarding should be required. Try removing that forwarding and seeing what happens. Also, are you trying the external IP from a computer on the Internet? I've seen systems that get upset by attempts to access the external IP from an internal IP

    Incidentally, after redacting the IP address, you gave us the domain name which is effectively the same thing.

    Let us know how you get on,

    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

  4. #4
    Linux Guru
    Join Date
    Sep 2004
    Posts
    1,802
    Hi FireArrow,


    Thanks for your advice.


    Your syntax is correct.
    Make sure you don't have ALL:ALL in /etc/hosts.deny (if you have one at all). However that would more likely generate an access denied-message.
    The line is there.

    Remark: there is another line there
    Code:
    sshd:ALL EXCEPT localhost \
    : spawn /bin/echo `/bin/date` access denied for %a %h>>/var/log/sshd.log
    Comment out the line ALL:ALL and test ssh connection via Internet again.

    $ ssh -p2222 satimis.com
    $ ssh -p 2222 220.232.xxx.xxx


    Still fail only hanging there. On router all ports are forward to the server LAN IP, including Port 2222. Server has been rebooted after making change on hosts.deny


    Are you sure you can SSH out from the computer you are trying from?
    A simple test is to SSH to localhost from your server. If that work you know it's not the servers fault.
    Yes, server can ssh connect local pc for this test.


    B.R.
    satimis

  5. #5
    Linux Guru
    Join Date
    Sep 2004
    Posts
    1,802
    Quote Originally Posted by kakariko81280 View Post
    If your server has an publicly routable IP address then no ip forwarding should be required. Try removing that forwarding and seeing what happens. Also, are you trying the external IP from a computer on the Internet? I've seen systems that get upset by attempts to access the external IP from an internal IP

    Incidentally, after redacting the IP address, you gave us the domain name which is effectively the same thing.

    Let us know how you get on,
    Hi Chris,


    Thanks for your advice.


    This is a test. Recently I finish installing SugarCRM on this LAMP server. It can be connected on browser via Internet on a local PC in the same LAN


    Connection:-
    Server LAN IP 192.168.0.52
    PC IP 192.168.0.10
    on local PC browser run;
    Code:
    https://satimis.com/index.php
    But on local PC Xterm the server can't be ssh connected via Internet.


    If I can't test it in this way. I have only one public IP. What can I do? via a proxy server on Internet?


    TIA


    B.R.
    satimis

  6. #6
    Just Joined!
    Join Date
    Jul 2008
    Location
    Sweden, Earth, Milky way
    Posts
    10
    Quote Originally Posted by satimis View Post
    Remark: there is another line there
    Code:
    sshd:ALL EXCEPT localhost \
    : spawn /bin/echo `/bin/date` access denied for %a %h>>/var/log/sshd.log
    The remaining line basically denies access to the server from ssh from any other computer then localhost.
    You will have to remove (or at least change) those lines to allow you to ssh to the server.

    Try to comment them out and it should work.

  7. #7
    Linux Guru
    Join Date
    Sep 2004
    Posts
    1,802
    Quote Originally Posted by FireArrow View Post
    The remaining line basically denies access to the server from ssh from any other computer then localhost.
    You will have to remove (or at least change) those lines to allow you to ssh to the server.

    Try to comment them out and it should work.
    Hi FireArrow,


    Sorry still fail.


    Steps performed:-

    Delete both lines, no content on this file. Reboot PC.


    $ ssh -p2222 satimis.com
    $ ssh -p2222 220.232.xxx.xxx

    Still hanging there for prolonged time.


    # cat /etc/hosts.allow
    Code:
    sshd: 127.0.0.1
    
    # Domain
    sshd: satimis.com
    
    sshd sshd1 sshd2 : ALL : ALLOW
    
    ALL: satimis.com 192.168.0.10 *.satimis.com localhost.localdomain
    
    imap:   ALL
    imaps:  ALL
    pop3:   ALL
    pop3s:  ALL
    B.R.
    satimis

  8. #8
    Just Joined!
    Join Date
    Jul 2008
    Location
    Sweden, Earth, Milky way
    Posts
    10
    Hi satimis.

    By the looks of your hosts.allow that might also be an issue.
    Try commenting out the first line and see if that works.
    If it doesn't you can always rename the file with
    Code:
    mv /etc/hosts.allow /etc/hosts.allow~
    That really should work.

    Good luck
    FireArrow

  9. #9
    Linux Guru
    Join Date
    Sep 2004
    Posts
    1,802
    Quote Originally Posted by FireArrow View Post
    Hi satimis.

    By the looks of your hosts.allow that might also be an issue.
    Try commenting out the first line and see if that works.
    If it doesn't you can always rename the file with
    Code:
    mv /etc/hosts.allow /etc/hosts.allow~
    That really should work.
    Hi FireArrow,

    After mv both /etc/hosts.allow and /etc/hosts.deny to /etc/hosts.allow~ and /etc/hosts.deny~ respectively. Rebooted PC. Still fail.


    I suspect whether I can test it in this way.


    B.R.
    satimis

  10. #10
    Just Joined!
    Join Date
    Apr 2005
    Posts
    88
    Satimis:
    Can you check whether the port is open using the nmap command on the public IP outside your network.

    Also, you can execute the coomand telnet <IP Address> <Port Number>, just in order to confirm whether the request is getting forwarded on the Port Number and on the IP Addres.....

    Regards,

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •