How to remote ssh connect the server via Internet

[satimis]

Hi folks,


Server public IP - 220.232.xxx.xxx
Server internal IP (router IP) 192.168.0.52
Server hostname - satimis.com
domain - satimis.com
port 2222 already forward to 192.168.0.52


On Intranet
$ ssh -p2222 192.168.0.52

can ssh connect the server


What will be the correct command on Xterm to ssh connect the server on local machine via Internet ?


Tried follows without result;

# ssh -p2222 satimis.com
$ ssh -p2222 220.232.xxx.xxx

just hanging without connected. Please advise. TIA


B.R.
satimis

[FireArrow]

Your syntax is correct.
Make sure you don't have ALL:ALL in /etc/hosts.deny (if you have one at all). However that would more likely generate an access denied-message.

Are you sure you can SSH out from the computer you are trying from?
A simple test is to SSH to localhost from your server. If that work you know it's not the servers fault.

[kakariko81280]

port 2222 already forward to 192.168.0.52

If your server has an publicly routable IP address then no ip forwarding should be required. Try removing that forwarding and seeing what happens. Also, are you trying the external IP from a computer on the Internet? I've seen systems that get upset by attempts to access the external IP from an internal IP

Incidentally, after redacting the IP address, you gave us the domain name which is effectively the same thing.

Let us know how you get on,

Chris...

[satimis]

Hi FireArrow,


Thanks for your advice.

Your syntax is correct.
Make sure you don't have ALL:ALL in /etc/hosts.deny (if you have one at all). However that would more likely generate an access denied-message.

The line is there.

Remark: there is another line there

Code:

sshd:ALL EXCEPT localhost \
: spawn /bin/echo `/bin/date` access denied for %a %h>>/var/log/sshd.log

Comment out the line ALL:ALL and test ssh connection via Internet again.

$ ssh -p2222 satimis.com
$ ssh -p 2222 220.232.xxx.xxx


Still fail only hanging there. On router all ports are forward to the server LAN IP, including Port 2222. Server has been rebooted after making change on hosts.deny

Are you sure you can SSH out from the computer you are trying from?
A simple test is to SSH to localhost from your server. If that work you know it's not the servers fault.

Yes, server can ssh connect local pc for this test.


B.R.
satimis

[satimis]

If your server has an publicly routable IP address then no ip forwarding should be required. Try removing that forwarding and seeing what happens. Also, are you trying the external IP from a computer on the Internet? I've seen systems that get upset by attempts to access the external IP from an internal IP

Incidentally, after redacting the IP address, you gave us the domain name which is effectively the same thing.

Let us know how you get on,

Hi Chris,


Thanks for your advice.


This is a test. Recently I finish installing SugarCRM on this LAMP server. It can be connected on browser via Internet on a local PC in the same LAN


Connection:-
Server LAN IP 192.168.0.52
PC IP 192.168.0.10
on local PC browser run;

Code:

https://satimis.com/index.php

But on local PC Xterm the server can't be ssh connected via Internet.


If I can't test it in this way. I have only one public IP. What can I do? via a proxy server on Internet?


TIA


B.R.
satimis

[FireArrow]

Remark: there is another line there

Code:

sshd:ALL EXCEPT localhost \
: spawn /bin/echo `/bin/date` access denied for %a %h>>/var/log/sshd.log

The remaining line basically denies access to the server from ssh from any other computer then localhost.
You will have to remove (or at least change) those lines to allow you to ssh to the server.

Try to comment them out and it should work.

[satimis]

The remaining line basically denies access to the server from ssh from any other computer then localhost.
You will have to remove (or at least change) those lines to allow you to ssh to the server.

Try to comment them out and it should work.

Hi FireArrow,


Sorry still fail.


Steps performed:-

Delete both lines, no content on this file. Reboot PC.


$ ssh -p2222 satimis.com
$ ssh -p2222 220.232.xxx.xxx

Still hanging there for prolonged time.


# cat /etc/hosts.allow

Code:

sshd: 127.0.0.1

# Domain
sshd: satimis.com

sshd sshd1 sshd2 : ALL : ALLOW

ALL: satimis.com 192.168.0.10 *.satimis.com localhost.localdomain

imap:   ALL
imaps:  ALL
pop3:   ALL
pop3s:  ALL

B.R.
satimis

[FireArrow]

Hi satimis.

By the looks of your hosts.allow that might also be an issue.
Try commenting out the first line and see if that works.
If it doesn't you can always rename the file with

Code:

mv /etc/hosts.allow /etc/hosts.allow~

That really should work.

Good luck
FireArrow

[satimis]

Hi satimis.

By the looks of your hosts.allow that might also be an issue.
Try commenting out the first line and see if that works.
If it doesn't you can always rename the file with

Code:

mv /etc/hosts.allow /etc/hosts.allow~

That really should work.

Hi FireArrow,

After mv both /etc/hosts.allow and /etc/hosts.deny to /etc/hosts.allow~ and /etc/hosts.deny~ respectively. Rebooted PC. Still fail.


I suspect whether I can test it in this way.


B.R.
satimis

[KidCloudWala]

Satimis:
Can you check whether the port is open using the nmap command on the public IP outside your network.

Also, you can execute the coomand telnet <IP Address> <Port Number>, just in order to confirm whether the request is getting forwarded on the Port Number and on the IP Addres.....

Regards,